./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product42.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 6b4ec56b Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d8d7808-7b22-4d4f-a93e-0fa5b967f79f/bin/uautomizer-ug76WZFUDN/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d8d7808-7b22-4d4f-a93e-0fa5b967f79f/bin/uautomizer-ug76WZFUDN/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d8d7808-7b22-4d4f-a93e-0fa5b967f79f/bin/uautomizer-ug76WZFUDN/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d8d7808-7b22-4d4f-a93e-0fa5b967f79f/bin/uautomizer-ug76WZFUDN/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product42.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d8d7808-7b22-4d4f-a93e-0fa5b967f79f/bin/uautomizer-ug76WZFUDN/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d8d7808-7b22-4d4f-a93e-0fa5b967f79f/bin/uautomizer-ug76WZFUDN --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 76f5874bdc2210da6be360b9991ed804689b1623a0180577df5607e0ad5d02da --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-6b4ec56 [2022-11-20 11:20:07,178 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-20 11:20:07,182 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-20 11:20:07,225 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-20 11:20:07,230 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-20 11:20:07,235 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-20 11:20:07,238 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-20 11:20:07,242 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-20 11:20:07,245 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-20 11:20:07,253 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-20 11:20:07,256 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-20 11:20:07,259 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-20 11:20:07,260 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-20 11:20:07,268 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-20 11:20:07,271 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-20 11:20:07,273 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-20 11:20:07,276 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-20 11:20:07,278 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-20 11:20:07,280 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-20 11:20:07,283 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-20 11:20:07,285 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-20 11:20:07,287 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-20 11:20:07,288 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-20 11:20:07,290 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-20 11:20:07,294 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-20 11:20:07,301 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-20 11:20:07,302 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-20 11:20:07,303 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-20 11:20:07,304 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-20 11:20:07,305 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-20 11:20:07,307 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-20 11:20:07,308 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-20 11:20:07,309 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-20 11:20:07,310 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-20 11:20:07,311 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-20 11:20:07,312 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-20 11:20:07,313 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-20 11:20:07,313 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-20 11:20:07,313 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-20 11:20:07,314 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-20 11:20:07,315 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-20 11:20:07,317 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d8d7808-7b22-4d4f-a93e-0fa5b967f79f/bin/uautomizer-ug76WZFUDN/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-11-20 11:20:07,345 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-20 11:20:07,345 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-20 11:20:07,345 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-20 11:20:07,346 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-20 11:20:07,346 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-20 11:20:07,347 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-20 11:20:07,348 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-11-20 11:20:07,348 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-11-20 11:20:07,348 INFO L138 SettingsManager]: * Use SBE=true [2022-11-20 11:20:07,349 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-20 11:20:07,349 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-20 11:20:07,349 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-20 11:20:07,349 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-20 11:20:07,350 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-20 11:20:07,350 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-20 11:20:07,350 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-20 11:20:07,350 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-20 11:20:07,351 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-20 11:20:07,351 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-20 11:20:07,351 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-20 11:20:07,351 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-20 11:20:07,352 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-20 11:20:07,352 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-11-20 11:20:07,352 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-20 11:20:07,352 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-20 11:20:07,353 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-20 11:20:07,353 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-20 11:20:07,353 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-20 11:20:07,353 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-11-20 11:20:07,354 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-20 11:20:07,354 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-11-20 11:20:07,354 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-11-20 11:20:07,354 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-20 11:20:07,355 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d8d7808-7b22-4d4f-a93e-0fa5b967f79f/bin/uautomizer-ug76WZFUDN/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d8d7808-7b22-4d4f-a93e-0fa5b967f79f/bin/uautomizer-ug76WZFUDN Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 76f5874bdc2210da6be360b9991ed804689b1623a0180577df5607e0ad5d02da [2022-11-20 11:20:07,630 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-20 11:20:07,670 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-20 11:20:07,673 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-20 11:20:07,675 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-20 11:20:07,676 INFO L275 PluginConnector]: CDTParser initialized [2022-11-20 11:20:07,677 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d8d7808-7b22-4d4f-a93e-0fa5b967f79f/bin/uautomizer-ug76WZFUDN/../../sv-benchmarks/c/product-lines/minepump_spec5_product42.cil.c [2022-11-20 11:20:11,387 INFO L500 CDTParser]: Created temporary CDT project at NULL [2022-11-20 11:20:11,678 INFO L351 CDTParser]: Found 1 translation units. [2022-11-20 11:20:11,679 INFO L172 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d8d7808-7b22-4d4f-a93e-0fa5b967f79f/sv-benchmarks/c/product-lines/minepump_spec5_product42.cil.c [2022-11-20 11:20:11,694 INFO L394 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d8d7808-7b22-4d4f-a93e-0fa5b967f79f/bin/uautomizer-ug76WZFUDN/data/876f22a94/9d94485f3bc0441d9a5b1739b0ead5a4/FLAG948378cd5 [2022-11-20 11:20:11,712 INFO L402 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d8d7808-7b22-4d4f-a93e-0fa5b967f79f/bin/uautomizer-ug76WZFUDN/data/876f22a94/9d94485f3bc0441d9a5b1739b0ead5a4 [2022-11-20 11:20:11,715 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-20 11:20:11,717 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-20 11:20:11,718 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-20 11:20:11,719 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-20 11:20:11,723 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-20 11:20:11,724 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.11 11:20:11" (1/1) ... [2022-11-20 11:20:11,726 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@3245187 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:20:11, skipping insertion in model container [2022-11-20 11:20:11,726 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.11 11:20:11" (1/1) ... [2022-11-20 11:20:11,736 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-20 11:20:11,784 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-20 11:20:12,033 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d8d7808-7b22-4d4f-a93e-0fa5b967f79f/sv-benchmarks/c/product-lines/minepump_spec5_product42.cil.c[3693,3706] [2022-11-20 11:20:12,133 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-20 11:20:12,147 INFO L203 MainTranslator]: Completed pre-run [2022-11-20 11:20:12,172 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d8d7808-7b22-4d4f-a93e-0fa5b967f79f/sv-benchmarks/c/product-lines/minepump_spec5_product42.cil.c[3693,3706] [2022-11-20 11:20:12,232 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-20 11:20:12,254 INFO L208 MainTranslator]: Completed translation [2022-11-20 11:20:12,254 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:20:12 WrapperNode [2022-11-20 11:20:12,255 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-20 11:20:12,256 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-20 11:20:12,256 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-20 11:20:12,257 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-20 11:20:12,266 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:20:12" (1/1) ... [2022-11-20 11:20:12,282 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:20:12" (1/1) ... [2022-11-20 11:20:12,314 INFO L138 Inliner]: procedures = 56, calls = 99, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 198 [2022-11-20 11:20:12,315 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-20 11:20:12,316 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-20 11:20:12,316 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-20 11:20:12,316 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-20 11:20:12,328 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:20:12" (1/1) ... [2022-11-20 11:20:12,328 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:20:12" (1/1) ... [2022-11-20 11:20:12,331 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:20:12" (1/1) ... [2022-11-20 11:20:12,331 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:20:12" (1/1) ... [2022-11-20 11:20:12,338 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:20:12" (1/1) ... [2022-11-20 11:20:12,344 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:20:12" (1/1) ... [2022-11-20 11:20:12,346 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:20:12" (1/1) ... [2022-11-20 11:20:12,348 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:20:12" (1/1) ... [2022-11-20 11:20:12,351 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-20 11:20:12,367 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-20 11:20:12,367 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-20 11:20:12,368 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-20 11:20:12,369 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:20:12" (1/1) ... [2022-11-20 11:20:12,377 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-20 11:20:12,392 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d8d7808-7b22-4d4f-a93e-0fa5b967f79f/bin/uautomizer-ug76WZFUDN/z3 [2022-11-20 11:20:12,409 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d8d7808-7b22-4d4f-a93e-0fa5b967f79f/bin/uautomizer-ug76WZFUDN/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-20 11:20:12,443 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d8d7808-7b22-4d4f-a93e-0fa5b967f79f/bin/uautomizer-ug76WZFUDN/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-20 11:20:12,472 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-20 11:20:12,472 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-20 11:20:12,473 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-20 11:20:12,473 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-20 11:20:12,473 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-20 11:20:12,473 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-20 11:20:12,473 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-20 11:20:12,474 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-20 11:20:12,475 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-20 11:20:12,475 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-11-20 11:20:12,475 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-11-20 11:20:12,476 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-20 11:20:12,476 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-20 11:20:12,476 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-20 11:20:12,476 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-20 11:20:12,477 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-20 11:20:12,620 INFO L235 CfgBuilder]: Building ICFG [2022-11-20 11:20:12,623 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-20 11:20:12,965 INFO L276 CfgBuilder]: Performing block encoding [2022-11-20 11:20:12,974 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-20 11:20:12,975 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-20 11:20:12,977 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.11 11:20:12 BoogieIcfgContainer [2022-11-20 11:20:12,977 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-20 11:20:12,980 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-20 11:20:12,980 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-20 11:20:12,984 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-20 11:20:12,984 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.11 11:20:11" (1/3) ... [2022-11-20 11:20:12,985 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2a9f2d29 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.11 11:20:12, skipping insertion in model container [2022-11-20 11:20:12,985 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:20:12" (2/3) ... [2022-11-20 11:20:12,986 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2a9f2d29 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.11 11:20:12, skipping insertion in model container [2022-11-20 11:20:12,986 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.11 11:20:12" (3/3) ... [2022-11-20 11:20:12,988 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product42.cil.c [2022-11-20 11:20:13,011 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-20 11:20:13,011 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-20 11:20:13,081 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-20 11:20:13,088 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@61ecd857, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-20 11:20:13,088 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-20 11:20:13,094 INFO L276 IsEmpty]: Start isEmpty. Operand has 85 states, 67 states have (on average 1.373134328358209) internal successors, (92), 73 states have internal predecessors, (92), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-11-20 11:20:13,106 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2022-11-20 11:20:13,106 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 11:20:13,107 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 11:20:13,108 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 11:20:13,115 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 11:20:13,115 INFO L85 PathProgramCache]: Analyzing trace with hash -690410843, now seen corresponding path program 1 times [2022-11-20 11:20:13,128 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 11:20:13,129 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [529697097] [2022-11-20 11:20:13,129 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 11:20:13,130 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 11:20:13,273 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:13,379 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-11-20 11:20:13,383 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:13,390 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-11-20 11:20:13,393 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:13,397 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-20 11:20:13,398 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 11:20:13,398 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [529697097] [2022-11-20 11:20:13,399 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [529697097] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 11:20:13,399 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 11:20:13,400 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-20 11:20:13,402 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [157652753] [2022-11-20 11:20:13,403 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 11:20:13,408 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-20 11:20:13,409 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 11:20:13,453 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-20 11:20:13,454 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-20 11:20:13,456 INFO L87 Difference]: Start difference. First operand has 85 states, 67 states have (on average 1.373134328358209) internal successors, (92), 73 states have internal predecessors, (92), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-20 11:20:13,499 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 11:20:13,499 INFO L93 Difference]: Finished difference Result 161 states and 218 transitions. [2022-11-20 11:20:13,500 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-20 11:20:13,502 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2022-11-20 11:20:13,502 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 11:20:13,522 INFO L225 Difference]: With dead ends: 161 [2022-11-20 11:20:13,523 INFO L226 Difference]: Without dead ends: 76 [2022-11-20 11:20:13,527 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-20 11:20:13,556 INFO L413 NwaCegarLoop]: 106 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 106 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-20 11:20:13,557 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 106 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-20 11:20:13,575 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 76 states. [2022-11-20 11:20:13,617 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 76 to 76. [2022-11-20 11:20:13,619 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 76 states, 60 states have (on average 1.3) internal successors, (78), 65 states have internal predecessors, (78), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-20 11:20:13,622 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 76 states to 76 states and 97 transitions. [2022-11-20 11:20:13,624 INFO L78 Accepts]: Start accepts. Automaton has 76 states and 97 transitions. Word has length 32 [2022-11-20 11:20:13,625 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 11:20:13,625 INFO L495 AbstractCegarLoop]: Abstraction has 76 states and 97 transitions. [2022-11-20 11:20:13,625 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-20 11:20:13,626 INFO L276 IsEmpty]: Start isEmpty. Operand 76 states and 97 transitions. [2022-11-20 11:20:13,628 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-11-20 11:20:13,628 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 11:20:13,629 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 11:20:13,629 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-20 11:20:13,629 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 11:20:13,630 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 11:20:13,631 INFO L85 PathProgramCache]: Analyzing trace with hash 1965939987, now seen corresponding path program 1 times [2022-11-20 11:20:13,631 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 11:20:13,631 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [766903184] [2022-11-20 11:20:13,631 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 11:20:13,632 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 11:20:13,662 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:13,863 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-11-20 11:20:13,870 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:13,877 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2022-11-20 11:20:13,882 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:13,897 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-20 11:20:13,897 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 11:20:13,898 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [766903184] [2022-11-20 11:20:13,898 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [766903184] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 11:20:13,898 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 11:20:13,898 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-20 11:20:13,899 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [772418663] [2022-11-20 11:20:13,899 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 11:20:13,900 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-20 11:20:13,901 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 11:20:13,901 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-20 11:20:13,905 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-20 11:20:13,906 INFO L87 Difference]: Start difference. First operand 76 states and 97 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-20 11:20:13,940 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 11:20:13,942 INFO L93 Difference]: Finished difference Result 116 states and 148 transitions. [2022-11-20 11:20:13,944 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-20 11:20:13,945 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2022-11-20 11:20:13,945 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 11:20:13,946 INFO L225 Difference]: With dead ends: 116 [2022-11-20 11:20:13,956 INFO L226 Difference]: Without dead ends: 67 [2022-11-20 11:20:13,957 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-20 11:20:13,959 INFO L413 NwaCegarLoop]: 84 mSDtfsCounter, 13 mSDsluCounter, 67 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 151 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-20 11:20:13,959 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [16 Valid, 151 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-20 11:20:13,960 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 67 states. [2022-11-20 11:20:13,974 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 67 to 67. [2022-11-20 11:20:13,974 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 67 states, 54 states have (on average 1.3148148148148149) internal successors, (71), 59 states have internal predecessors, (71), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-11-20 11:20:13,976 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 67 states to 67 states and 85 transitions. [2022-11-20 11:20:13,977 INFO L78 Accepts]: Start accepts. Automaton has 67 states and 85 transitions. Word has length 33 [2022-11-20 11:20:13,977 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 11:20:13,977 INFO L495 AbstractCegarLoop]: Abstraction has 67 states and 85 transitions. [2022-11-20 11:20:13,978 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-20 11:20:13,978 INFO L276 IsEmpty]: Start isEmpty. Operand 67 states and 85 transitions. [2022-11-20 11:20:13,979 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-11-20 11:20:13,980 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 11:20:13,980 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 11:20:13,980 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-20 11:20:13,980 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 11:20:13,981 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 11:20:13,981 INFO L85 PathProgramCache]: Analyzing trace with hash -1695410136, now seen corresponding path program 1 times [2022-11-20 11:20:13,982 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 11:20:13,982 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1942023982] [2022-11-20 11:20:13,982 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 11:20:13,987 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 11:20:14,035 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:14,250 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-20 11:20:14,254 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:14,259 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2022-11-20 11:20:14,261 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:14,264 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-20 11:20:14,264 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 11:20:14,265 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1942023982] [2022-11-20 11:20:14,265 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1942023982] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 11:20:14,265 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 11:20:14,265 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-20 11:20:14,266 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1680345269] [2022-11-20 11:20:14,266 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 11:20:14,278 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-20 11:20:14,278 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 11:20:14,279 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-20 11:20:14,279 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-20 11:20:14,279 INFO L87 Difference]: Start difference. First operand 67 states and 85 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-20 11:20:14,368 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 11:20:14,369 INFO L93 Difference]: Finished difference Result 126 states and 163 transitions. [2022-11-20 11:20:14,371 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-20 11:20:14,371 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2022-11-20 11:20:14,372 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 11:20:14,373 INFO L225 Difference]: With dead ends: 126 [2022-11-20 11:20:14,373 INFO L226 Difference]: Without dead ends: 67 [2022-11-20 11:20:14,374 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-11-20 11:20:14,376 INFO L413 NwaCegarLoop]: 78 mSDtfsCounter, 108 mSDsluCounter, 122 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 108 SdHoareTripleChecker+Valid, 200 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-20 11:20:14,377 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [108 Valid, 200 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-20 11:20:14,378 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 67 states. [2022-11-20 11:20:14,408 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 67 to 67. [2022-11-20 11:20:14,409 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 67 states, 54 states have (on average 1.2962962962962963) internal successors, (70), 59 states have internal predecessors, (70), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-11-20 11:20:14,411 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 67 states to 67 states and 84 transitions. [2022-11-20 11:20:14,411 INFO L78 Accepts]: Start accepts. Automaton has 67 states and 84 transitions. Word has length 38 [2022-11-20 11:20:14,413 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 11:20:14,413 INFO L495 AbstractCegarLoop]: Abstraction has 67 states and 84 transitions. [2022-11-20 11:20:14,413 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-20 11:20:14,414 INFO L276 IsEmpty]: Start isEmpty. Operand 67 states and 84 transitions. [2022-11-20 11:20:14,418 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2022-11-20 11:20:14,423 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 11:20:14,423 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 11:20:14,424 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-20 11:20:14,425 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 11:20:14,426 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 11:20:14,426 INFO L85 PathProgramCache]: Analyzing trace with hash 610140587, now seen corresponding path program 1 times [2022-11-20 11:20:14,427 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 11:20:14,428 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [460206446] [2022-11-20 11:20:14,429 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 11:20:14,429 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 11:20:14,470 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:14,556 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-20 11:20:14,559 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:14,563 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-20 11:20:14,565 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:14,567 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2022-11-20 11:20:14,569 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:14,571 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-20 11:20:14,571 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 11:20:14,572 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [460206446] [2022-11-20 11:20:14,572 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [460206446] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 11:20:14,572 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 11:20:14,573 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-20 11:20:14,573 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [409965813] [2022-11-20 11:20:14,573 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 11:20:14,574 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-20 11:20:14,574 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 11:20:14,575 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-20 11:20:14,575 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-20 11:20:14,576 INFO L87 Difference]: Start difference. First operand 67 states and 84 transitions. Second operand has 3 states, 3 states have (on average 11.333333333333334) internal successors, (34), 3 states have internal predecessors, (34), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-20 11:20:14,636 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 11:20:14,637 INFO L93 Difference]: Finished difference Result 171 states and 219 transitions. [2022-11-20 11:20:14,637 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-20 11:20:14,638 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.333333333333334) internal successors, (34), 3 states have internal predecessors, (34), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 43 [2022-11-20 11:20:14,638 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 11:20:14,640 INFO L225 Difference]: With dead ends: 171 [2022-11-20 11:20:14,640 INFO L226 Difference]: Without dead ends: 112 [2022-11-20 11:20:14,642 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-20 11:20:14,644 INFO L413 NwaCegarLoop]: 93 mSDtfsCounter, 52 mSDsluCounter, 57 mSDsCounter, 0 mSdLazyCounter, 7 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 52 SdHoareTripleChecker+Valid, 150 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 7 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-20 11:20:14,645 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [52 Valid, 150 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 7 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-20 11:20:14,646 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 112 states. [2022-11-20 11:20:14,680 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 112 to 110. [2022-11-20 11:20:14,687 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 110 states, 87 states have (on average 1.2873563218390804) internal successors, (112), 94 states have internal predecessors, (112), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (14), 12 states have call predecessors, (14), 12 states have call successors, (14) [2022-11-20 11:20:14,692 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 110 states to 110 states and 138 transitions. [2022-11-20 11:20:14,701 INFO L78 Accepts]: Start accepts. Automaton has 110 states and 138 transitions. Word has length 43 [2022-11-20 11:20:14,701 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 11:20:14,702 INFO L495 AbstractCegarLoop]: Abstraction has 110 states and 138 transitions. [2022-11-20 11:20:14,702 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.333333333333334) internal successors, (34), 3 states have internal predecessors, (34), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-20 11:20:14,702 INFO L276 IsEmpty]: Start isEmpty. Operand 110 states and 138 transitions. [2022-11-20 11:20:14,704 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2022-11-20 11:20:14,704 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 11:20:14,705 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 11:20:14,705 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-20 11:20:14,705 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 11:20:14,706 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 11:20:14,714 INFO L85 PathProgramCache]: Analyzing trace with hash 1028234707, now seen corresponding path program 1 times [2022-11-20 11:20:14,714 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 11:20:14,715 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [680250977] [2022-11-20 11:20:14,715 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 11:20:14,715 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 11:20:14,743 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:14,963 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-20 11:20:14,966 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:14,969 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2022-11-20 11:20:14,971 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:14,973 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 41 [2022-11-20 11:20:14,975 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:14,992 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-20 11:20:14,992 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 11:20:14,992 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [680250977] [2022-11-20 11:20:14,993 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [680250977] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 11:20:14,993 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 11:20:14,993 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-20 11:20:14,994 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [6928087] [2022-11-20 11:20:14,994 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 11:20:14,995 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-20 11:20:14,995 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 11:20:14,996 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-20 11:20:14,996 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-20 11:20:14,996 INFO L87 Difference]: Start difference. First operand 110 states and 138 transitions. Second operand has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-11-20 11:20:15,221 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 11:20:15,221 INFO L93 Difference]: Finished difference Result 217 states and 276 transitions. [2022-11-20 11:20:15,222 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-11-20 11:20:15,222 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 49 [2022-11-20 11:20:15,223 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 11:20:15,224 INFO L225 Difference]: With dead ends: 217 [2022-11-20 11:20:15,225 INFO L226 Difference]: Without dead ends: 115 [2022-11-20 11:20:15,226 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-11-20 11:20:15,228 INFO L413 NwaCegarLoop]: 95 mSDtfsCounter, 37 mSDsluCounter, 310 mSDsCounter, 0 mSdLazyCounter, 50 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 38 SdHoareTripleChecker+Valid, 405 SdHoareTripleChecker+Invalid, 53 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 50 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-20 11:20:15,229 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [38 Valid, 405 Invalid, 53 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 50 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-20 11:20:15,230 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 115 states. [2022-11-20 11:20:15,248 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 115 to 109. [2022-11-20 11:20:15,249 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 109 states, 86 states have (on average 1.2674418604651163) internal successors, (109), 93 states have internal predecessors, (109), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (14), 12 states have call predecessors, (14), 12 states have call successors, (14) [2022-11-20 11:20:15,251 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 109 states to 109 states and 135 transitions. [2022-11-20 11:20:15,252 INFO L78 Accepts]: Start accepts. Automaton has 109 states and 135 transitions. Word has length 49 [2022-11-20 11:20:15,252 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 11:20:15,252 INFO L495 AbstractCegarLoop]: Abstraction has 109 states and 135 transitions. [2022-11-20 11:20:15,253 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-11-20 11:20:15,253 INFO L276 IsEmpty]: Start isEmpty. Operand 109 states and 135 transitions. [2022-11-20 11:20:15,255 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2022-11-20 11:20:15,255 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 11:20:15,255 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 11:20:15,256 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-20 11:20:15,256 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 11:20:15,256 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 11:20:15,257 INFO L85 PathProgramCache]: Analyzing trace with hash -2048289411, now seen corresponding path program 1 times [2022-11-20 11:20:15,257 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 11:20:15,257 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [147970313] [2022-11-20 11:20:15,258 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 11:20:15,258 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 11:20:15,309 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:15,445 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-20 11:20:15,446 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:15,448 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2022-11-20 11:20:15,450 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:15,458 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-20 11:20:15,458 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 11:20:15,459 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [147970313] [2022-11-20 11:20:15,459 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [147970313] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 11:20:15,459 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 11:20:15,459 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-20 11:20:15,460 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1497969223] [2022-11-20 11:20:15,460 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 11:20:15,462 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-20 11:20:15,464 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 11:20:15,466 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-20 11:20:15,466 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-20 11:20:15,467 INFO L87 Difference]: Start difference. First operand 109 states and 135 transitions. Second operand has 5 states, 5 states have (on average 8.8) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-20 11:20:15,535 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 11:20:15,536 INFO L93 Difference]: Finished difference Result 234 states and 298 transitions. [2022-11-20 11:20:15,536 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-11-20 11:20:15,537 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.8) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 51 [2022-11-20 11:20:15,538 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 11:20:15,543 INFO L225 Difference]: With dead ends: 234 [2022-11-20 11:20:15,543 INFO L226 Difference]: Without dead ends: 133 [2022-11-20 11:20:15,551 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-11-20 11:20:15,556 INFO L413 NwaCegarLoop]: 97 mSDtfsCounter, 33 mSDsluCounter, 251 mSDsCounter, 0 mSdLazyCounter, 13 mSolverCounterSat, 7 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 35 SdHoareTripleChecker+Valid, 348 SdHoareTripleChecker+Invalid, 20 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 7 IncrementalHoareTripleChecker+Valid, 13 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-20 11:20:15,564 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [35 Valid, 348 Invalid, 20 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [7 Valid, 13 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-20 11:20:15,565 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 133 states. [2022-11-20 11:20:15,603 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 133 to 112. [2022-11-20 11:20:15,604 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 112 states, 89 states have (on average 1.2584269662921348) internal successors, (112), 96 states have internal predecessors, (112), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (14), 12 states have call predecessors, (14), 12 states have call successors, (14) [2022-11-20 11:20:15,606 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 112 states to 112 states and 138 transitions. [2022-11-20 11:20:15,606 INFO L78 Accepts]: Start accepts. Automaton has 112 states and 138 transitions. Word has length 51 [2022-11-20 11:20:15,607 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 11:20:15,607 INFO L495 AbstractCegarLoop]: Abstraction has 112 states and 138 transitions. [2022-11-20 11:20:15,607 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.8) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-20 11:20:15,607 INFO L276 IsEmpty]: Start isEmpty. Operand 112 states and 138 transitions. [2022-11-20 11:20:15,609 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2022-11-20 11:20:15,609 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 11:20:15,609 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 11:20:15,610 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-20 11:20:15,610 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 11:20:15,610 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 11:20:15,611 INFO L85 PathProgramCache]: Analyzing trace with hash -1625587585, now seen corresponding path program 1 times [2022-11-20 11:20:15,618 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 11:20:15,618 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1527795532] [2022-11-20 11:20:15,619 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 11:20:15,619 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 11:20:15,634 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:15,695 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-20 11:20:15,697 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:15,699 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2022-11-20 11:20:15,700 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:15,702 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-20 11:20:15,702 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 11:20:15,702 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1527795532] [2022-11-20 11:20:15,703 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1527795532] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 11:20:15,703 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 11:20:15,703 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-20 11:20:15,703 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1893523546] [2022-11-20 11:20:15,704 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 11:20:15,704 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-20 11:20:15,704 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 11:20:15,705 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-20 11:20:15,705 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-20 11:20:15,705 INFO L87 Difference]: Start difference. First operand 112 states and 138 transitions. Second operand has 4 states, 4 states have (on average 11.0) internal successors, (44), 4 states have internal predecessors, (44), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-20 11:20:15,745 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 11:20:15,746 INFO L93 Difference]: Finished difference Result 232 states and 293 transitions. [2022-11-20 11:20:15,746 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-11-20 11:20:15,747 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 11.0) internal successors, (44), 4 states have internal predecessors, (44), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 51 [2022-11-20 11:20:15,747 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 11:20:15,749 INFO L225 Difference]: With dead ends: 232 [2022-11-20 11:20:15,749 INFO L226 Difference]: Without dead ends: 128 [2022-11-20 11:20:15,750 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-20 11:20:15,751 INFO L413 NwaCegarLoop]: 86 mSDtfsCounter, 27 mSDsluCounter, 160 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 27 SdHoareTripleChecker+Valid, 246 SdHoareTripleChecker+Invalid, 13 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-20 11:20:15,751 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [27 Valid, 246 Invalid, 13 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-20 11:20:15,752 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 128 states. [2022-11-20 11:20:15,771 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 128 to 114. [2022-11-20 11:20:15,772 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 114 states, 91 states have (on average 1.2527472527472527) internal successors, (114), 98 states have internal predecessors, (114), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (14), 12 states have call predecessors, (14), 12 states have call successors, (14) [2022-11-20 11:20:15,773 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 114 states to 114 states and 140 transitions. [2022-11-20 11:20:15,773 INFO L78 Accepts]: Start accepts. Automaton has 114 states and 140 transitions. Word has length 51 [2022-11-20 11:20:15,774 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 11:20:15,774 INFO L495 AbstractCegarLoop]: Abstraction has 114 states and 140 transitions. [2022-11-20 11:20:15,774 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 11.0) internal successors, (44), 4 states have internal predecessors, (44), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-20 11:20:15,775 INFO L276 IsEmpty]: Start isEmpty. Operand 114 states and 140 transitions. [2022-11-20 11:20:15,776 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2022-11-20 11:20:15,776 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 11:20:15,776 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 11:20:15,777 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-20 11:20:15,777 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 11:20:15,778 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 11:20:15,778 INFO L85 PathProgramCache]: Analyzing trace with hash 863941377, now seen corresponding path program 1 times [2022-11-20 11:20:15,778 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 11:20:15,778 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [933405380] [2022-11-20 11:20:15,779 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 11:20:15,779 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 11:20:15,795 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:15,876 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-20 11:20:15,878 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:15,882 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2022-11-20 11:20:15,883 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:15,886 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-20 11:20:15,886 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 11:20:15,886 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [933405380] [2022-11-20 11:20:15,887 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [933405380] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 11:20:15,887 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 11:20:15,887 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-20 11:20:15,887 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [108989511] [2022-11-20 11:20:15,888 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 11:20:15,888 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-20 11:20:15,888 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 11:20:15,889 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-20 11:20:15,890 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-20 11:20:15,890 INFO L87 Difference]: Start difference. First operand 114 states and 140 transitions. Second operand has 3 states, 3 states have (on average 14.666666666666666) internal successors, (44), 3 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-20 11:20:15,936 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 11:20:15,937 INFO L93 Difference]: Finished difference Result 266 states and 331 transitions. [2022-11-20 11:20:15,937 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-20 11:20:15,937 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 14.666666666666666) internal successors, (44), 3 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 51 [2022-11-20 11:20:15,940 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 11:20:15,944 INFO L225 Difference]: With dead ends: 266 [2022-11-20 11:20:15,944 INFO L226 Difference]: Without dead ends: 160 [2022-11-20 11:20:15,945 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-20 11:20:15,946 INFO L413 NwaCegarLoop]: 89 mSDtfsCounter, 35 mSDsluCounter, 70 mSDsCounter, 0 mSdLazyCounter, 10 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 35 SdHoareTripleChecker+Valid, 159 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 10 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-20 11:20:15,947 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [35 Valid, 159 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 10 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-20 11:20:15,949 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 160 states. [2022-11-20 11:20:15,996 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 160 to 160. [2022-11-20 11:20:15,999 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 160 states, 127 states have (on average 1.2283464566929134) internal successors, (156), 135 states have internal predecessors, (156), 18 states have call successors, (18), 15 states have call predecessors, (18), 14 states have return successors, (20), 17 states have call predecessors, (20), 18 states have call successors, (20) [2022-11-20 11:20:16,002 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 160 states to 160 states and 194 transitions. [2022-11-20 11:20:16,002 INFO L78 Accepts]: Start accepts. Automaton has 160 states and 194 transitions. Word has length 51 [2022-11-20 11:20:16,003 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 11:20:16,003 INFO L495 AbstractCegarLoop]: Abstraction has 160 states and 194 transitions. [2022-11-20 11:20:16,003 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 14.666666666666666) internal successors, (44), 3 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-20 11:20:16,004 INFO L276 IsEmpty]: Start isEmpty. Operand 160 states and 194 transitions. [2022-11-20 11:20:16,015 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2022-11-20 11:20:16,015 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 11:20:16,016 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 11:20:16,016 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-11-20 11:20:16,016 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 11:20:16,021 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 11:20:16,022 INFO L85 PathProgramCache]: Analyzing trace with hash 159207591, now seen corresponding path program 1 times [2022-11-20 11:20:16,022 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 11:20:16,022 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [22092067] [2022-11-20 11:20:16,023 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 11:20:16,023 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 11:20:16,057 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:16,358 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-20 11:20:16,362 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:16,434 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-11-20 11:20:16,437 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:16,443 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2022-11-20 11:20:16,445 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:16,449 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-20 11:20:16,450 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 11:20:16,450 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [22092067] [2022-11-20 11:20:16,450 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [22092067] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 11:20:16,450 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 11:20:16,451 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-11-20 11:20:16,451 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1525094044] [2022-11-20 11:20:16,451 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 11:20:16,454 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-20 11:20:16,454 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 11:20:16,455 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-20 11:20:16,455 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2022-11-20 11:20:16,456 INFO L87 Difference]: Start difference. First operand 160 states and 194 transitions. Second operand has 8 states, 8 states have (on average 5.75) internal successors, (46), 7 states have internal predecessors, (46), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-20 11:20:17,041 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 11:20:17,041 INFO L93 Difference]: Finished difference Result 540 states and 679 transitions. [2022-11-20 11:20:17,042 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2022-11-20 11:20:17,042 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 5.75) internal successors, (46), 7 states have internal predecessors, (46), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 55 [2022-11-20 11:20:17,044 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 11:20:17,049 INFO L225 Difference]: With dead ends: 540 [2022-11-20 11:20:17,050 INFO L226 Difference]: Without dead ends: 434 [2022-11-20 11:20:17,052 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 22 GetRequests, 7 SyntacticMatches, 1 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 24 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=56, Invalid=184, Unknown=0, NotChecked=0, Total=240 [2022-11-20 11:20:17,055 INFO L413 NwaCegarLoop]: 116 mSDtfsCounter, 223 mSDsluCounter, 509 mSDsCounter, 0 mSdLazyCounter, 299 mSolverCounterSat, 50 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 232 SdHoareTripleChecker+Valid, 625 SdHoareTripleChecker+Invalid, 349 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 50 IncrementalHoareTripleChecker+Valid, 299 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-20 11:20:17,056 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [232 Valid, 625 Invalid, 349 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [50 Valid, 299 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-20 11:20:17,057 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 434 states. [2022-11-20 11:20:17,135 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 434 to 400. [2022-11-20 11:20:17,137 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 400 states, 319 states have (on average 1.2163009404388714) internal successors, (388), 341 states have internal predecessors, (388), 44 states have call successors, (44), 33 states have call predecessors, (44), 36 states have return successors, (54), 42 states have call predecessors, (54), 44 states have call successors, (54) [2022-11-20 11:20:17,141 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 400 states to 400 states and 486 transitions. [2022-11-20 11:20:17,141 INFO L78 Accepts]: Start accepts. Automaton has 400 states and 486 transitions. Word has length 55 [2022-11-20 11:20:17,142 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 11:20:17,142 INFO L495 AbstractCegarLoop]: Abstraction has 400 states and 486 transitions. [2022-11-20 11:20:17,142 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 5.75) internal successors, (46), 7 states have internal predecessors, (46), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-20 11:20:17,143 INFO L276 IsEmpty]: Start isEmpty. Operand 400 states and 486 transitions. [2022-11-20 11:20:17,145 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 88 [2022-11-20 11:20:17,146 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 11:20:17,146 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 11:20:17,146 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2022-11-20 11:20:17,147 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 11:20:17,147 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 11:20:17,147 INFO L85 PathProgramCache]: Analyzing trace with hash -2045084638, now seen corresponding path program 1 times [2022-11-20 11:20:17,148 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 11:20:17,148 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [552331869] [2022-11-20 11:20:17,148 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 11:20:17,148 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 11:20:17,187 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:17,412 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-20 11:20:17,414 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:17,432 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2022-11-20 11:20:17,438 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:17,467 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-20 11:20:17,469 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:17,481 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 61 [2022-11-20 11:20:17,483 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:17,505 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 72 [2022-11-20 11:20:17,507 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:17,511 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 79 [2022-11-20 11:20:17,512 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:17,517 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 18 proven. 7 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2022-11-20 11:20:17,521 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 11:20:17,522 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [552331869] [2022-11-20 11:20:17,522 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [552331869] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-20 11:20:17,522 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1357186938] [2022-11-20 11:20:17,523 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 11:20:17,523 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-20 11:20:17,525 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d8d7808-7b22-4d4f-a93e-0fa5b967f79f/bin/uautomizer-ug76WZFUDN/z3 [2022-11-20 11:20:17,531 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d8d7808-7b22-4d4f-a93e-0fa5b967f79f/bin/uautomizer-ug76WZFUDN/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-20 11:20:17,552 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d8d7808-7b22-4d4f-a93e-0fa5b967f79f/bin/uautomizer-ug76WZFUDN/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-20 11:20:17,664 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:20:17,668 INFO L263 TraceCheckSpWp]: Trace formula consists of 316 conjuncts, 8 conjunts are in the unsatisfiable core [2022-11-20 11:20:17,678 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-20 11:20:17,926 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 23 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-20 11:20:17,927 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-20 11:20:18,204 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 19 proven. 6 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2022-11-20 11:20:18,204 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1357186938] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-20 11:20:18,205 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-20 11:20:18,205 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2022-11-20 11:20:18,205 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1065009329] [2022-11-20 11:20:18,205 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-20 11:20:18,207 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2022-11-20 11:20:18,207 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 11:20:18,208 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2022-11-20 11:20:18,208 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=35, Invalid=175, Unknown=0, NotChecked=0, Total=210 [2022-11-20 11:20:18,209 INFO L87 Difference]: Start difference. First operand 400 states and 486 transitions. Second operand has 15 states, 15 states have (on average 7.2) internal successors, (108), 11 states have internal predecessors, (108), 5 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 5 states have call successors, (13) [2022-11-20 11:20:19,084 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 11:20:19,085 INFO L93 Difference]: Finished difference Result 641 states and 804 transitions. [2022-11-20 11:20:19,086 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2022-11-20 11:20:19,087 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 7.2) internal successors, (108), 11 states have internal predecessors, (108), 5 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 5 states have call successors, (13) Word has length 87 [2022-11-20 11:20:19,089 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 11:20:19,089 INFO L225 Difference]: With dead ends: 641 [2022-11-20 11:20:19,090 INFO L226 Difference]: Without dead ends: 0 [2022-11-20 11:20:19,092 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 219 GetRequests, 186 SyntacticMatches, 4 SemanticMatches, 29 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 166 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=176, Invalid=754, Unknown=0, NotChecked=0, Total=930 [2022-11-20 11:20:19,094 INFO L413 NwaCegarLoop]: 136 mSDtfsCounter, 288 mSDsluCounter, 822 mSDsCounter, 0 mSdLazyCounter, 564 mSolverCounterSat, 106 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 289 SdHoareTripleChecker+Valid, 958 SdHoareTripleChecker+Invalid, 670 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 106 IncrementalHoareTripleChecker+Valid, 564 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2022-11-20 11:20:19,095 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [289 Valid, 958 Invalid, 670 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [106 Valid, 564 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2022-11-20 11:20:19,097 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-20 11:20:19,098 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-20 11:20:19,098 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-20 11:20:19,098 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-20 11:20:19,099 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 87 [2022-11-20 11:20:19,099 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 11:20:19,099 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-20 11:20:19,099 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 7.2) internal successors, (108), 11 states have internal predecessors, (108), 5 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 5 states have call successors, (13) [2022-11-20 11:20:19,100 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-20 11:20:19,100 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-20 11:20:19,103 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-20 11:20:19,117 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d8d7808-7b22-4d4f-a93e-0fa5b967f79f/bin/uautomizer-ug76WZFUDN/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-20 11:20:19,311 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d8d7808-7b22-4d4f-a93e-0fa5b967f79f/bin/uautomizer-ug76WZFUDN/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-20 11:20:19,314 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-20 11:20:23,437 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 815 821) no Hoare annotation was computed. [2022-11-20 11:20:23,437 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 815 821) the Hoare annotation is: true [2022-11-20 11:20:23,438 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 647 658) the Hoare annotation is: true [2022-11-20 11:20:23,438 INFO L899 garLoopResultBuilder]: For program point L651-1(lines 647 658) no Hoare annotation was computed. [2022-11-20 11:20:23,438 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 647 658) no Hoare annotation was computed. [2022-11-20 11:20:23,438 INFO L899 garLoopResultBuilder]: For program point L704(lines 704 710) no Hoare annotation was computed. [2022-11-20 11:20:23,438 INFO L899 garLoopResultBuilder]: For program point L795(lines 795 801) no Hoare annotation was computed. [2022-11-20 11:20:23,438 INFO L899 garLoopResultBuilder]: For program point L795-2(lines 791 813) no Hoare annotation was computed. [2022-11-20 11:20:23,439 INFO L895 garLoopResultBuilder]: At program point L696(lines 691 699) the Hoare annotation is: (let ((.cse3 (= 0 ~systemActive~0))) (let ((.cse4 (= ~pumpRunning~0 0)) (.cse6 (not .cse3)) (.cse7 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse10 (not (< 1 |old(~waterLevel~0)|))) (.cse11 (not (<= |old(~waterLevel~0)| 2))) (.cse1 (<= 1 ~pumpRunning~0)) (.cse5 (= ~waterLevel~0 1)) (.cse2 (<= 1 ~switchedOnBeforeTS~0))) (and (or .cse0 (and .cse1 .cse2) .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (and .cse4 .cse5 .cse6) .cse7 (not (= |old(~waterLevel~0)| 1)) .cse3) (let ((.cse8 (= 2 |timeShift_getWaterLevel_#res#1|)) (.cse9 (= |old(~waterLevel~0)| ~waterLevel~0))) (or (and .cse4 .cse8 .cse9 .cse6) .cse7 .cse10 (and .cse1 .cse8 .cse9) .cse3 .cse11)) (or .cse0 .cse10 .cse3 .cse11 (and .cse1 .cse5 .cse2))))) [2022-11-20 11:20:23,439 INFO L895 garLoopResultBuilder]: At program point L853(lines 848 855) the Hoare annotation is: (let ((.cse1 (not (< 1 |old(~waterLevel~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 (and (<= 1 ~pumpRunning~0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse2 .cse3) (or .cse4 .cse1 .cse2 .cse3) (or .cse4 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse2))) [2022-11-20 11:20:23,440 INFO L899 garLoopResultBuilder]: For program point L85(lines 85 91) no Hoare annotation was computed. [2022-11-20 11:20:23,440 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 788 814) no Hoare annotation was computed. [2022-11-20 11:20:23,440 INFO L895 garLoopResultBuilder]: At program point L69(lines 62 71) the Hoare annotation is: (let ((.cse5 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse6 (not (< 1 |old(~waterLevel~0)|))) (.cse1 (and (<= 1 ~pumpRunning~0) .cse5 (<= 1 ~switchedOnBeforeTS~0))) (.cse7 (not (<= |old(~waterLevel~0)| 2))) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse4 (= ~pumpRunning~0 0)) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse3 (and .cse4 .cse5) .cse6 .cse2 .cse7) (or .cse0 .cse6 .cse1 .cse2 .cse7) (or .cse3 (not (= |old(~waterLevel~0)| 1)) (and .cse4 (= ~waterLevel~0 1)) .cse2)))) [2022-11-20 11:20:23,441 INFO L895 garLoopResultBuilder]: At program point L709(lines 700 713) the Hoare annotation is: (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse4 (not (< 1 |old(~waterLevel~0)|))) (.cse2 (= 0 ~systemActive~0)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and (= |timeShift_isHighWaterSensorDry_#res#1| 1) .cse1 (= ~waterLevel~0 1)) .cse2) (or .cse3 .cse4 .cse2 .cse5) (or .cse3 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 (and .cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse4 .cse2 .cse5))) [2022-11-20 11:20:23,441 INFO L895 garLoopResultBuilder]: At program point L837(line 837) the Hoare annotation is: (let ((.cse2 (= 0 ~systemActive~0))) (let ((.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse1 (not (< 1 |old(~waterLevel~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (= ~pumpRunning~0 0)) (.cse6 (= |timeShift_processEnvironment_~tmp~6#1| 0)) (.cse7 (not .cse2))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse4 .cse1 (and .cse5 .cse6 (= |old(~waterLevel~0)| ~waterLevel~0) .cse7) .cse2 .cse3) (or .cse4 (and .cse5 .cse6 (= ~waterLevel~0 1) .cse7) (not (= |old(~waterLevel~0)| 1)) .cse2)))) [2022-11-20 11:20:23,441 INFO L895 garLoopResultBuilder]: At program point L953(lines 938 956) the Hoare annotation is: (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse4 (not (< 1 |old(~waterLevel~0)|))) (.cse2 (= 0 ~systemActive~0)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 (= |timeShift_isHighWaterLevel_~tmp___0~2#1| 0) (= |timeShift_isHighWaterLevel_#res#1| 0) (= ~waterLevel~0 1)) .cse2) (or .cse3 .cse4 .cse2 .cse5) (or .cse3 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 (and .cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse4 .cse2 .cse5))) [2022-11-20 11:20:23,442 INFO L895 garLoopResultBuilder]: At program point L664(lines 659 667) the Hoare annotation is: (let ((.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse1 (not (< 1 |old(~waterLevel~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse4 (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse1 .cse2 .cse3) (or .cse4 (not (= |old(~waterLevel~0)| 1)) .cse2))) [2022-11-20 11:20:23,442 INFO L899 garLoopResultBuilder]: For program point L627(lines 627 631) no Hoare annotation was computed. [2022-11-20 11:20:23,442 INFO L895 garLoopResultBuilder]: At program point L82(line 82) the Hoare annotation is: (let ((.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (not (< 1 |old(~waterLevel~0)|))) (.cse6 (not (<= |old(~waterLevel~0)| 2))) (.cse1 (<= 1 ~pumpRunning~0)) (.cse2 (<= 1 ~switchedOnBeforeTS~0)) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse7 (= ~waterLevel~0 1)) (.cse3 (= 0 ~systemActive~0))) (and (or .cse0 (and .cse1 .cse2) .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse4 .cse5 .cse3 .cse6) (or .cse0 .cse5 .cse3 .cse6 (and .cse1 .cse7 .cse2)) (or .cse4 (not (= |old(~waterLevel~0)| 1)) (and (= ~pumpRunning~0 0) .cse7) .cse3))) [2022-11-20 11:20:23,442 INFO L895 garLoopResultBuilder]: At program point L627-2(lines 623 634) the Hoare annotation is: (let ((.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (not (< 1 |old(~waterLevel~0)|))) (.cse6 (not (<= |old(~waterLevel~0)| 2))) (.cse1 (<= 1 ~pumpRunning~0)) (.cse2 (<= 1 ~switchedOnBeforeTS~0)) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (= 0 ~systemActive~0))) (and (or .cse0 (and .cse1 .cse2) .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse4 .cse5 .cse3 .cse6) (or .cse0 .cse5 .cse3 .cse6 (and .cse1 (= ~waterLevel~0 1) .cse2)) (or .cse4 (not (= |old(~waterLevel~0)| 1)) .cse3))) [2022-11-20 11:20:23,442 INFO L899 garLoopResultBuilder]: For program point L82-1(line 82) no Hoare annotation was computed. [2022-11-20 11:20:23,444 INFO L895 garLoopResultBuilder]: At program point L842(line 842) the Hoare annotation is: (let ((.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (not (< 1 |old(~waterLevel~0)|))) (.cse6 (not (<= |old(~waterLevel~0)| 2))) (.cse1 (<= 1 ~pumpRunning~0)) (.cse2 (<= 1 ~switchedOnBeforeTS~0)) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (= 0 ~systemActive~0))) (and (or .cse0 (and .cse1 .cse2) .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse4 .cse5 .cse3 .cse6) (or .cse0 .cse5 .cse3 .cse6 (and .cse1 (= ~waterLevel~0 1) .cse2)) (or .cse4 (not (= |old(~waterLevel~0)| 1)) .cse3))) [2022-11-20 11:20:23,444 INFO L895 garLoopResultBuilder]: At program point L842-1(lines 823 847) the Hoare annotation is: (let ((.cse3 (= 0 ~systemActive~0))) (let ((.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (= ~waterLevel~0 1)) (.cse2 (<= 1 ~switchedOnBeforeTS~0)) (.cse7 (not (= |old(~pumpRunning~0)| 0))) (.cse8 (not (< 1 |old(~waterLevel~0)|))) (.cse4 (= ~pumpRunning~0 0)) (.cse6 (not .cse3)) (.cse1 (<= 1 ~pumpRunning~0)) (.cse9 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 (and .cse1 .cse2) .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (and .cse4 .cse5 .cse6) .cse7 (not (= |old(~waterLevel~0)| 1)) .cse3) (or .cse0 .cse8 .cse3 .cse9 (and .cse1 .cse5 .cse2)) (let ((.cse10 (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse7 .cse8 (and .cse4 .cse10 .cse6) (and .cse1 .cse10) .cse3 .cse9))))) [2022-11-20 11:20:23,444 INFO L899 garLoopResultBuilder]: For program point L211(line 211) no Hoare annotation was computed. [2022-11-20 11:20:23,445 INFO L895 garLoopResultBuilder]: At program point L67(line 67) the Hoare annotation is: (let ((.cse1 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse8 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse0 (= ~pumpRunning~0 0)) (.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (not (< 1 |old(~waterLevel~0)|))) (.cse6 (not (<= |old(~waterLevel~0)| 2))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (= 0 ~systemActive~0)) (.cse7 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse1 .cse8))) (and (or (and .cse0 .cse1 (= ~waterLevel~0 1)) .cse2 (not (= |old(~waterLevel~0)| 1)) .cse3) (or .cse4 .cse5 .cse3 .cse6 .cse7) (or (and .cse0 .cse1 .cse8) .cse2 .cse5 .cse3 .cse6) (or .cse4 .cse3 .cse7 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-11-20 11:20:23,445 INFO L899 garLoopResultBuilder]: For program point L67-1(line 67) no Hoare annotation was computed. [2022-11-20 11:20:23,445 INFO L899 garLoopResultBuilder]: For program point L802-1(lines 802 808) no Hoare annotation was computed. [2022-11-20 11:20:23,445 INFO L899 garLoopResultBuilder]: For program point L864(lines 864 870) no Hoare annotation was computed. [2022-11-20 11:20:23,446 INFO L899 garLoopResultBuilder]: For program point L831(lines 831 839) no Hoare annotation was computed. [2022-11-20 11:20:23,446 INFO L895 garLoopResultBuilder]: At program point L864-2(lines 857 873) the Hoare annotation is: (let ((.cse1 (not (< 1 |old(~waterLevel~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 .cse3) (let ((.cse5 (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse4 (and (= ~pumpRunning~0 0) .cse5) .cse1 (and (<= 1 ~pumpRunning~0) .cse5) .cse2 .cse3)) (or .cse0 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse4 (not (= |old(~waterLevel~0)| 1)) .cse2))) [2022-11-20 11:20:23,446 INFO L899 garLoopResultBuilder]: For program point L827(lines 827 844) no Hoare annotation was computed. [2022-11-20 11:20:23,446 INFO L895 garLoopResultBuilder]: At program point L889(lines 882 892) the Hoare annotation is: (let ((.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse1 (not (< 1 |old(~waterLevel~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse4 (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse1 .cse2 .cse3) (or .cse4 (not (= |old(~waterLevel~0)| 1)) .cse2))) [2022-11-20 11:20:23,447 INFO L899 garLoopResultBuilder]: For program point L84(lines 84 94) no Hoare annotation was computed. [2022-11-20 11:20:23,447 INFO L895 garLoopResultBuilder]: At program point L212(lines 207 214) the Hoare annotation is: (let ((.cse1 (not (< 1 |old(~waterLevel~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse1 .cse2 .cse3) (or .cse0 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse4 (not (= |old(~waterLevel~0)| 1)) .cse2))) [2022-11-20 11:20:23,447 INFO L899 garLoopResultBuilder]: For program point L947(lines 947 951) no Hoare annotation was computed. [2022-11-20 11:20:23,447 INFO L899 garLoopResultBuilder]: For program point L947-2(lines 947 951) no Hoare annotation was computed. [2022-11-20 11:20:23,448 INFO L899 garLoopResultBuilder]: For program point L80(lines 80 97) no Hoare annotation was computed. [2022-11-20 11:20:23,459 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 788 814) the Hoare annotation is: (let ((.cse1 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse8 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse0 (= ~pumpRunning~0 0)) (.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (not (< 1 |old(~waterLevel~0)|))) (.cse6 (not (<= |old(~waterLevel~0)| 2))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (= 0 ~systemActive~0)) (.cse7 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse1 .cse8))) (and (or (and .cse0 .cse1 (= ~waterLevel~0 1)) .cse2 (not (= |old(~waterLevel~0)| 1)) .cse3) (or .cse4 .cse5 .cse3 .cse6 .cse7) (or (and .cse0 .cse1 .cse8) .cse2 .cse5 .cse3 .cse6) (or .cse4 .cse3 .cse7 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-11-20 11:20:23,460 INFO L895 garLoopResultBuilder]: At program point L80-1(lines 72 100) the Hoare annotation is: (let ((.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse2 (<= 1 ~switchedOnBeforeTS~0)) (.cse4 (not (< 1 |old(~waterLevel~0)|))) (.cse1 (<= 1 ~pumpRunning~0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse11 (not (= |old(~pumpRunning~0)| 0))) (.cse7 (= ~pumpRunning~0 0)) (.cse6 (= ~waterLevel~0 1)) (.cse3 (= 0 ~systemActive~0))) (and (or .cse0 (and .cse1 .cse2) .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 .cse4 .cse3 .cse5 (and .cse1 .cse6 .cse2)) (let ((.cse8 (= 2 |timeShift_getWaterLevel_#res#1|)) (.cse9 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse10 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| 2))) (or (and .cse7 .cse8 .cse9 .cse10) .cse11 .cse4 (and .cse1 .cse8 .cse9 .cse10) .cse3 .cse5)) (or .cse11 (not (= |old(~waterLevel~0)| 1)) (and .cse7 .cse6) .cse3))) [2022-11-20 11:20:23,460 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 788 814) no Hoare annotation was computed. [2022-11-20 11:20:23,460 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 211) no Hoare annotation was computed. [2022-11-20 11:20:23,461 INFO L902 garLoopResultBuilder]: At program point L129(lines 104 133) the Hoare annotation is: true [2022-11-20 11:20:23,461 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 104 133) no Hoare annotation was computed. [2022-11-20 11:20:23,461 INFO L899 garLoopResultBuilder]: For program point L125(line 125) no Hoare annotation was computed. [2022-11-20 11:20:23,461 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 104 133) the Hoare annotation is: true [2022-11-20 11:20:23,462 INFO L899 garLoopResultBuilder]: For program point L118(lines 118 122) no Hoare annotation was computed. [2022-11-20 11:20:23,462 INFO L902 garLoopResultBuilder]: At program point L118-1(lines 118 122) the Hoare annotation is: true [2022-11-20 11:20:23,462 INFO L899 garLoopResultBuilder]: For program point L115(line 115) no Hoare annotation was computed. [2022-11-20 11:20:23,462 INFO L902 garLoopResultBuilder]: At program point L114-2(lines 114 128) the Hoare annotation is: true [2022-11-20 11:20:23,462 INFO L902 garLoopResultBuilder]: At program point L110(line 110) the Hoare annotation is: true [2022-11-20 11:20:23,463 INFO L899 garLoopResultBuilder]: For program point L110-1(line 110) no Hoare annotation was computed. [2022-11-20 11:20:23,463 INFO L895 garLoopResultBuilder]: At program point L246(lines 241 249) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_valid_product_#res#1| 1) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-11-20 11:20:23,464 INFO L895 garLoopResultBuilder]: At program point L238(lines 234 240) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-11-20 11:20:23,464 INFO L899 garLoopResultBuilder]: For program point L746(lines 746 752) no Hoare annotation was computed. [2022-11-20 11:20:23,464 INFO L899 garLoopResultBuilder]: For program point L746-1(lines 746 752) no Hoare annotation was computed. [2022-11-20 11:20:23,465 INFO L895 garLoopResultBuilder]: At program point L771(lines 726 773) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse7 (<= 1 ~pumpRunning~0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (< 1 ~waterLevel~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (<= ~waterLevel~0 2)) (.cse5 (= |ULTIMATE.start_main_~tmp~1#1| 1)) (.cse6 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (and .cse0 .cse1 .cse3 .cse5 (= ~waterLevel~0 1) .cse6) (and .cse7 .cse1 .cse3 .cse5 (<= 1 ~switchedOnBeforeTS~0) .cse6) (and .cse7 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6))) [2022-11-20 11:20:23,465 INFO L895 garLoopResultBuilder]: At program point L738(line 738) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse7 (<= 1 ~pumpRunning~0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (< 1 ~waterLevel~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (<= ~waterLevel~0 2)) (.cse5 (= |ULTIMATE.start_main_~tmp~1#1| 1)) (.cse6 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (and .cse0 .cse1 .cse3 .cse5 (= ~waterLevel~0 1) .cse6) (and .cse7 .cse1 .cse3 .cse5 (<= 1 ~switchedOnBeforeTS~0) .cse6) (and .cse7 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6))) [2022-11-20 11:20:23,465 INFO L899 garLoopResultBuilder]: For program point L193(lines 193 200) no Hoare annotation was computed. [2022-11-20 11:20:23,465 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-11-20 11:20:23,465 INFO L899 garLoopResultBuilder]: For program point L193-2(lines 193 200) no Hoare annotation was computed. [2022-11-20 11:20:23,466 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-11-20 11:20:23,466 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-11-20 11:20:23,466 INFO L902 garLoopResultBuilder]: At program point L177(lines 169 179) the Hoare annotation is: true [2022-11-20 11:20:23,466 INFO L902 garLoopResultBuilder]: At program point L202(lines 183 205) the Hoare annotation is: true [2022-11-20 11:20:23,467 INFO L895 garLoopResultBuilder]: At program point L231(lines 227 233) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-11-20 11:20:23,467 INFO L895 garLoopResultBuilder]: At program point L165(lines 161 167) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_valid_product_#res#1| 1) (= |ULTIMATE.start_main_~tmp~1#1| 1) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-11-20 11:20:23,467 INFO L895 garLoopResultBuilder]: At program point L962(lines 957 964) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse7 (<= 1 ~pumpRunning~0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (< 1 ~waterLevel~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (<= ~waterLevel~0 2)) (.cse5 (= |ULTIMATE.start_main_~tmp~1#1| 1)) (.cse6 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (and .cse0 .cse1 .cse3 .cse5 (= ~waterLevel~0 1) .cse6) (and .cse7 .cse1 .cse3 .cse5 (<= 1 ~switchedOnBeforeTS~0) .cse6) (and .cse7 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6))) [2022-11-20 11:20:23,467 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-20 11:20:23,468 INFO L899 garLoopResultBuilder]: For program point L764(lines 764 768) no Hoare annotation was computed. [2022-11-20 11:20:23,468 INFO L895 garLoopResultBuilder]: At program point L764-2(lines 756 769) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse7 (<= 1 ~pumpRunning~0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (< 1 ~waterLevel~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (<= ~waterLevel~0 2)) (.cse5 (= |ULTIMATE.start_main_~tmp~1#1| 1)) (.cse6 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (and .cse0 .cse1 .cse3 .cse5 (= ~waterLevel~0 1) .cse6) (and .cse7 .cse1 .cse3 .cse5 (<= 1 ~switchedOnBeforeTS~0) .cse6) (and .cse7 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6))) [2022-11-20 11:20:23,468 INFO L899 garLoopResultBuilder]: For program point L727(lines 726 773) no Hoare annotation was computed. [2022-11-20 11:20:23,469 INFO L899 garLoopResultBuilder]: For program point L756(lines 756 769) no Hoare annotation was computed. [2022-11-20 11:20:23,469 INFO L895 garLoopResultBuilder]: At program point L748(line 748) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse7 (<= 1 ~pumpRunning~0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (< 1 ~waterLevel~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (<= ~waterLevel~0 2)) (.cse5 (= |ULTIMATE.start_main_~tmp~1#1| 1)) (.cse6 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (and .cse0 .cse1 .cse3 .cse5 (= ~waterLevel~0 1) .cse6) (and .cse7 .cse1 .cse3 .cse5 (<= 1 ~switchedOnBeforeTS~0) .cse6) (and .cse7 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6))) [2022-11-20 11:20:23,469 INFO L902 garLoopResultBuilder]: At program point L777(lines 716 781) the Hoare annotation is: true [2022-11-20 11:20:23,470 INFO L899 garLoopResultBuilder]: For program point L736(lines 736 742) no Hoare annotation was computed. [2022-11-20 11:20:23,470 INFO L899 garLoopResultBuilder]: For program point L736-1(lines 736 742) no Hoare annotation was computed. [2022-11-20 11:20:23,470 INFO L895 garLoopResultBuilder]: At program point L59(lines 54 61) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_valid_product_#res#1| 1) (= |ULTIMATE.start_main_~tmp~1#1| 1) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-11-20 11:20:23,471 INFO L899 garLoopResultBuilder]: For program point L728(lines 728 732) no Hoare annotation was computed. [2022-11-20 11:20:23,475 INFO L895 garLoopResultBuilder]: At program point L774(lines 725 775) the Hoare annotation is: false [2022-11-20 11:20:23,476 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 635 646) no Hoare annotation was computed. [2022-11-20 11:20:23,477 INFO L899 garLoopResultBuilder]: For program point L639-1(lines 635 646) no Hoare annotation was computed. [2022-11-20 11:20:23,477 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 635 646) the Hoare annotation is: (let ((.cse4 (not (< 1 |old(~waterLevel~0)|))) (.cse0 (not (<= 1 ~pumpRunning~0))) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse3 (not (= ~pumpRunning~0 0))) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 (not (<= 1 ~switchedOnBeforeTS~0))) (or .cse3 .cse4 .cse1 .cse2 .cse5) (or .cse4 .cse0 .cse1 .cse2 .cse5) (or .cse3 (not (= |old(~waterLevel~0)| 1)) .cse2 (= ~waterLevel~0 1)))) [2022-11-20 11:20:23,477 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 893 901) no Hoare annotation was computed. [2022-11-20 11:20:23,477 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 893 901) the Hoare annotation is: true [2022-11-20 11:20:23,478 INFO L899 garLoopResultBuilder]: For program point isPumpRunningFINAL(lines 893 901) no Hoare annotation was computed. [2022-11-20 11:20:23,482 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 11:20:23,485 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-20 11:20:23,550 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 20.11 11:20:23 BoogieIcfgContainer [2022-11-20 11:20:23,555 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-20 11:20:23,556 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-20 11:20:23,556 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-20 11:20:23,556 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-20 11:20:23,557 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.11 11:20:12" (3/4) ... [2022-11-20 11:20:23,561 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-20 11:20:23,572 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-20 11:20:23,573 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-20 11:20:23,573 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-20 11:20:23,573 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-20 11:20:23,574 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-20 11:20:23,574 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-11-20 11:20:23,590 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 23 nodes and edges [2022-11-20 11:20:23,591 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 8 nodes and edges [2022-11-20 11:20:23,592 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 4 nodes and edges [2022-11-20 11:20:23,592 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-20 11:20:23,593 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-20 11:20:23,637 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((pumpRunning == 0 && \result == 1) && waterLevel == 1) && !(0 == systemActive) [2022-11-20 11:20:23,637 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((pumpRunning == 0 && \result == 1) && tmp == 1) && waterLevel == 1) && !(0 == systemActive) [2022-11-20 11:20:23,638 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((pumpRunning == 0 && \result == 1) && tmp == 1) && waterLevel == 1) && !(0 == systemActive) [2022-11-20 11:20:23,638 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((pumpRunning == 0 && \result == 1) && 1 < waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && !(0 == systemActive)) || (((((pumpRunning == 0 && \result == 1) && splverifierCounter == 0) && tmp == 1) && waterLevel == 1) && !(0 == systemActive))) || (((((1 <= pumpRunning && \result == 1) && splverifierCounter == 0) && tmp == 1) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || ((((((1 <= pumpRunning && \result == 1) && 1 < waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && !(0 == systemActive)) [2022-11-20 11:20:23,640 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 <= \old(pumpRunning)) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || 0 == systemActive) [2022-11-20 11:20:23,641 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 <= \old(pumpRunning)) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && (((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) [2022-11-20 11:20:23,641 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((pumpRunning == 0 && \result == 1) && 1 < waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && !(0 == systemActive)) || (((((pumpRunning == 0 && \result == 1) && splverifierCounter == 0) && tmp == 1) && waterLevel == 1) && !(0 == systemActive))) || (((((1 <= pumpRunning && \result == 1) && splverifierCounter == 0) && tmp == 1) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || ((((((1 <= pumpRunning && \result == 1) && 1 < waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && !(0 == systemActive)) [2022-11-20 11:20:23,642 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 <= \old(pumpRunning)) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && ((((((((pumpRunning == 0 && 2 == \result) && \old(waterLevel) == waterLevel) && tmp == 2) || !(\old(pumpRunning) == 0)) || !(1 < \old(waterLevel))) || (((1 <= pumpRunning && 2 == \result) && \old(waterLevel) == waterLevel) && tmp == 2)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || 0 == systemActive) [2022-11-20 11:20:23,643 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 <= \old(pumpRunning)) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && (((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || 0 == systemActive)) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && (((((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && !(0 == systemActive))) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) [2022-11-20 11:20:23,644 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) [2022-11-20 11:20:23,644 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 <= \old(pumpRunning)) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && (((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || 0 == systemActive)) && ((((((((pumpRunning == 0 && 2 == \result) && \old(waterLevel) == waterLevel) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(1 < \old(waterLevel))) || ((1 <= pumpRunning && 2 == \result) && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS)) [2022-11-20 11:20:23,645 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((\result == 1 && pumpRunning == 0) && waterLevel == 1)) || 0 == systemActive) && (((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) [2022-11-20 11:20:23,645 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (((pumpRunning == 0 && tmp___0 == 0) && \result == 0) && waterLevel == 1)) || 0 == systemActive) && (((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) [2022-11-20 11:20:23,645 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) [2022-11-20 11:20:23,646 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) [2022-11-20 11:20:23,646 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) [2022-11-20 11:20:23,647 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) [2022-11-20 11:20:23,691 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d8d7808-7b22-4d4f-a93e-0fa5b967f79f/bin/uautomizer-ug76WZFUDN/witness.graphml [2022-11-20 11:20:23,692 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-20 11:20:23,693 INFO L158 Benchmark]: Toolchain (without parser) took 11975.88ms. Allocated memory was 192.9MB in the beginning and 232.8MB in the end (delta: 39.8MB). Free memory was 144.2MB in the beginning and 189.9MB in the end (delta: -45.6MB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-20 11:20:23,693 INFO L158 Benchmark]: CDTParser took 0.33ms. Allocated memory is still 144.7MB. Free memory is still 87.5MB. There was no memory consumed. Max. memory is 16.1GB. [2022-11-20 11:20:23,693 INFO L158 Benchmark]: CACSL2BoogieTranslator took 536.87ms. Allocated memory is still 192.9MB. Free memory was 143.8MB in the beginning and 125.4MB in the end (delta: 18.4MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2022-11-20 11:20:23,694 INFO L158 Benchmark]: Boogie Procedure Inliner took 59.00ms. Allocated memory is still 192.9MB. Free memory was 125.4MB in the beginning and 123.3MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-20 11:20:23,694 INFO L158 Benchmark]: Boogie Preprocessor took 35.63ms. Allocated memory is still 192.9MB. Free memory was 123.3MB in the beginning and 121.9MB in the end (delta: 1.3MB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-20 11:20:23,695 INFO L158 Benchmark]: RCFGBuilder took 610.43ms. Allocated memory is still 192.9MB. Free memory was 121.6MB in the beginning and 105.6MB in the end (delta: 16.0MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2022-11-20 11:20:23,696 INFO L158 Benchmark]: TraceAbstraction took 10575.33ms. Allocated memory was 192.9MB in the beginning and 232.8MB in the end (delta: 39.8MB). Free memory was 105.2MB in the beginning and 196.2MB in the end (delta: -91.0MB). Peak memory consumption was 84.6MB. Max. memory is 16.1GB. [2022-11-20 11:20:23,697 INFO L158 Benchmark]: Witness Printer took 135.80ms. Allocated memory is still 232.8MB. Free memory was 196.2MB in the beginning and 189.9MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-20 11:20:23,700 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.33ms. Allocated memory is still 144.7MB. Free memory is still 87.5MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 536.87ms. Allocated memory is still 192.9MB. Free memory was 143.8MB in the beginning and 125.4MB in the end (delta: 18.4MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 59.00ms. Allocated memory is still 192.9MB. Free memory was 125.4MB in the beginning and 123.3MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 35.63ms. Allocated memory is still 192.9MB. Free memory was 123.3MB in the beginning and 121.9MB in the end (delta: 1.3MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 610.43ms. Allocated memory is still 192.9MB. Free memory was 121.6MB in the beginning and 105.6MB in the end (delta: 16.0MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 10575.33ms. Allocated memory was 192.9MB in the beginning and 232.8MB in the end (delta: 39.8MB). Free memory was 105.2MB in the beginning and 196.2MB in the end (delta: -91.0MB). Peak memory consumption was 84.6MB. Max. memory is 16.1GB. * Witness Printer took 135.80ms. Allocated memory is still 232.8MB. Free memory was 196.2MB in the beginning and 189.9MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 211]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 85 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 10.4s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 2.3s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 4.1s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 832 SdHoareTripleChecker+Valid, 1.1s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 816 mSDsluCounter, 3348 SdHoareTripleChecker+Invalid, 0.9s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2368 mSDsCounter, 183 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 962 IncrementalHoareTripleChecker+Invalid, 1145 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 183 mSolverCounterUnsat, 980 mSDtfsCounter, 962 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 318 GetRequests, 247 SyntacticMatches, 5 SemanticMatches, 66 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 193 ImplicationChecksByTransitivity, 0.7s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=400occurred in iteration=9, InterpolantAutomatonStates: 70, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 10 MinimizatonAttempts, 77 StatesRemovedByMinimization, 5 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 40 LocationsWithAnnotation, 685 PreInvPairs, 800 NumberOfFragments, 1975 HoareAnnotationTreeSize, 685 FomulaSimplifications, 493 FormulaSimplificationTreeSizeReduction, 0.3s HoareSimplificationTime, 40 FomulaSimplificationsInter, 3520 FormulaSimplificationTreeSizeReductionInter, 3.8s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 2.5s InterpolantComputationTime, 577 NumberOfCodeBlocks, 577 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 652 ConstructedInterpolants, 0 QuantifiedInterpolants, 1381 SizeOfPredicates, 3 NumberOfNonLiveVariables, 316 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 97/117 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 857]: Loop Invariant Derived loop invariant: (((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) - InvariantResult [Line: 54]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && \result == 1) && tmp == 1) && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 114]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 823]: Loop Invariant Derived loop invariant: (((((!(1 <= \old(pumpRunning)) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && (((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || 0 == systemActive)) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && (((((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && !(0 == systemActive))) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 161]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && \result == 1) && tmp == 1) && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 227]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 104]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 183]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 62]: Loop Invariant Derived loop invariant: (((((!(1 <= \old(pumpRunning)) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || 0 == systemActive) - InvariantResult [Line: 725]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 169]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 659]: Loop Invariant Derived loop invariant: (((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) - InvariantResult [Line: 848]: Loop Invariant Derived loop invariant: ((((((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) - InvariantResult [Line: 691]: Loop Invariant Derived loop invariant: (((((!(1 <= \old(pumpRunning)) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && (((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || 0 == systemActive)) && ((((((((pumpRunning == 0 && 2 == \result) && \old(waterLevel) == waterLevel) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(1 < \old(waterLevel))) || ((1 <= pumpRunning && 2 == \result) && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS)) - InvariantResult [Line: 72]: Loop Invariant Derived loop invariant: (((((!(1 <= \old(pumpRunning)) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && ((((((((pumpRunning == 0 && 2 == \result) && \old(waterLevel) == waterLevel) && tmp == 2) || !(\old(pumpRunning) == 0)) || !(1 < \old(waterLevel))) || (((1 <= pumpRunning && 2 == \result) && \old(waterLevel) == waterLevel) && tmp == 2)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || 0 == systemActive) - InvariantResult [Line: 716]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 882]: Loop Invariant Derived loop invariant: (((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) - InvariantResult [Line: 957]: Loop Invariant Derived loop invariant: ((((((((pumpRunning == 0 && \result == 1) && 1 < waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && !(0 == systemActive)) || (((((pumpRunning == 0 && \result == 1) && splverifierCounter == 0) && tmp == 1) && waterLevel == 1) && !(0 == systemActive))) || (((((1 <= pumpRunning && \result == 1) && splverifierCounter == 0) && tmp == 1) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || ((((((1 <= pumpRunning && \result == 1) && 1 < waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && !(0 == systemActive)) - InvariantResult [Line: 234]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 700]: Loop Invariant Derived loop invariant: (((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((\result == 1 && pumpRunning == 0) && waterLevel == 1)) || 0 == systemActive) && (((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 241]: Loop Invariant Derived loop invariant: ((pumpRunning == 0 && \result == 1) && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 726]: Loop Invariant Derived loop invariant: ((((((((pumpRunning == 0 && \result == 1) && 1 < waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && !(0 == systemActive)) || (((((pumpRunning == 0 && \result == 1) && splverifierCounter == 0) && tmp == 1) && waterLevel == 1) && !(0 == systemActive))) || (((((1 <= pumpRunning && \result == 1) && splverifierCounter == 0) && tmp == 1) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || ((((((1 <= pumpRunning && \result == 1) && 1 < waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && !(0 == systemActive)) - InvariantResult [Line: 623]: Loop Invariant Derived loop invariant: (((((!(1 <= \old(pumpRunning)) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && (((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) - InvariantResult [Line: 207]: Loop Invariant Derived loop invariant: (((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) - InvariantResult [Line: 938]: Loop Invariant Derived loop invariant: (((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (((pumpRunning == 0 && tmp___0 == 0) && \result == 0) && waterLevel == 1)) || 0 == systemActive) && (((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) RESULT: Ultimate proved your program to be correct! [2022-11-20 11:20:23,760 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2d8d7808-7b22-4d4f-a93e-0fa5b967f79f/bin/uautomizer-ug76WZFUDN/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE