./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product52.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 6b4ec56b Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/bin/uautomizer-ug76WZFUDN/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/bin/uautomizer-ug76WZFUDN/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/bin/uautomizer-ug76WZFUDN/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/bin/uautomizer-ug76WZFUDN/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product52.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/bin/uautomizer-ug76WZFUDN/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/bin/uautomizer-ug76WZFUDN --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 4074665f53184e0f9778b3e4e6ee9c58d8a047121518f9c126ceccd876afea36 --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-6b4ec56 [2022-11-20 11:15:26,021 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-20 11:15:26,025 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-20 11:15:26,057 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-20 11:15:26,058 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-20 11:15:26,059 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-20 11:15:26,060 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-20 11:15:26,063 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-20 11:15:26,065 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-20 11:15:26,066 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-20 11:15:26,067 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-20 11:15:26,069 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-20 11:15:26,069 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-20 11:15:26,070 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-20 11:15:26,072 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-20 11:15:26,074 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-20 11:15:26,075 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-20 11:15:26,076 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-20 11:15:26,078 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-20 11:15:26,081 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-20 11:15:26,083 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-20 11:15:26,085 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-20 11:15:26,086 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-20 11:15:26,087 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-20 11:15:26,092 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-20 11:15:26,092 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-20 11:15:26,093 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-20 11:15:26,094 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-20 11:15:26,095 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-20 11:15:26,096 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-20 11:15:26,096 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-20 11:15:26,097 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-20 11:15:26,098 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-20 11:15:26,099 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-20 11:15:26,101 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-20 11:15:26,101 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-20 11:15:26,102 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-20 11:15:26,102 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-20 11:15:26,103 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-20 11:15:26,104 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-20 11:15:26,105 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-20 11:15:26,106 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/bin/uautomizer-ug76WZFUDN/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-11-20 11:15:26,130 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-20 11:15:26,131 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-20 11:15:26,131 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-20 11:15:26,131 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-20 11:15:26,132 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-20 11:15:26,133 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-20 11:15:26,133 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-11-20 11:15:26,134 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-11-20 11:15:26,134 INFO L138 SettingsManager]: * Use SBE=true [2022-11-20 11:15:26,134 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-20 11:15:26,135 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-20 11:15:26,135 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-20 11:15:26,135 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-20 11:15:26,136 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-20 11:15:26,136 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-20 11:15:26,136 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-20 11:15:26,137 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-20 11:15:26,137 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-20 11:15:26,137 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-20 11:15:26,138 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-20 11:15:26,138 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-20 11:15:26,138 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-20 11:15:26,139 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-11-20 11:15:26,139 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-20 11:15:26,139 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-20 11:15:26,140 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-20 11:15:26,140 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-20 11:15:26,140 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-20 11:15:26,141 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-11-20 11:15:26,141 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-20 11:15:26,141 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-11-20 11:15:26,142 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-11-20 11:15:26,142 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-20 11:15:26,142 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/bin/uautomizer-ug76WZFUDN/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/bin/uautomizer-ug76WZFUDN Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 4074665f53184e0f9778b3e4e6ee9c58d8a047121518f9c126ceccd876afea36 [2022-11-20 11:15:26,481 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-20 11:15:26,510 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-20 11:15:26,513 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-20 11:15:26,514 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-20 11:15:26,515 INFO L275 PluginConnector]: CDTParser initialized [2022-11-20 11:15:26,517 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/bin/uautomizer-ug76WZFUDN/../../sv-benchmarks/c/product-lines/minepump_spec5_product52.cil.c [2022-11-20 11:15:29,938 INFO L500 CDTParser]: Created temporary CDT project at NULL [2022-11-20 11:15:30,247 INFO L351 CDTParser]: Found 1 translation units. [2022-11-20 11:15:30,248 INFO L172 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/sv-benchmarks/c/product-lines/minepump_spec5_product52.cil.c [2022-11-20 11:15:30,278 INFO L394 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/bin/uautomizer-ug76WZFUDN/data/6a4eb9f63/e4cbf83732644345b7b1445490f27a06/FLAG009394d57 [2022-11-20 11:15:30,302 INFO L402 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/bin/uautomizer-ug76WZFUDN/data/6a4eb9f63/e4cbf83732644345b7b1445490f27a06 [2022-11-20 11:15:30,309 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-20 11:15:30,311 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-20 11:15:30,317 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-20 11:15:30,317 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-20 11:15:30,322 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-20 11:15:30,323 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.11 11:15:30" (1/1) ... [2022-11-20 11:15:30,324 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@3539ee81 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:15:30, skipping insertion in model container [2022-11-20 11:15:30,324 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.11 11:15:30" (1/1) ... [2022-11-20 11:15:30,333 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-20 11:15:30,399 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-20 11:15:30,725 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/sv-benchmarks/c/product-lines/minepump_spec5_product52.cil.c[12672,12685] [2022-11-20 11:15:30,770 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-20 11:15:30,782 INFO L203 MainTranslator]: Completed pre-run [2022-11-20 11:15:30,835 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/sv-benchmarks/c/product-lines/minepump_spec5_product52.cil.c[12672,12685] [2022-11-20 11:15:30,854 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-20 11:15:30,875 INFO L208 MainTranslator]: Completed translation [2022-11-20 11:15:30,875 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:15:30 WrapperNode [2022-11-20 11:15:30,876 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-20 11:15:30,877 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-20 11:15:30,877 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-20 11:15:30,877 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-20 11:15:30,885 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:15:30" (1/1) ... [2022-11-20 11:15:30,901 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:15:30" (1/1) ... [2022-11-20 11:15:30,930 INFO L138 Inliner]: procedures = 59, calls = 104, calls flagged for inlining = 26, calls inlined = 22, statements flattened = 212 [2022-11-20 11:15:30,931 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-20 11:15:30,932 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-20 11:15:30,932 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-20 11:15:30,932 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-20 11:15:30,943 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:15:30" (1/1) ... [2022-11-20 11:15:30,944 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:15:30" (1/1) ... [2022-11-20 11:15:30,947 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:15:30" (1/1) ... [2022-11-20 11:15:30,947 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:15:30" (1/1) ... [2022-11-20 11:15:30,953 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:15:30" (1/1) ... [2022-11-20 11:15:30,959 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:15:30" (1/1) ... [2022-11-20 11:15:30,961 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:15:30" (1/1) ... [2022-11-20 11:15:30,963 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:15:30" (1/1) ... [2022-11-20 11:15:30,966 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-20 11:15:30,967 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-20 11:15:30,967 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-20 11:15:30,968 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-20 11:15:30,969 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:15:30" (1/1) ... [2022-11-20 11:15:30,976 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-20 11:15:30,990 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/bin/uautomizer-ug76WZFUDN/z3 [2022-11-20 11:15:31,011 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/bin/uautomizer-ug76WZFUDN/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-20 11:15:31,025 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/bin/uautomizer-ug76WZFUDN/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-20 11:15:31,060 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-20 11:15:31,061 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-20 11:15:31,061 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-20 11:15:31,062 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-20 11:15:31,062 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-20 11:15:31,062 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-20 11:15:31,062 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-20 11:15:31,065 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-20 11:15:31,066 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-20 11:15:31,066 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-20 11:15:31,067 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-20 11:15:31,067 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-11-20 11:15:31,067 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-11-20 11:15:31,068 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-11-20 11:15:31,068 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-11-20 11:15:31,069 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-20 11:15:31,069 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-20 11:15:31,070 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-20 11:15:31,070 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-20 11:15:31,070 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-20 11:15:31,207 INFO L235 CfgBuilder]: Building ICFG [2022-11-20 11:15:31,209 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-20 11:15:31,726 INFO L276 CfgBuilder]: Performing block encoding [2022-11-20 11:15:31,736 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-20 11:15:31,736 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-20 11:15:31,739 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.11 11:15:31 BoogieIcfgContainer [2022-11-20 11:15:31,739 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-20 11:15:31,742 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-20 11:15:31,742 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-20 11:15:31,746 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-20 11:15:31,747 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.11 11:15:30" (1/3) ... [2022-11-20 11:15:31,748 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@61d55e3c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.11 11:15:31, skipping insertion in model container [2022-11-20 11:15:31,748 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 11:15:30" (2/3) ... [2022-11-20 11:15:31,748 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@61d55e3c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.11 11:15:31, skipping insertion in model container [2022-11-20 11:15:31,749 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.11 11:15:31" (3/3) ... [2022-11-20 11:15:31,750 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product52.cil.c [2022-11-20 11:15:31,775 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-20 11:15:31,775 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-20 11:15:31,839 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-20 11:15:31,847 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@2eef176f, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-20 11:15:31,848 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-20 11:15:31,853 INFO L276 IsEmpty]: Start isEmpty. Operand has 100 states, 76 states have (on average 1.368421052631579) internal successors, (104), 85 states have internal predecessors, (104), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) [2022-11-20 11:15:31,865 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2022-11-20 11:15:31,865 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 11:15:31,866 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 11:15:31,866 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 11:15:31,872 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 11:15:31,872 INFO L85 PathProgramCache]: Analyzing trace with hash 1209028345, now seen corresponding path program 1 times [2022-11-20 11:15:31,883 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 11:15:31,884 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [235021361] [2022-11-20 11:15:31,885 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 11:15:31,885 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 11:15:32,056 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:32,177 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-11-20 11:15:32,181 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:32,196 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-11-20 11:15:32,204 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:32,214 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-20 11:15:32,214 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 11:15:32,214 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [235021361] [2022-11-20 11:15:32,215 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [235021361] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 11:15:32,216 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 11:15:32,216 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-20 11:15:32,218 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1368842601] [2022-11-20 11:15:32,219 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 11:15:32,225 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-20 11:15:32,225 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 11:15:32,260 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-20 11:15:32,261 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-20 11:15:32,264 INFO L87 Difference]: Start difference. First operand has 100 states, 76 states have (on average 1.368421052631579) internal successors, (104), 85 states have internal predecessors, (104), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-20 11:15:32,311 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 11:15:32,312 INFO L93 Difference]: Finished difference Result 191 states and 258 transitions. [2022-11-20 11:15:32,313 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-20 11:15:32,314 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2022-11-20 11:15:32,315 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 11:15:32,326 INFO L225 Difference]: With dead ends: 191 [2022-11-20 11:15:32,327 INFO L226 Difference]: Without dead ends: 91 [2022-11-20 11:15:32,332 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-20 11:15:32,336 INFO L413 NwaCegarLoop]: 126 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 126 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-20 11:15:32,337 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 126 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-20 11:15:32,358 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 91 states. [2022-11-20 11:15:32,388 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 91 to 91. [2022-11-20 11:15:32,394 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 91 states, 69 states have (on average 1.3043478260869565) internal successors, (90), 77 states have internal predecessors, (90), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2022-11-20 11:15:32,398 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 91 states to 91 states and 117 transitions. [2022-11-20 11:15:32,404 INFO L78 Accepts]: Start accepts. Automaton has 91 states and 117 transitions. Word has length 32 [2022-11-20 11:15:32,405 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 11:15:32,405 INFO L495 AbstractCegarLoop]: Abstraction has 91 states and 117 transitions. [2022-11-20 11:15:32,406 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-20 11:15:32,407 INFO L276 IsEmpty]: Start isEmpty. Operand 91 states and 117 transitions. [2022-11-20 11:15:32,410 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-11-20 11:15:32,413 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 11:15:32,414 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 11:15:32,414 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-20 11:15:32,414 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 11:15:32,415 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 11:15:32,415 INFO L85 PathProgramCache]: Analyzing trace with hash 819571873, now seen corresponding path program 1 times [2022-11-20 11:15:32,416 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 11:15:32,416 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1338331658] [2022-11-20 11:15:32,416 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 11:15:32,417 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 11:15:32,441 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:32,544 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-11-20 11:15:32,547 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:32,550 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2022-11-20 11:15:32,553 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:32,556 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-20 11:15:32,556 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 11:15:32,557 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1338331658] [2022-11-20 11:15:32,557 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1338331658] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 11:15:32,557 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 11:15:32,557 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-20 11:15:32,558 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1522785093] [2022-11-20 11:15:32,558 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 11:15:32,559 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-20 11:15:32,559 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 11:15:32,560 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-20 11:15:32,560 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-20 11:15:32,561 INFO L87 Difference]: Start difference. First operand 91 states and 117 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-20 11:15:32,587 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 11:15:32,588 INFO L93 Difference]: Finished difference Result 142 states and 182 transitions. [2022-11-20 11:15:32,588 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-20 11:15:32,589 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2022-11-20 11:15:32,589 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 11:15:32,590 INFO L225 Difference]: With dead ends: 142 [2022-11-20 11:15:32,591 INFO L226 Difference]: Without dead ends: 82 [2022-11-20 11:15:32,592 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-20 11:15:32,593 INFO L413 NwaCegarLoop]: 104 mSDtfsCounter, 17 mSDsluCounter, 82 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 186 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-20 11:15:32,594 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 186 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-20 11:15:32,595 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 82 states. [2022-11-20 11:15:32,605 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 82 to 82. [2022-11-20 11:15:32,606 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 82 states, 63 states have (on average 1.3174603174603174) internal successors, (83), 71 states have internal predecessors, (83), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 8 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-20 11:15:32,608 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 82 states to 82 states and 105 transitions. [2022-11-20 11:15:32,608 INFO L78 Accepts]: Start accepts. Automaton has 82 states and 105 transitions. Word has length 33 [2022-11-20 11:15:32,608 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 11:15:32,609 INFO L495 AbstractCegarLoop]: Abstraction has 82 states and 105 transitions. [2022-11-20 11:15:32,609 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-20 11:15:32,609 INFO L276 IsEmpty]: Start isEmpty. Operand 82 states and 105 transitions. [2022-11-20 11:15:32,611 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-11-20 11:15:32,611 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 11:15:32,611 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 11:15:32,612 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-20 11:15:32,612 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 11:15:32,612 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 11:15:32,613 INFO L85 PathProgramCache]: Analyzing trace with hash -1285533544, now seen corresponding path program 1 times [2022-11-20 11:15:32,613 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 11:15:32,613 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1730200079] [2022-11-20 11:15:32,614 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 11:15:32,614 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 11:15:32,655 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:32,822 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-20 11:15:32,825 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:32,829 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2022-11-20 11:15:32,831 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:32,834 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-20 11:15:32,834 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 11:15:32,835 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1730200079] [2022-11-20 11:15:32,835 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1730200079] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 11:15:32,835 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 11:15:32,835 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-20 11:15:32,836 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1967460619] [2022-11-20 11:15:32,836 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 11:15:32,836 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-20 11:15:32,837 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 11:15:32,837 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-20 11:15:32,838 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-20 11:15:32,838 INFO L87 Difference]: Start difference. First operand 82 states and 105 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-20 11:15:32,999 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 11:15:32,999 INFO L93 Difference]: Finished difference Result 203 states and 264 transitions. [2022-11-20 11:15:33,010 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-11-20 11:15:33,010 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2022-11-20 11:15:33,011 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 11:15:33,013 INFO L225 Difference]: With dead ends: 203 [2022-11-20 11:15:33,013 INFO L226 Difference]: Without dead ends: 129 [2022-11-20 11:15:33,014 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2022-11-20 11:15:33,016 INFO L413 NwaCegarLoop]: 118 mSDtfsCounter, 166 mSDsluCounter, 241 mSDsCounter, 0 mSdLazyCounter, 12 mSolverCounterSat, 21 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 166 SdHoareTripleChecker+Valid, 359 SdHoareTripleChecker+Invalid, 33 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 21 IncrementalHoareTripleChecker+Valid, 12 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-20 11:15:33,017 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [166 Valid, 359 Invalid, 33 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [21 Valid, 12 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-20 11:15:33,018 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 129 states. [2022-11-20 11:15:33,056 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 129 to 126. [2022-11-20 11:15:33,059 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 126 states, 96 states have (on average 1.3333333333333333) internal successors, (128), 107 states have internal predecessors, (128), 17 states have call successors, (17), 12 states have call predecessors, (17), 12 states have return successors, (18), 13 states have call predecessors, (18), 17 states have call successors, (18) [2022-11-20 11:15:33,064 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 126 states to 126 states and 163 transitions. [2022-11-20 11:15:33,075 INFO L78 Accepts]: Start accepts. Automaton has 126 states and 163 transitions. Word has length 38 [2022-11-20 11:15:33,076 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 11:15:33,076 INFO L495 AbstractCegarLoop]: Abstraction has 126 states and 163 transitions. [2022-11-20 11:15:33,077 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-20 11:15:33,077 INFO L276 IsEmpty]: Start isEmpty. Operand 126 states and 163 transitions. [2022-11-20 11:15:33,079 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2022-11-20 11:15:33,080 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 11:15:33,080 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 11:15:33,080 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-20 11:15:33,081 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 11:15:33,082 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 11:15:33,085 INFO L85 PathProgramCache]: Analyzing trace with hash -1848173569, now seen corresponding path program 1 times [2022-11-20 11:15:33,085 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 11:15:33,085 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [202062208] [2022-11-20 11:15:33,086 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 11:15:33,086 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 11:15:33,120 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:33,353 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2022-11-20 11:15:33,355 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:33,359 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 33 [2022-11-20 11:15:33,361 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:33,379 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-20 11:15:33,379 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 11:15:33,380 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [202062208] [2022-11-20 11:15:33,380 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [202062208] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 11:15:33,380 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 11:15:33,381 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-20 11:15:33,381 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [943442826] [2022-11-20 11:15:33,381 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 11:15:33,382 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-20 11:15:33,382 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 11:15:33,383 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-20 11:15:33,383 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-20 11:15:33,384 INFO L87 Difference]: Start difference. First operand 126 states and 163 transitions. Second operand has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-20 11:15:33,692 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 11:15:33,693 INFO L93 Difference]: Finished difference Result 292 states and 389 transitions. [2022-11-20 11:15:33,693 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-11-20 11:15:33,693 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 41 [2022-11-20 11:15:33,694 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 11:15:33,696 INFO L225 Difference]: With dead ends: 292 [2022-11-20 11:15:33,696 INFO L226 Difference]: Without dead ends: 174 [2022-11-20 11:15:33,698 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-11-20 11:15:33,700 INFO L413 NwaCegarLoop]: 116 mSDtfsCounter, 51 mSDsluCounter, 378 mSDsCounter, 0 mSdLazyCounter, 68 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 52 SdHoareTripleChecker+Valid, 494 SdHoareTripleChecker+Invalid, 78 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 68 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-20 11:15:33,700 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [52 Valid, 494 Invalid, 78 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 68 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-20 11:15:33,702 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 174 states. [2022-11-20 11:15:33,752 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 174 to 164. [2022-11-20 11:15:33,753 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 164 states, 125 states have (on average 1.272) internal successors, (159), 135 states have internal predecessors, (159), 21 states have call successors, (21), 17 states have call predecessors, (21), 17 states have return successors, (27), 20 states have call predecessors, (27), 21 states have call successors, (27) [2022-11-20 11:15:33,755 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 164 states to 164 states and 207 transitions. [2022-11-20 11:15:33,755 INFO L78 Accepts]: Start accepts. Automaton has 164 states and 207 transitions. Word has length 41 [2022-11-20 11:15:33,755 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 11:15:33,756 INFO L495 AbstractCegarLoop]: Abstraction has 164 states and 207 transitions. [2022-11-20 11:15:33,756 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.0) internal successors, (36), 5 states have internal predecessors, (36), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-20 11:15:33,756 INFO L276 IsEmpty]: Start isEmpty. Operand 164 states and 207 transitions. [2022-11-20 11:15:33,768 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2022-11-20 11:15:33,768 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 11:15:33,768 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 11:15:33,769 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-20 11:15:33,769 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 11:15:33,770 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 11:15:33,770 INFO L85 PathProgramCache]: Analyzing trace with hash -1678713476, now seen corresponding path program 1 times [2022-11-20 11:15:33,770 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 11:15:33,770 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [50491781] [2022-11-20 11:15:33,771 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 11:15:33,771 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 11:15:33,820 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:33,896 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-20 11:15:33,898 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:33,903 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-20 11:15:33,910 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:33,968 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2022-11-20 11:15:33,971 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:33,977 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-20 11:15:33,978 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 11:15:33,984 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [50491781] [2022-11-20 11:15:33,985 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [50491781] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 11:15:33,985 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 11:15:33,985 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-20 11:15:33,985 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [906724774] [2022-11-20 11:15:33,987 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 11:15:33,988 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-20 11:15:33,989 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 11:15:33,989 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-20 11:15:33,990 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-20 11:15:33,991 INFO L87 Difference]: Start difference. First operand 164 states and 207 transitions. Second operand has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-20 11:15:34,231 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 11:15:34,232 INFO L93 Difference]: Finished difference Result 351 states and 450 transitions. [2022-11-20 11:15:34,232 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-20 11:15:34,233 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 52 [2022-11-20 11:15:34,235 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 11:15:34,244 INFO L225 Difference]: With dead ends: 351 [2022-11-20 11:15:34,244 INFO L226 Difference]: Without dead ends: 195 [2022-11-20 11:15:34,247 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=32, Invalid=58, Unknown=0, NotChecked=0, Total=90 [2022-11-20 11:15:34,250 INFO L413 NwaCegarLoop]: 92 mSDtfsCounter, 66 mSDsluCounter, 303 mSDsCounter, 0 mSdLazyCounter, 124 mSolverCounterSat, 21 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 69 SdHoareTripleChecker+Valid, 395 SdHoareTripleChecker+Invalid, 145 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 21 IncrementalHoareTripleChecker+Valid, 124 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-20 11:15:34,256 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [69 Valid, 395 Invalid, 145 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [21 Valid, 124 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-20 11:15:34,258 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 195 states. [2022-11-20 11:15:34,305 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 195 to 190. [2022-11-20 11:15:34,306 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 190 states, 146 states have (on average 1.2602739726027397) internal successors, (184), 156 states have internal predecessors, (184), 23 states have call successors, (23), 17 states have call predecessors, (23), 20 states have return successors, (32), 24 states have call predecessors, (32), 23 states have call successors, (32) [2022-11-20 11:15:34,308 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 190 states to 190 states and 239 transitions. [2022-11-20 11:15:34,309 INFO L78 Accepts]: Start accepts. Automaton has 190 states and 239 transitions. Word has length 52 [2022-11-20 11:15:34,309 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 11:15:34,310 INFO L495 AbstractCegarLoop]: Abstraction has 190 states and 239 transitions. [2022-11-20 11:15:34,310 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-20 11:15:34,310 INFO L276 IsEmpty]: Start isEmpty. Operand 190 states and 239 transitions. [2022-11-20 11:15:34,316 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2022-11-20 11:15:34,316 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 11:15:34,316 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 11:15:34,317 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-20 11:15:34,318 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 11:15:34,319 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 11:15:34,319 INFO L85 PathProgramCache]: Analyzing trace with hash -1278940123, now seen corresponding path program 1 times [2022-11-20 11:15:34,319 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 11:15:34,320 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1058838993] [2022-11-20 11:15:34,320 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 11:15:34,320 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 11:15:34,351 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:34,392 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2022-11-20 11:15:34,396 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:34,403 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2022-11-20 11:15:34,406 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:34,416 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2022-11-20 11:15:34,418 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:34,423 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-20 11:15:34,423 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 11:15:34,424 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1058838993] [2022-11-20 11:15:34,424 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1058838993] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 11:15:34,424 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 11:15:34,425 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-20 11:15:34,425 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [705236876] [2022-11-20 11:15:34,425 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 11:15:34,426 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-20 11:15:34,427 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 11:15:34,427 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-20 11:15:34,428 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-20 11:15:34,429 INFO L87 Difference]: Start difference. First operand 190 states and 239 transitions. Second operand has 4 states, 4 states have (on average 11.5) internal successors, (46), 3 states have internal predecessors, (46), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-20 11:15:34,615 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 11:15:34,615 INFO L93 Difference]: Finished difference Result 376 states and 473 transitions. [2022-11-20 11:15:34,615 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-20 11:15:34,616 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 11.5) internal successors, (46), 3 states have internal predecessors, (46), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 55 [2022-11-20 11:15:34,616 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 11:15:34,618 INFO L225 Difference]: With dead ends: 376 [2022-11-20 11:15:34,618 INFO L226 Difference]: Without dead ends: 194 [2022-11-20 11:15:34,619 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-20 11:15:34,621 INFO L413 NwaCegarLoop]: 119 mSDtfsCounter, 93 mSDsluCounter, 148 mSDsCounter, 0 mSdLazyCounter, 77 mSolverCounterSat, 19 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 100 SdHoareTripleChecker+Valid, 267 SdHoareTripleChecker+Invalid, 96 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 19 IncrementalHoareTripleChecker+Valid, 77 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-20 11:15:34,622 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [100 Valid, 267 Invalid, 96 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [19 Valid, 77 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-20 11:15:34,623 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 194 states. [2022-11-20 11:15:34,643 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 194 to 190. [2022-11-20 11:15:34,644 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 190 states, 146 states have (on average 1.2534246575342465) internal successors, (183), 156 states have internal predecessors, (183), 23 states have call successors, (23), 17 states have call predecessors, (23), 20 states have return successors, (30), 24 states have call predecessors, (30), 23 states have call successors, (30) [2022-11-20 11:15:34,645 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 190 states to 190 states and 236 transitions. [2022-11-20 11:15:34,646 INFO L78 Accepts]: Start accepts. Automaton has 190 states and 236 transitions. Word has length 55 [2022-11-20 11:15:34,646 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 11:15:34,646 INFO L495 AbstractCegarLoop]: Abstraction has 190 states and 236 transitions. [2022-11-20 11:15:34,647 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 11.5) internal successors, (46), 3 states have internal predecessors, (46), 2 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-20 11:15:34,647 INFO L276 IsEmpty]: Start isEmpty. Operand 190 states and 236 transitions. [2022-11-20 11:15:34,648 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2022-11-20 11:15:34,648 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 11:15:34,648 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 11:15:34,648 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-20 11:15:34,649 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 11:15:34,649 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 11:15:34,649 INFO L85 PathProgramCache]: Analyzing trace with hash 927310078, now seen corresponding path program 1 times [2022-11-20 11:15:34,650 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 11:15:34,650 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [59497130] [2022-11-20 11:15:34,650 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 11:15:34,650 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 11:15:34,664 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:34,716 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-20 11:15:34,718 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:34,764 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-20 11:15:34,767 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:34,795 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2022-11-20 11:15:34,797 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:34,799 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-20 11:15:34,799 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 11:15:34,799 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [59497130] [2022-11-20 11:15:34,800 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [59497130] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 11:15:34,800 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 11:15:34,800 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-20 11:15:34,801 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1557718878] [2022-11-20 11:15:34,801 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 11:15:34,801 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-20 11:15:34,802 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 11:15:34,802 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-20 11:15:34,802 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-20 11:15:34,803 INFO L87 Difference]: Start difference. First operand 190 states and 236 transitions. Second operand has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-20 11:15:34,990 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 11:15:34,990 INFO L93 Difference]: Finished difference Result 382 states and 484 transitions. [2022-11-20 11:15:34,990 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-20 11:15:34,991 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 52 [2022-11-20 11:15:34,991 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 11:15:34,993 INFO L225 Difference]: With dead ends: 382 [2022-11-20 11:15:34,993 INFO L226 Difference]: Without dead ends: 200 [2022-11-20 11:15:34,994 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-11-20 11:15:34,995 INFO L413 NwaCegarLoop]: 92 mSDtfsCounter, 70 mSDsluCounter, 216 mSDsCounter, 0 mSdLazyCounter, 92 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 74 SdHoareTripleChecker+Valid, 308 SdHoareTripleChecker+Invalid, 110 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 92 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-20 11:15:34,996 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [74 Valid, 308 Invalid, 110 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 92 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-20 11:15:34,997 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 200 states. [2022-11-20 11:15:35,018 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 200 to 192. [2022-11-20 11:15:35,019 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 192 states, 148 states have (on average 1.25) internal successors, (185), 158 states have internal predecessors, (185), 23 states have call successors, (23), 17 states have call predecessors, (23), 20 states have return successors, (30), 24 states have call predecessors, (30), 23 states have call successors, (30) [2022-11-20 11:15:35,021 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 192 states to 192 states and 238 transitions. [2022-11-20 11:15:35,021 INFO L78 Accepts]: Start accepts. Automaton has 192 states and 238 transitions. Word has length 52 [2022-11-20 11:15:35,022 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 11:15:35,022 INFO L495 AbstractCegarLoop]: Abstraction has 192 states and 238 transitions. [2022-11-20 11:15:35,022 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-20 11:15:35,022 INFO L276 IsEmpty]: Start isEmpty. Operand 192 states and 238 transitions. [2022-11-20 11:15:35,023 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2022-11-20 11:15:35,023 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 11:15:35,023 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 11:15:35,024 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-20 11:15:35,024 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 11:15:35,024 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 11:15:35,025 INFO L85 PathProgramCache]: Analyzing trace with hash 1350011904, now seen corresponding path program 1 times [2022-11-20 11:15:35,025 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 11:15:35,025 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2116741059] [2022-11-20 11:15:35,025 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 11:15:35,025 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 11:15:35,038 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:35,107 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-20 11:15:35,109 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:35,117 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-20 11:15:35,120 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:35,136 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2022-11-20 11:15:35,137 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:35,139 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-20 11:15:35,139 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 11:15:35,139 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2116741059] [2022-11-20 11:15:35,139 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2116741059] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 11:15:35,139 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 11:15:35,139 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-20 11:15:35,140 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [60057680] [2022-11-20 11:15:35,140 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 11:15:35,140 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-20 11:15:35,140 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 11:15:35,141 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-20 11:15:35,141 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-20 11:15:35,141 INFO L87 Difference]: Start difference. First operand 192 states and 238 transitions. Second operand has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-20 11:15:35,496 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 11:15:35,496 INFO L93 Difference]: Finished difference Result 589 states and 754 transitions. [2022-11-20 11:15:35,496 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-20 11:15:35,497 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 52 [2022-11-20 11:15:35,497 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 11:15:35,500 INFO L225 Difference]: With dead ends: 589 [2022-11-20 11:15:35,500 INFO L226 Difference]: Without dead ends: 405 [2022-11-20 11:15:35,502 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2022-11-20 11:15:35,502 INFO L413 NwaCegarLoop]: 143 mSDtfsCounter, 225 mSDsluCounter, 193 mSDsCounter, 0 mSdLazyCounter, 163 mSolverCounterSat, 65 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 232 SdHoareTripleChecker+Valid, 336 SdHoareTripleChecker+Invalid, 228 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 65 IncrementalHoareTripleChecker+Valid, 163 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-20 11:15:35,503 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [232 Valid, 336 Invalid, 228 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [65 Valid, 163 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-20 11:15:35,504 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 405 states. [2022-11-20 11:15:35,559 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 405 to 403. [2022-11-20 11:15:35,561 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 403 states, 308 states have (on average 1.2207792207792207) internal successors, (376), 326 states have internal predecessors, (376), 52 states have call successors, (52), 42 states have call predecessors, (52), 42 states have return successors, (72), 51 states have call predecessors, (72), 52 states have call successors, (72) [2022-11-20 11:15:35,566 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 403 states to 403 states and 500 transitions. [2022-11-20 11:15:35,567 INFO L78 Accepts]: Start accepts. Automaton has 403 states and 500 transitions. Word has length 52 [2022-11-20 11:15:35,567 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 11:15:35,567 INFO L495 AbstractCegarLoop]: Abstraction has 403 states and 500 transitions. [2022-11-20 11:15:35,567 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-20 11:15:35,568 INFO L276 IsEmpty]: Start isEmpty. Operand 403 states and 500 transitions. [2022-11-20 11:15:35,570 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2022-11-20 11:15:35,570 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 11:15:35,571 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 11:15:35,571 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-11-20 11:15:35,571 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 11:15:35,572 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 11:15:35,573 INFO L85 PathProgramCache]: Analyzing trace with hash 338031322, now seen corresponding path program 1 times [2022-11-20 11:15:35,573 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 11:15:35,573 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1409724979] [2022-11-20 11:15:35,573 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 11:15:35,574 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 11:15:35,597 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:35,848 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-20 11:15:35,851 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:35,916 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-11-20 11:15:35,918 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:35,932 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2022-11-20 11:15:35,936 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:35,960 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2022-11-20 11:15:35,961 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:35,964 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-20 11:15:35,964 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 11:15:35,964 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1409724979] [2022-11-20 11:15:35,965 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1409724979] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 11:15:35,965 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 11:15:35,965 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2022-11-20 11:15:35,965 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [906703842] [2022-11-20 11:15:35,966 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 11:15:35,966 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-11-20 11:15:35,966 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 11:15:35,967 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-11-20 11:15:35,967 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=72, Unknown=0, NotChecked=0, Total=90 [2022-11-20 11:15:35,968 INFO L87 Difference]: Start difference. First operand 403 states and 500 transitions. Second operand has 10 states, 10 states have (on average 4.5) internal successors, (45), 8 states have internal predecessors, (45), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-20 11:15:37,411 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 11:15:37,411 INFO L93 Difference]: Finished difference Result 1232 states and 1584 transitions. [2022-11-20 11:15:37,413 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 33 states. [2022-11-20 11:15:37,413 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.5) internal successors, (45), 8 states have internal predecessors, (45), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) Word has length 56 [2022-11-20 11:15:37,415 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 11:15:37,422 INFO L225 Difference]: With dead ends: 1232 [2022-11-20 11:15:37,422 INFO L226 Difference]: Without dead ends: 925 [2022-11-20 11:15:37,425 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 44 GetRequests, 10 SyntacticMatches, 1 SemanticMatches, 33 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 293 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=221, Invalid=969, Unknown=0, NotChecked=0, Total=1190 [2022-11-20 11:15:37,431 INFO L413 NwaCegarLoop]: 146 mSDtfsCounter, 566 mSDsluCounter, 763 mSDsCounter, 0 mSdLazyCounter, 833 mSolverCounterSat, 191 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 576 SdHoareTripleChecker+Valid, 909 SdHoareTripleChecker+Invalid, 1024 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 191 IncrementalHoareTripleChecker+Valid, 833 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.9s IncrementalHoareTripleChecker+Time [2022-11-20 11:15:37,431 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [576 Valid, 909 Invalid, 1024 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [191 Valid, 833 Invalid, 0 Unknown, 0 Unchecked, 0.9s Time] [2022-11-20 11:15:37,435 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 925 states. [2022-11-20 11:15:37,575 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 925 to 747. [2022-11-20 11:15:37,577 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 747 states, 571 states have (on average 1.2189141856392294) internal successors, (696), 608 states have internal predecessors, (696), 95 states have call successors, (95), 72 states have call predecessors, (95), 80 states have return successors, (135), 94 states have call predecessors, (135), 95 states have call successors, (135) [2022-11-20 11:15:37,584 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 747 states to 747 states and 926 transitions. [2022-11-20 11:15:37,585 INFO L78 Accepts]: Start accepts. Automaton has 747 states and 926 transitions. Word has length 56 [2022-11-20 11:15:37,585 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 11:15:37,585 INFO L495 AbstractCegarLoop]: Abstraction has 747 states and 926 transitions. [2022-11-20 11:15:37,586 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 4.5) internal successors, (45), 8 states have internal predecessors, (45), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-20 11:15:37,586 INFO L276 IsEmpty]: Start isEmpty. Operand 747 states and 926 transitions. [2022-11-20 11:15:37,587 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 99 [2022-11-20 11:15:37,588 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 11:15:37,588 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 11:15:37,588 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2022-11-20 11:15:37,588 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 11:15:37,589 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 11:15:37,589 INFO L85 PathProgramCache]: Analyzing trace with hash 836408910, now seen corresponding path program 1 times [2022-11-20 11:15:37,589 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 11:15:37,589 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1345493422] [2022-11-20 11:15:37,589 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 11:15:37,590 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 11:15:37,633 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:37,828 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-20 11:15:37,830 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:37,847 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2022-11-20 11:15:37,853 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:37,880 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-20 11:15:37,881 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:37,893 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2022-11-20 11:15:37,896 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:37,911 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 62 [2022-11-20 11:15:37,912 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:37,930 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 78 [2022-11-20 11:15:37,932 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:37,934 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-11-20 11:15:37,935 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:37,936 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 90 [2022-11-20 11:15:37,938 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:37,940 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 18 proven. 9 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2022-11-20 11:15:37,941 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 11:15:37,941 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1345493422] [2022-11-20 11:15:37,941 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1345493422] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-20 11:15:37,941 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1805094531] [2022-11-20 11:15:37,941 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 11:15:37,942 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-20 11:15:37,942 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/bin/uautomizer-ug76WZFUDN/z3 [2022-11-20 11:15:37,946 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/bin/uautomizer-ug76WZFUDN/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-20 11:15:37,960 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/bin/uautomizer-ug76WZFUDN/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-20 11:15:38,115 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:38,120 INFO L263 TraceCheckSpWp]: Trace formula consists of 339 conjuncts, 8 conjunts are in the unsatisfiable core [2022-11-20 11:15:38,133 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-20 11:15:38,439 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 25 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-20 11:15:38,439 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-20 11:15:38,777 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 19 proven. 8 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2022-11-20 11:15:38,777 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1805094531] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-20 11:15:38,777 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-20 11:15:38,777 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 6, 6] total 16 [2022-11-20 11:15:38,778 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [487779719] [2022-11-20 11:15:38,778 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-20 11:15:38,779 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 16 states [2022-11-20 11:15:38,779 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 11:15:38,780 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 16 interpolants. [2022-11-20 11:15:38,780 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=38, Invalid=202, Unknown=0, NotChecked=0, Total=240 [2022-11-20 11:15:38,780 INFO L87 Difference]: Start difference. First operand 747 states and 926 transitions. Second operand has 16 states, 16 states have (on average 7.6875) internal successors, (123), 11 states have internal predecessors, (123), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) [2022-11-20 11:15:40,752 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 11:15:40,752 INFO L93 Difference]: Finished difference Result 1737 states and 2233 transitions. [2022-11-20 11:15:40,753 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 41 states. [2022-11-20 11:15:40,753 INFO L78 Accepts]: Start accepts. Automaton has has 16 states, 16 states have (on average 7.6875) internal successors, (123), 11 states have internal predecessors, (123), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) Word has length 98 [2022-11-20 11:15:40,754 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 11:15:40,761 INFO L225 Difference]: With dead ends: 1737 [2022-11-20 11:15:40,761 INFO L226 Difference]: Without dead ends: 1082 [2022-11-20 11:15:40,765 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 272 GetRequests, 219 SyntacticMatches, 4 SemanticMatches, 49 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 683 ImplicationChecksByTransitivity, 0.8s TimeCoverageRelationStatistics Valid=429, Invalid=2121, Unknown=0, NotChecked=0, Total=2550 [2022-11-20 11:15:40,766 INFO L413 NwaCegarLoop]: 199 mSDtfsCounter, 540 mSDsluCounter, 1488 mSDsCounter, 0 mSdLazyCounter, 1298 mSolverCounterSat, 251 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 541 SdHoareTripleChecker+Valid, 1687 SdHoareTripleChecker+Invalid, 1549 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 251 IncrementalHoareTripleChecker+Valid, 1298 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.0s IncrementalHoareTripleChecker+Time [2022-11-20 11:15:40,768 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [541 Valid, 1687 Invalid, 1549 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [251 Valid, 1298 Invalid, 0 Unknown, 0 Unchecked, 1.0s Time] [2022-11-20 11:15:40,770 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1082 states. [2022-11-20 11:15:40,897 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1082 to 844. [2022-11-20 11:15:40,899 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 844 states, 636 states have (on average 1.1965408805031446) internal successors, (761), 685 states have internal predecessors, (761), 112 states have call successors, (112), 93 states have call predecessors, (112), 95 states have return successors, (138), 100 states have call predecessors, (138), 112 states have call successors, (138) [2022-11-20 11:15:40,905 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 844 states to 844 states and 1011 transitions. [2022-11-20 11:15:40,907 INFO L78 Accepts]: Start accepts. Automaton has 844 states and 1011 transitions. Word has length 98 [2022-11-20 11:15:40,908 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 11:15:40,909 INFO L495 AbstractCegarLoop]: Abstraction has 844 states and 1011 transitions. [2022-11-20 11:15:40,909 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 16 states, 16 states have (on average 7.6875) internal successors, (123), 11 states have internal predecessors, (123), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) [2022-11-20 11:15:40,909 INFO L276 IsEmpty]: Start isEmpty. Operand 844 states and 1011 transitions. [2022-11-20 11:15:40,922 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 176 [2022-11-20 11:15:40,923 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 11:15:40,923 INFO L195 NwaCegarLoop]: trace histogram [5, 5, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 11:15:40,939 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/bin/uautomizer-ug76WZFUDN/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-20 11:15:41,130 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/bin/uautomizer-ug76WZFUDN/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-20 11:15:41,131 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 11:15:41,132 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 11:15:41,132 INFO L85 PathProgramCache]: Analyzing trace with hash 305502577, now seen corresponding path program 1 times [2022-11-20 11:15:41,132 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 11:15:41,132 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1545635081] [2022-11-20 11:15:41,133 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 11:15:41,133 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 11:15:41,171 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:41,300 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-20 11:15:41,301 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:41,313 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2022-11-20 11:15:41,316 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:41,321 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-20 11:15:41,325 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:41,331 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2022-11-20 11:15:41,333 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:41,336 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 60 [2022-11-20 11:15:41,341 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:41,359 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-20 11:15:41,361 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:41,364 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-11-20 11:15:41,366 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:41,368 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-11-20 11:15:41,372 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:41,374 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 102 [2022-11-20 11:15:41,379 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:41,432 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-20 11:15:41,433 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:41,435 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-11-20 11:15:41,436 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:41,439 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 142 [2022-11-20 11:15:41,441 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:41,442 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 151 [2022-11-20 11:15:41,444 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:41,448 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 167 [2022-11-20 11:15:41,449 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:41,451 INFO L134 CoverageAnalysis]: Checked inductivity of 192 backedges. 77 proven. 0 refuted. 0 times theorem prover too weak. 115 trivial. 0 not checked. [2022-11-20 11:15:41,451 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 11:15:41,452 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1545635081] [2022-11-20 11:15:41,452 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1545635081] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 11:15:41,452 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 11:15:41,452 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-11-20 11:15:41,453 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1439046570] [2022-11-20 11:15:41,453 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 11:15:41,453 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-20 11:15:41,454 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 11:15:41,454 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-20 11:15:41,455 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2022-11-20 11:15:41,455 INFO L87 Difference]: Start difference. First operand 844 states and 1011 transitions. Second operand has 8 states, 8 states have (on average 10.875) internal successors, (87), 5 states have internal predecessors, (87), 2 states have call successors, (11), 5 states have call predecessors, (11), 2 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) [2022-11-20 11:15:42,044 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 11:15:42,045 INFO L93 Difference]: Finished difference Result 1641 states and 1985 transitions. [2022-11-20 11:15:42,045 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 14 states. [2022-11-20 11:15:42,046 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 10.875) internal successors, (87), 5 states have internal predecessors, (87), 2 states have call successors, (11), 5 states have call predecessors, (11), 2 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) Word has length 175 [2022-11-20 11:15:42,046 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 11:15:42,053 INFO L225 Difference]: With dead ends: 1641 [2022-11-20 11:15:42,053 INFO L226 Difference]: Without dead ends: 889 [2022-11-20 11:15:42,057 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 48 GetRequests, 33 SyntacticMatches, 0 SemanticMatches, 15 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 30 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=82, Invalid=190, Unknown=0, NotChecked=0, Total=272 [2022-11-20 11:15:42,058 INFO L413 NwaCegarLoop]: 98 mSDtfsCounter, 194 mSDsluCounter, 369 mSDsCounter, 0 mSdLazyCounter, 300 mSolverCounterSat, 63 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 198 SdHoareTripleChecker+Valid, 467 SdHoareTripleChecker+Invalid, 363 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 63 IncrementalHoareTripleChecker+Valid, 300 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-20 11:15:42,059 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [198 Valid, 467 Invalid, 363 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [63 Valid, 300 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-20 11:15:42,061 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 889 states. [2022-11-20 11:15:42,163 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 889 to 853. [2022-11-20 11:15:42,165 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 853 states, 645 states have (on average 1.193798449612403) internal successors, (770), 694 states have internal predecessors, (770), 112 states have call successors, (112), 93 states have call predecessors, (112), 95 states have return successors, (138), 100 states have call predecessors, (138), 112 states have call successors, (138) [2022-11-20 11:15:42,170 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 853 states to 853 states and 1020 transitions. [2022-11-20 11:15:42,171 INFO L78 Accepts]: Start accepts. Automaton has 853 states and 1020 transitions. Word has length 175 [2022-11-20 11:15:42,171 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 11:15:42,172 INFO L495 AbstractCegarLoop]: Abstraction has 853 states and 1020 transitions. [2022-11-20 11:15:42,172 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 10.875) internal successors, (87), 5 states have internal predecessors, (87), 2 states have call successors, (11), 5 states have call predecessors, (11), 2 states have return successors, (11), 2 states have call predecessors, (11), 2 states have call successors, (11) [2022-11-20 11:15:42,172 INFO L276 IsEmpty]: Start isEmpty. Operand 853 states and 1020 transitions. [2022-11-20 11:15:42,177 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 180 [2022-11-20 11:15:42,178 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 11:15:42,178 INFO L195 NwaCegarLoop]: trace histogram [5, 5, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 11:15:42,178 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2022-11-20 11:15:42,179 INFO L420 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 11:15:42,179 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 11:15:42,179 INFO L85 PathProgramCache]: Analyzing trace with hash 904906191, now seen corresponding path program 1 times [2022-11-20 11:15:42,179 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 11:15:42,180 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [270465069] [2022-11-20 11:15:42,180 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 11:15:42,180 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 11:15:42,215 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:42,414 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-20 11:15:42,416 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:42,428 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2022-11-20 11:15:42,431 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:42,435 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-20 11:15:42,436 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:42,445 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2022-11-20 11:15:42,447 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:42,450 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 60 [2022-11-20 11:15:42,454 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:42,461 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-20 11:15:42,462 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:42,464 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-11-20 11:15:42,465 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:42,470 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-11-20 11:15:42,472 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:42,475 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 102 [2022-11-20 11:15:42,481 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:42,596 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-20 11:15:42,597 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:42,600 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-11-20 11:15:42,601 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:42,602 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 135 [2022-11-20 11:15:42,604 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:42,621 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 146 [2022-11-20 11:15:42,623 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:42,625 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 155 [2022-11-20 11:15:42,628 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:42,633 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 171 [2022-11-20 11:15:42,634 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:42,636 INFO L134 CoverageAnalysis]: Checked inductivity of 196 backedges. 72 proven. 5 refuted. 0 times theorem prover too weak. 119 trivial. 0 not checked. [2022-11-20 11:15:42,636 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 11:15:42,637 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [270465069] [2022-11-20 11:15:42,637 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [270465069] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-20 11:15:42,637 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1058121255] [2022-11-20 11:15:42,637 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 11:15:42,637 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-20 11:15:42,638 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/bin/uautomizer-ug76WZFUDN/z3 [2022-11-20 11:15:42,639 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/bin/uautomizer-ug76WZFUDN/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-20 11:15:42,677 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/bin/uautomizer-ug76WZFUDN/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-20 11:15:42,839 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 11:15:42,857 INFO L263 TraceCheckSpWp]: Trace formula consists of 553 conjuncts, 13 conjunts are in the unsatisfiable core [2022-11-20 11:15:42,863 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-20 11:15:43,201 INFO L134 CoverageAnalysis]: Checked inductivity of 196 backedges. 144 proven. 4 refuted. 0 times theorem prover too weak. 48 trivial. 0 not checked. [2022-11-20 11:15:43,201 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-20 11:15:43,864 INFO L134 CoverageAnalysis]: Checked inductivity of 196 backedges. 82 proven. 44 refuted. 0 times theorem prover too weak. 70 trivial. 0 not checked. [2022-11-20 11:15:43,864 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1058121255] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-20 11:15:43,864 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-20 11:15:43,865 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 10, 11] total 25 [2022-11-20 11:15:43,865 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2131861069] [2022-11-20 11:15:43,865 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-20 11:15:43,866 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 25 states [2022-11-20 11:15:43,866 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 11:15:43,867 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 25 interpolants. [2022-11-20 11:15:43,867 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=119, Invalid=481, Unknown=0, NotChecked=0, Total=600 [2022-11-20 11:15:43,867 INFO L87 Difference]: Start difference. First operand 853 states and 1020 transitions. Second operand has 25 states, 25 states have (on average 8.88) internal successors, (222), 22 states have internal predecessors, (222), 9 states have call successors, (33), 9 states have call predecessors, (33), 10 states have return successors, (34), 8 states have call predecessors, (34), 9 states have call successors, (34) [2022-11-20 11:15:45,839 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 11:15:45,840 INFO L93 Difference]: Finished difference Result 1872 states and 2304 transitions. [2022-11-20 11:15:45,841 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 32 states. [2022-11-20 11:15:45,841 INFO L78 Accepts]: Start accepts. Automaton has has 25 states, 25 states have (on average 8.88) internal successors, (222), 22 states have internal predecessors, (222), 9 states have call successors, (33), 9 states have call predecessors, (33), 10 states have return successors, (34), 8 states have call predecessors, (34), 9 states have call successors, (34) Word has length 179 [2022-11-20 11:15:45,842 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 11:15:45,843 INFO L225 Difference]: With dead ends: 1872 [2022-11-20 11:15:45,843 INFO L226 Difference]: Without dead ends: 0 [2022-11-20 11:15:45,849 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 434 GetRequests, 379 SyntacticMatches, 5 SemanticMatches, 50 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 556 ImplicationChecksByTransitivity, 1.1s TimeCoverageRelationStatistics Valid=575, Invalid=2077, Unknown=0, NotChecked=0, Total=2652 [2022-11-20 11:15:45,849 INFO L413 NwaCegarLoop]: 117 mSDtfsCounter, 1154 mSDsluCounter, 955 mSDsCounter, 0 mSdLazyCounter, 1211 mSolverCounterSat, 411 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1160 SdHoareTripleChecker+Valid, 1072 SdHoareTripleChecker+Invalid, 1622 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 411 IncrementalHoareTripleChecker+Valid, 1211 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.1s IncrementalHoareTripleChecker+Time [2022-11-20 11:15:45,850 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1160 Valid, 1072 Invalid, 1622 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [411 Valid, 1211 Invalid, 0 Unknown, 0 Unchecked, 1.1s Time] [2022-11-20 11:15:45,850 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-20 11:15:45,851 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-20 11:15:45,851 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-20 11:15:45,851 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-20 11:15:45,852 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 179 [2022-11-20 11:15:45,852 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 11:15:45,852 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-20 11:15:45,853 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 25 states, 25 states have (on average 8.88) internal successors, (222), 22 states have internal predecessors, (222), 9 states have call successors, (33), 9 states have call predecessors, (33), 10 states have return successors, (34), 8 states have call predecessors, (34), 9 states have call successors, (34) [2022-11-20 11:15:45,853 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-20 11:15:45,853 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-20 11:15:45,856 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-20 11:15:45,869 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/bin/uautomizer-ug76WZFUDN/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-20 11:15:46,062 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/bin/uautomizer-ug76WZFUDN/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable11 [2022-11-20 11:15:46,065 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-20 11:15:58,982 INFO L895 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 860 867) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 (not (= 2 ~waterLevel~0)) .cse2) (or .cse0 .cse1 (not (<= ~waterLevel~0 2)) .cse2 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-20 11:15:58,983 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 860 867) no Hoare annotation was computed. [2022-11-20 11:15:58,983 INFO L899 garLoopResultBuilder]: For program point deactivatePumpFINAL(lines 860 867) no Hoare annotation was computed. [2022-11-20 11:15:58,983 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 793 799) no Hoare annotation was computed. [2022-11-20 11:15:58,983 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 793 799) the Hoare annotation is: true [2022-11-20 11:15:58,983 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 613 624) the Hoare annotation is: true [2022-11-20 11:15:58,983 INFO L899 garLoopResultBuilder]: For program point L617-1(lines 613 624) no Hoare annotation was computed. [2022-11-20 11:15:58,983 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 613 624) no Hoare annotation was computed. [2022-11-20 11:15:58,983 INFO L899 garLoopResultBuilder]: For program point L952(lines 952 956) no Hoare annotation was computed. [2022-11-20 11:15:58,984 INFO L899 garLoopResultBuilder]: For program point L952-2(lines 952 956) no Hoare annotation was computed. [2022-11-20 11:15:58,984 INFO L899 garLoopResultBuilder]: For program point L564(lines 564 574) no Hoare annotation was computed. [2022-11-20 11:15:58,984 INFO L899 garLoopResultBuilder]: For program point L593(lines 593 597) no Hoare annotation was computed. [2022-11-20 11:15:58,984 INFO L899 garLoopResultBuilder]: For program point L560(lines 560 577) no Hoare annotation was computed. [2022-11-20 11:15:58,985 INFO L895 garLoopResultBuilder]: At program point L593-2(lines 589 600) the Hoare annotation is: (let ((.cse1 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse2 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse0 (not (<= |old(~waterLevel~0)| 2))) (.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (and .cse1 (<= ~waterLevel~0 1) (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse2)) (.cse5 (= 0 ~systemActive~0)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0) (or (not (<= |old(~waterLevel~0)| 1)) (and .cse1 (= |old(~waterLevel~0)| ~waterLevel~0) .cse2) .cse3 .cse4 .cse5 .cse6) (or .cse3 (not (< 1 |old(~waterLevel~0)|)) (and .cse1 (= ~waterLevel~0 1) .cse2) .cse5 .cse0) (or (not (= |old(~waterLevel~0)| 1)) .cse3 .cse4 .cse5 .cse6)))) [2022-11-20 11:15:58,985 INFO L895 garLoopResultBuilder]: At program point L527(lines 522 529) the Hoare annotation is: (let ((.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse2 (= 0 ~systemActive~0)) (.cse0 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0) (or .cse1 (not (< 1 |old(~waterLevel~0)|)) .cse2 .cse0) (or .cse1 .cse2 .cse0 (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-11-20 11:15:58,986 INFO L895 garLoopResultBuilder]: At program point L560-1(lines 552 580) the Hoare annotation is: (let ((.cse7 (= 0 ~systemActive~0))) (let ((.cse9 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse10 (= |timeShift_processEnvironment_~tmp~7#1| 0)) (.cse1 (<= |timeShift_getWaterLevel_#res#1| ~waterLevel~0)) (.cse2 (= ~pumpRunning~0 0)) (.cse21 (<= ~waterLevel~0 1)) (.cse22 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse4 (<= |timeShift___utac_acc__Specification5_spec__3_~tmp~4#1| ~waterLevel~0)) (.cse5 (<= 1 ~switchedOnBeforeTS~0)) (.cse6 (not .cse7))) (let ((.cse8 (not (<= |old(~waterLevel~0)| 2))) (.cse18 (not (<= |old(~waterLevel~0)| 1))) (.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse11 (and .cse1 .cse2 .cse21 .cse22 .cse4 .cse5 .cse6)) (.cse12 (and .cse9 .cse1 .cse10 .cse21 .cse22 .cse4 .cse5)) (.cse19 (not (<= 2 |timeShift___utac_acc__Specification5_spec__3_~tmp~4#1|))) (.cse20 (< |timeShift_getWaterLevel_#res#1| 2)) (.cse13 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse17 (not (= |old(~pumpRunning~0)| 0))) (.cse14 (= 2 |timeShift_getWaterLevel_#res#1|)) (.cse15 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~4#1| 2)) (.cse16 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (let ((.cse3 (= ~waterLevel~0 1))) (or .cse0 (and .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (not (< 1 |old(~waterLevel~0)|)) .cse7 .cse8 (and .cse9 .cse1 .cse10 .cse3 .cse4 .cse5))) (or (not (= |old(~waterLevel~0)| 1)) .cse0 .cse11 .cse12 .cse7 .cse13) (or (and .cse2 .cse14 .cse15 .cse16 .cse6) .cse17 (and (<= 1 ~pumpRunning~0) .cse14 .cse15 .cse16) .cse7 .cse8 (not (<= 2 |old(~waterLevel~0)|))) (or .cse18 .cse17 (and .cse19 .cse9 .cse2 .cse20 .cse16)) (or .cse18 (and .cse19 .cse9 .cse10 .cse20 .cse16 .cse5) .cse0 .cse11 .cse12 (and .cse19 .cse2 .cse20 .cse16 .cse5 .cse6) .cse7 .cse13) (or .cse17 (and .cse9 .cse2 .cse14 .cse15 .cse16) (not (= |old(~waterLevel~0)| 2)) .cse6))))) [2022-11-20 11:15:58,986 INFO L895 garLoopResultBuilder]: At program point L841(line 841) the Hoare annotation is: (let ((.cse5 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse6 (= |timeShift_processEnvironment_~tmp~7#1| 0)) (.cse7 (<= 1 ~switchedOnBeforeTS~0)) (.cse3 (= 0 ~systemActive~0))) (let ((.cse2 (and (<= 1 ~pumpRunning~0) .cse5 .cse6 (<= ~waterLevel~0 1) (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse7 (not .cse3))) (.cse4 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse0 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0) (or (not (= |old(~waterLevel~0)| 1)) .cse1 .cse2 .cse3 .cse4) (or (not (<= |old(~waterLevel~0)| 1)) .cse1 (and .cse5 .cse6 (= |old(~waterLevel~0)| ~waterLevel~0) .cse7) .cse2 .cse3 .cse4) (or .cse1 (not (< 1 |old(~waterLevel~0)|)) (and .cse5 .cse6 (= ~waterLevel~0 1) .cse7) .cse3 .cse0)))) [2022-11-20 11:15:58,987 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 766 792) no Hoare annotation was computed. [2022-11-20 11:15:58,987 INFO L895 garLoopResultBuilder]: At program point L837(line 837) the Hoare annotation is: (let ((.cse1 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse2 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse0 (not (<= |old(~waterLevel~0)| 2))) (.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (and .cse1 (<= ~waterLevel~0 1) (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse2)) (.cse5 (= 0 ~systemActive~0)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0) (or (not (<= |old(~waterLevel~0)| 1)) (and .cse1 (= |old(~waterLevel~0)| ~waterLevel~0) .cse2) .cse3 .cse4 .cse5 .cse6) (or .cse3 (not (< 1 |old(~waterLevel~0)|)) (and .cse1 (= ~waterLevel~0 1) .cse2) .cse5 .cse0) (or (not (= |old(~waterLevel~0)| 1)) .cse3 .cse4 .cse5 .cse6)))) [2022-11-20 11:15:58,987 INFO L899 garLoopResultBuilder]: For program point L565(lines 565 571) no Hoare annotation was computed. [2022-11-20 11:15:58,988 INFO L895 garLoopResultBuilder]: At program point L846(line 846) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse4 (= ~pumpRunning~0 0)) (.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse2 (= 0 ~systemActive~0)) (.cse1 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (not .cse2)) (or .cse3 (not (< 1 |old(~waterLevel~0)|)) .cse2 .cse1) (or .cse0 .cse1 (and .cse4 (<= 2 ~waterLevel~0) (<= ~waterLevel~0 2)) (not (<= 2 |old(~waterLevel~0)|))) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 (and .cse4 (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse3 .cse2 .cse1 (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-11-20 11:15:58,988 INFO L895 garLoopResultBuilder]: At program point L685(lines 680 688) the Hoare annotation is: (let ((.cse1 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse2 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse0 (not (<= |old(~waterLevel~0)| 2))) (.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (and .cse1 (<= ~waterLevel~0 1) (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse2)) (.cse5 (= 0 ~systemActive~0)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0) (or (not (<= |old(~waterLevel~0)| 1)) (and .cse1 (= |old(~waterLevel~0)| ~waterLevel~0) .cse2) .cse3 .cse4 .cse5 .cse6) (or .cse3 (not (< 1 |old(~waterLevel~0)|)) (and .cse1 (= ~waterLevel~0 1) .cse2) .cse5 .cse0) (or (not (= |old(~waterLevel~0)| 1)) .cse3 .cse4 .cse5 .cse6)))) [2022-11-20 11:15:58,989 INFO L895 garLoopResultBuilder]: At program point L846-1(lines 827 851) the Hoare annotation is: (let ((.cse6 (= 0 ~systemActive~0))) (let ((.cse9 (<= 1 ~pumpRunning~0)) (.cse12 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse13 (= |timeShift_processEnvironment_~tmp~7#1| 0)) (.cse17 (<= ~waterLevel~0 1)) (.cse18 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse14 (<= 1 ~switchedOnBeforeTS~0)) (.cse2 (not .cse6)) (.cse15 (= ~pumpRunning~0 0)) (.cse10 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse5 (not (= |old(~waterLevel~0)| 2))) (.cse1 (not (<= |old(~waterLevel~0)| 2))) (.cse11 (not (<= |old(~waterLevel~0)| 1))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse8 (and .cse15 .cse10)) (.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (and .cse9 .cse12 .cse13 .cse17 .cse18 .cse14 .cse2)) (.cse7 (and .cse15 .cse17 .cse18 .cse14)) (.cse16 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))) (and (or .cse0 .cse1 .cse2) (or .cse3 .cse4 .cse5 .cse6 .cse7) (or .cse0 .cse8 (and .cse9 .cse10) .cse5) (or .cse3 (not (< 1 |old(~waterLevel~0)|)) .cse6 (= ~waterLevel~0 1) .cse1) (or .cse11 .cse3 (and .cse12 .cse13 .cse10 .cse14) .cse4 (and .cse15 .cse10 .cse14) .cse6 .cse7 .cse16) (or .cse11 .cse0 .cse8) (or (not (= |old(~waterLevel~0)| 1)) .cse3 .cse4 .cse6 .cse7 .cse16))))) [2022-11-20 11:15:58,989 INFO L899 garLoopResultBuilder]: For program point L780-1(lines 780 786) no Hoare annotation was computed. [2022-11-20 11:15:58,990 INFO L895 garLoopResultBuilder]: At program point L549(lines 542 551) the Hoare annotation is: (let ((.cse3 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse0 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse3 (<= 1 ~switchedOnBeforeTS~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse2 (= 0 ~systemActive~0))) (and (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) .cse3) (not (<= |old(~waterLevel~0)| 2))) (or .cse0 .cse1 (not (= |old(~waterLevel~0)| 2)) .cse2)))) [2022-11-20 11:15:58,990 INFO L895 garLoopResultBuilder]: At program point L958(lines 943 961) the Hoare annotation is: (let ((.cse1 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse2 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse0 (not (<= |old(~waterLevel~0)| 2))) (.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (and .cse1 (<= ~waterLevel~0 1) (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse2)) (.cse5 (= 0 ~systemActive~0)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0) (or (not (<= |old(~waterLevel~0)| 1)) (and .cse1 (= |old(~waterLevel~0)| ~waterLevel~0) .cse2) .cse3 .cse4 .cse5 .cse6) (or .cse3 (not (< 1 |old(~waterLevel~0)|)) (and .cse1 (= ~waterLevel~0 1) .cse2) .cse5 .cse0) (or (not (= |old(~waterLevel~0)| 1)) .cse3 .cse4 .cse5 .cse6)))) [2022-11-20 11:15:58,991 INFO L895 garLoopResultBuilder]: At program point L562(line 562) the Hoare annotation is: (let ((.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse5 (= |timeShift_processEnvironment_~tmp~7#1| 0)) (.cse4 (<= |timeShift_getWaterLevel_#res#1| ~waterLevel~0)) (.cse9 (= ~pumpRunning~0 0)) (.cse18 (<= ~waterLevel~0 1)) (.cse19 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse7 (<= |timeShift___utac_acc__Specification5_spec__3_~tmp~4#1| ~waterLevel~0)) (.cse8 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse10 (not (<= |old(~waterLevel~0)| 1))) (.cse12 (< |timeShift_getWaterLevel_#res#1| 2)) (.cse13 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse11 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not (<= |old(~waterLevel~0)| 2))) (.cse15 (and .cse4 .cse9 .cse18 .cse19 .cse7 .cse8)) (.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse16 (and .cse3 .cse4 .cse5 .cse18 .cse19 .cse7 .cse8)) (.cse1 (= 0 ~systemActive~0)) (.cse17 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))) (and (let ((.cse6 (= ~waterLevel~0 1))) (or .cse0 (not (< 1 |old(~waterLevel~0)|)) .cse1 .cse2 (and .cse3 .cse4 .cse5 .cse6 .cse7 .cse8) (and .cse4 .cse9 .cse6 .cse7 .cse8))) (or .cse10 .cse11 (and .cse9 .cse12 .cse13 (< |timeShift___utac_acc__Specification5_spec__3_~tmp~4#1| 2))) (let ((.cse14 (not (<= 2 |timeShift___utac_acc__Specification5_spec__3_~tmp~4#1|)))) (or (and .cse14 .cse9 .cse12 .cse13 .cse8) .cse10 .cse15 (and .cse14 .cse3 .cse5 .cse12 .cse13 .cse8) .cse0 .cse16 .cse1 .cse17)) (or .cse11 .cse2 (not (<= 2 |old(~waterLevel~0)|))) (or .cse15 (not (= |old(~waterLevel~0)| 1)) .cse0 .cse16 .cse1 .cse17)))) [2022-11-20 11:15:58,991 INFO L899 garLoopResultBuilder]: For program point L562-1(line 562) no Hoare annotation was computed. [2022-11-20 11:15:58,991 INFO L899 garLoopResultBuilder]: For program point L773(lines 773 779) no Hoare annotation was computed. [2022-11-20 11:15:58,991 INFO L899 garLoopResultBuilder]: For program point L773-2(lines 769 791) no Hoare annotation was computed. [2022-11-20 11:15:58,991 INFO L899 garLoopResultBuilder]: For program point L835(lines 835 843) no Hoare annotation was computed. [2022-11-20 11:15:58,992 INFO L899 garLoopResultBuilder]: For program point L831(lines 831 848) no Hoare annotation was computed. [2022-11-20 11:15:58,992 INFO L895 garLoopResultBuilder]: At program point L662(lines 657 665) the Hoare annotation is: (let ((.cse5 (<= 1 ~pumpRunning~0)) (.cse12 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse13 (<= |timeShift_getWaterLevel_#res#1| ~waterLevel~0)) (.cse14 (= |timeShift_processEnvironment_~tmp~7#1| 0)) (.cse3 (<= ~waterLevel~0 1)) (.cse20 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse16 (<= 1 ~switchedOnBeforeTS~0)) (.cse17 (= ~pumpRunning~0 0)) (.cse6 (= 2 |timeShift_getWaterLevel_#res#1|)) (.cse4 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse0 (and .cse17 .cse6 .cse4)) (.cse7 (not (<= |old(~waterLevel~0)| 2))) (.cse8 (and .cse5 .cse12 .cse13 .cse14 .cse3 .cse20 .cse16)) (.cse9 (not (<= 1 |old(~pumpRunning~0)|))) (.cse2 (= 0 ~systemActive~0)) (.cse10 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse11 (and .cse13 .cse17 .cse3 .cse20 .cse16)) (.cse18 (not (<= |old(~waterLevel~0)| 1))) (.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse19 (< |timeShift_getWaterLevel_#res#1| 2))) (and (or .cse0 .cse1 (not (= |old(~waterLevel~0)| 2)) (not .cse2)) (or .cse0 .cse1 (and .cse3 .cse4) (and .cse5 .cse6 .cse4) .cse7) (or .cse8 (not (= |old(~waterLevel~0)| 1)) .cse9 .cse2 .cse10 .cse11) (let ((.cse15 (= ~waterLevel~0 1))) (or (and .cse12 .cse13 .cse14 .cse15 .cse16) .cse9 (not (< 1 |old(~waterLevel~0)|)) (and .cse13 .cse17 .cse15 .cse16) .cse2 .cse7)) (or .cse18 (and .cse12 .cse14 .cse19 .cse4 .cse16) (and .cse17 .cse19 .cse4 .cse16) .cse8 .cse9 .cse2 .cse10 .cse11) (or .cse18 .cse1 (and .cse17 .cse19))))) [2022-11-20 11:15:58,993 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 766 792) the Hoare annotation is: (let ((.cse8 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (= ~pumpRunning~0 0)) (.cse3 (<= ~waterLevel~0 2)) (.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (= 0 ~systemActive~0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse1 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse2 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse7 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 (not (< 1 |old(~waterLevel~0)|)) (and .cse1 .cse2 (< 1 ~waterLevel~0) .cse3) .cse4 .cse5) (or (and .cse6 .cse2 .cse7) (not (<= |old(~waterLevel~0)| 1)) .cse8) (or .cse8 (and .cse6 .cse2 (<= 2 ~waterLevel~0) .cse3) .cse5 (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 .cse4 .cse5 (and .cse1 .cse2 .cse7) (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-11-20 11:15:58,993 INFO L899 garLoopResultBuilder]: For program point L526(line 526) no Hoare annotation was computed. [2022-11-20 11:15:58,993 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 766 792) no Hoare annotation was computed. [2022-11-20 11:15:58,993 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 526) no Hoare annotation was computed. [2022-11-20 11:15:58,994 INFO L895 garLoopResultBuilder]: At program point L547(line 547) the Hoare annotation is: (let ((.cse8 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (= ~pumpRunning~0 0)) (.cse3 (<= ~waterLevel~0 2)) (.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (= 0 ~systemActive~0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse1 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse2 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse7 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 (not (< 1 |old(~waterLevel~0)|)) (and .cse1 .cse2 (< 1 ~waterLevel~0) .cse3) .cse4 .cse5) (or (and .cse6 .cse2 .cse7) (not (<= |old(~waterLevel~0)| 1)) .cse8) (or .cse8 (and .cse6 .cse2 (<= 2 ~waterLevel~0) .cse3) .cse5 (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 .cse4 .cse5 (and .cse1 .cse2 .cse7) (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-11-20 11:15:58,994 INFO L899 garLoopResultBuilder]: For program point L547-1(line 547) no Hoare annotation was computed. [2022-11-20 11:15:58,994 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 418 447) no Hoare annotation was computed. [2022-11-20 11:15:58,994 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 418 447) the Hoare annotation is: true [2022-11-20 11:15:58,995 INFO L902 garLoopResultBuilder]: At program point L443(lines 418 447) the Hoare annotation is: true [2022-11-20 11:15:58,995 INFO L899 garLoopResultBuilder]: For program point L439(line 439) no Hoare annotation was computed. [2022-11-20 11:15:58,995 INFO L899 garLoopResultBuilder]: For program point L432(lines 432 436) no Hoare annotation was computed. [2022-11-20 11:15:58,995 INFO L902 garLoopResultBuilder]: At program point L432-1(lines 432 436) the Hoare annotation is: true [2022-11-20 11:15:58,995 INFO L899 garLoopResultBuilder]: For program point L429(line 429) no Hoare annotation was computed. [2022-11-20 11:15:58,996 INFO L902 garLoopResultBuilder]: At program point L428-2(lines 428 442) the Hoare annotation is: true [2022-11-20 11:15:58,996 INFO L902 garLoopResultBuilder]: At program point L424(line 424) the Hoare annotation is: true [2022-11-20 11:15:58,996 INFO L899 garLoopResultBuilder]: For program point L424-1(line 424) no Hoare annotation was computed. [2022-11-20 11:15:58,996 INFO L899 garLoopResultBuilder]: For program point L704(lines 704 708) no Hoare annotation was computed. [2022-11-20 11:15:58,996 INFO L895 garLoopResultBuilder]: At program point L539(lines 534 541) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_valid_product_#res#1| 1) (= |ULTIMATE.start_main_~tmp~3#1| 1) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-11-20 11:15:58,997 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-11-20 11:15:58,997 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-11-20 11:15:58,997 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-11-20 11:15:58,997 INFO L895 garLoopResultBuilder]: At program point L982(lines 977 984) the Hoare annotation is: (let ((.cse6 (<= 1 ~pumpRunning~0)) (.cse1 (= 2 ~waterLevel~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse2 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (= |ULTIMATE.start_main_~tmp~3#1| 1)) (.cse5 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse6 .cse2 .cse3 (<= ~waterLevel~0 2) .cse4 (<= 1 ~switchedOnBeforeTS~0) .cse5) (and .cse6 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse2 (<= ~waterLevel~0 1) .cse3 .cse4 .cse5))) [2022-11-20 11:15:58,998 INFO L902 garLoopResultBuilder]: At program point L755(lines 692 759) the Hoare annotation is: true [2022-11-20 11:15:58,998 INFO L899 garLoopResultBuilder]: For program point L722(lines 722 728) no Hoare annotation was computed. [2022-11-20 11:15:58,998 INFO L899 garLoopResultBuilder]: For program point L722-1(lines 722 728) no Hoare annotation was computed. [2022-11-20 11:15:58,998 INFO L895 garLoopResultBuilder]: At program point L974(lines 962 976) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_valid_product_#res#1| 1) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0) (<= ~waterLevel~0 2) (= |ULTIMATE.start_main_~tmp~3#1| 1) (= 0 ~systemActive~0)) [2022-11-20 11:15:58,999 INFO L895 garLoopResultBuilder]: At program point L714(line 714) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse4 (not (= 0 ~systemActive~0))) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (= |ULTIMATE.start_main_~tmp~3#1| 1))) (or (and .cse0 .cse1 (<= ~waterLevel~0 1) .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0) .cse4) (and .cse0 (= 2 ~waterLevel~0) .cse1 .cse2 .cse3 .cse4) (and (= ~pumpRunning~0 0) .cse1 .cse2 (<= ~waterLevel~0 2) .cse3))) [2022-11-20 11:15:58,999 INFO L899 garLoopResultBuilder]: For program point L966(lines 966 972) no Hoare annotation was computed. [2022-11-20 11:15:58,999 INFO L899 garLoopResultBuilder]: For program point L966-1(lines 966 972) no Hoare annotation was computed. [2022-11-20 11:15:58,999 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-20 11:15:59,000 INFO L895 garLoopResultBuilder]: At program point L479(lines 475 481) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_valid_product_#res#1| 1) (= |ULTIMATE.start_main_~tmp~3#1| 1) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-11-20 11:15:59,000 INFO L899 garLoopResultBuilder]: For program point L508(lines 508 515) no Hoare annotation was computed. [2022-11-20 11:15:59,000 INFO L899 garLoopResultBuilder]: For program point L508-2(lines 508 515) no Hoare annotation was computed. [2022-11-20 11:15:59,000 INFO L895 garLoopResultBuilder]: At program point L1016(lines 1011 1019) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_valid_product_#res#1| 1) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-11-20 11:15:59,000 INFO L895 garLoopResultBuilder]: At program point L1008(lines 1004 1010) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-11-20 11:15:59,001 INFO L895 garLoopResultBuilder]: At program point L752(lines 701 753) the Hoare annotation is: false [2022-11-20 11:15:59,001 INFO L902 garLoopResultBuilder]: At program point L492(lines 484 494) the Hoare annotation is: true [2022-11-20 11:15:59,001 INFO L902 garLoopResultBuilder]: At program point L517(lines 498 520) the Hoare annotation is: true [2022-11-20 11:15:59,001 INFO L899 garLoopResultBuilder]: For program point L740(lines 740 746) no Hoare annotation was computed. [2022-11-20 11:15:59,002 INFO L895 garLoopResultBuilder]: At program point L740-2(lines 732 747) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse5 (not (= 0 ~systemActive~0))) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2)) (.cse4 (= |ULTIMATE.start_main_~tmp~3#1| 1))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 (<= 1 ~switchedOnBeforeTS~0) .cse5) (and .cse0 (= 2 ~waterLevel~0) .cse1 .cse2 .cse4 .cse5) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3 .cse4))) [2022-11-20 11:15:59,002 INFO L899 garLoopResultBuilder]: For program point L703(lines 702 751) no Hoare annotation was computed. [2022-11-20 11:15:59,002 INFO L899 garLoopResultBuilder]: For program point L732(lines 732 747) no Hoare annotation was computed. [2022-11-20 11:15:59,002 INFO L895 garLoopResultBuilder]: At program point L724(line 724) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse5 (not (= 0 ~systemActive~0))) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2)) (.cse4 (= |ULTIMATE.start_main_~tmp~3#1| 1))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 (<= 1 ~switchedOnBeforeTS~0) .cse5) (and .cse0 (= 2 ~waterLevel~0) .cse1 .cse2 .cse4 .cse5) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3 .cse4))) [2022-11-20 11:15:59,003 INFO L895 garLoopResultBuilder]: At program point L749(lines 702 751) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse4 (not (= 0 ~systemActive~0))) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (= |ULTIMATE.start_main_~tmp~3#1| 1))) (or (and .cse0 .cse1 (<= ~waterLevel~0 1) .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0) .cse4) (and .cse0 (= 2 ~waterLevel~0) .cse1 .cse2 .cse3 .cse4) (and (= ~pumpRunning~0 0) .cse1 .cse2 (<= ~waterLevel~0 2) .cse3))) [2022-11-20 11:15:59,003 INFO L895 garLoopResultBuilder]: At program point L1001(lines 997 1003) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-11-20 11:15:59,003 INFO L899 garLoopResultBuilder]: For program point L712(lines 712 718) no Hoare annotation was computed. [2022-11-20 11:15:59,003 INFO L895 garLoopResultBuilder]: At program point L968(line 968) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (= |ULTIMATE.start_main_~tmp~3#1| 1)) (.cse4 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 (<= ~waterLevel~0 2) .cse3 (<= 1 ~switchedOnBeforeTS~0) .cse4) (and .cse0 (= 2 ~waterLevel~0) .cse1 .cse2 .cse3 .cse4))) [2022-11-20 11:15:59,004 INFO L899 garLoopResultBuilder]: For program point L712-1(lines 712 718) no Hoare annotation was computed. [2022-11-20 11:15:59,004 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 801 825) the Hoare annotation is: (let ((.cse0 (= 0 ~systemActive~0))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) .cse0 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) (not (<= ~waterLevel~0 2)) .cse0))) [2022-11-20 11:15:59,004 INFO L895 garLoopResultBuilder]: At program point L857(lines 852 859) the Hoare annotation is: (let ((.cse0 (= 0 ~systemActive~0))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and (<= 1 ~pumpRunning~0) (= 2 ~waterLevel~0)) (not (<= ~waterLevel~0 2)) .cse0) (or (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) .cse0 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-20 11:15:59,005 INFO L895 garLoopResultBuilder]: At program point L820(line 820) the Hoare annotation is: (let ((.cse0 (= 0 ~systemActive~0))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) .cse0 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) (not (<= ~waterLevel~0 2)) .cse0))) [2022-11-20 11:15:59,005 INFO L899 garLoopResultBuilder]: For program point L820-1(lines 801 825) no Hoare annotation was computed. [2022-11-20 11:15:59,005 INFO L899 garLoopResultBuilder]: For program point L670(lines 670 676) no Hoare annotation was computed. [2022-11-20 11:15:59,005 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 801 825) no Hoare annotation was computed. [2022-11-20 11:15:59,006 INFO L895 garLoopResultBuilder]: At program point L815(line 815) the Hoare annotation is: (let ((.cse0 (= 0 ~systemActive~0))) (and (or (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) .cse0 (not (<= 1 ~switchedOnBeforeTS~0))) (or (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~6#1| 0)) (not (= |old(~pumpRunning~0)| 0)) (not (<= ~waterLevel~0 2)) .cse0))) [2022-11-20 11:15:59,006 INFO L895 garLoopResultBuilder]: At program point L939(lines 924 942) the Hoare annotation is: (let ((.cse1 (not (<= ~waterLevel~0 1))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 (and (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp___0~2#1| 0) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1| 0)) .cse1 .cse2) (or (not (<= 1 |old(~pumpRunning~0)|)) .cse1 .cse2 (not (<= 1 ~switchedOnBeforeTS~0))) (or .cse0 (= ~pumpRunning~0 0) (not (<= ~waterLevel~0 2)) .cse2))) [2022-11-20 11:15:59,006 INFO L899 garLoopResultBuilder]: For program point L809(lines 809 817) no Hoare annotation was computed. [2022-11-20 11:15:59,006 INFO L899 garLoopResultBuilder]: For program point L805(lines 805 822) no Hoare annotation was computed. [2022-11-20 11:15:59,007 INFO L899 garLoopResultBuilder]: For program point L933(lines 933 937) no Hoare annotation was computed. [2022-11-20 11:15:59,007 INFO L895 garLoopResultBuilder]: At program point L675(lines 666 679) the Hoare annotation is: (let ((.cse1 (not (<= ~waterLevel~0 1))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1| 1)) (or (not (<= 1 |old(~pumpRunning~0)|)) .cse1 .cse2 (not (<= 1 ~switchedOnBeforeTS~0))) (or .cse0 (= ~pumpRunning~0 0) (not (<= ~waterLevel~0 2)) .cse2))) [2022-11-20 11:15:59,007 INFO L899 garLoopResultBuilder]: For program point L933-2(lines 933 937) no Hoare annotation was computed. [2022-11-20 11:15:59,007 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 601 612) no Hoare annotation was computed. [2022-11-20 11:15:59,007 INFO L899 garLoopResultBuilder]: For program point L605-1(lines 601 612) no Hoare annotation was computed. [2022-11-20 11:15:59,008 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 601 612) the Hoare annotation is: (let ((.cse0 (not (<= 1 ~pumpRunning~0))) (.cse2 (= 0 ~systemActive~0)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse2 (not (<= 1 ~switchedOnBeforeTS~0))) (or .cse0 (not (= |old(~waterLevel~0)| 2)) .cse1 .cse2) (or (not (= ~pumpRunning~0 0)) .cse1 (not (<= |old(~waterLevel~0)| 2))))) [2022-11-20 11:15:59,008 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 879 887) no Hoare annotation was computed. [2022-11-20 11:15:59,008 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 879 887) the Hoare annotation is: true [2022-11-20 11:15:59,008 INFO L899 garLoopResultBuilder]: For program point isPumpRunningFINAL(lines 879 887) no Hoare annotation was computed. [2022-11-20 11:15:59,012 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 11:15:59,015 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-20 11:15:59,052 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 20.11 11:15:59 BoogieIcfgContainer [2022-11-20 11:15:59,053 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-20 11:15:59,053 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-20 11:15:59,054 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-20 11:15:59,054 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-20 11:15:59,055 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.11 11:15:31" (3/4) ... [2022-11-20 11:15:59,058 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-20 11:15:59,075 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-11-20 11:15:59,075 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-20 11:15:59,075 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-20 11:15:59,075 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-20 11:15:59,075 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-20 11:15:59,076 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-20 11:15:59,076 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-20 11:15:59,076 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-11-20 11:15:59,084 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 24 nodes and edges [2022-11-20 11:15:59,088 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 8 nodes and edges [2022-11-20 11:15:59,089 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 4 nodes and edges [2022-11-20 11:15:59,089 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-20 11:15:59,090 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-20 11:15:59,126 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((pumpRunning == 0 && \result == 1) && waterLevel == 1) && !(0 == systemActive) [2022-11-20 11:15:59,126 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((pumpRunning == 0 && \result == 1) && tmp == 1) && waterLevel == 1) && !(0 == systemActive) [2022-11-20 11:15:59,127 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((pumpRunning == 0 && \result == 1) && tmp == 1) && waterLevel == 1) && !(0 == systemActive) [2022-11-20 11:15:59,127 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((1 <= pumpRunning && \result == 1) && waterLevel <= 1) && splverifierCounter == 0) && tmp == 1) && 1 <= switchedOnBeforeTS) && !(0 == systemActive)) || (((((1 <= pumpRunning && 2 == waterLevel) && \result == 1) && splverifierCounter == 0) && tmp == 1) && !(0 == systemActive))) || ((((pumpRunning == 0 && \result == 1) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) [2022-11-20 11:15:59,130 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(waterLevel) <= 1) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2)) || 0 == systemActive) [2022-11-20 11:15:59,131 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) <= 1) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 <= \old(pumpRunning))) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-20 11:15:59,131 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((pumpRunning == 0 && 2 == waterLevel) && \result == 1) && splverifierCounter == 0) && tmp == 1) && !(0 == systemActive)) || ((((((1 <= pumpRunning && \result == 1) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || (((((1 <= pumpRunning && 2 == waterLevel) && \result == 1) && splverifierCounter == 0) && tmp == 1) && !(0 == systemActive))) || (((((pumpRunning == 0 && \result == 1) && waterLevel <= 1) && splverifierCounter == 0) && tmp == 1) && !(0 == systemActive)) [2022-11-20 11:15:59,132 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((!(1 <= \old(pumpRunning)) || (((((\result <= waterLevel && pumpRunning == 0) && waterLevel == 1) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || (((((pumpRunning == \old(pumpRunning) && \result <= waterLevel) && tmp == 0) && waterLevel == 1) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS)) && (((((!(\old(waterLevel) == 1) || !(1 <= \old(pumpRunning))) || ((((((\result <= waterLevel && pumpRunning == 0) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || ((((((pumpRunning == \old(pumpRunning) && \result <= waterLevel) && tmp == 0) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && (((((((((pumpRunning == 0 && 2 == \result) && tmp == 2) && \old(waterLevel) == waterLevel) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || (((1 <= pumpRunning && 2 == \result) && tmp == 2) && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || ((((!(2 <= tmp) && pumpRunning == \old(pumpRunning)) && pumpRunning == 0) && \result < 2) && \old(waterLevel) == waterLevel))) && (((((((!(\old(waterLevel) <= 1) || (((((!(2 <= tmp) && pumpRunning == \old(pumpRunning)) && tmp == 0) && \result < 2) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || ((((((\result <= waterLevel && pumpRunning == 0) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || ((((((pumpRunning == \old(pumpRunning) && \result <= waterLevel) && tmp == 0) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS)) || (((((!(2 <= tmp) && pumpRunning == 0) && \result < 2) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && (((!(\old(pumpRunning) == 0) || ((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && 2 == \result) && tmp == 2) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2)) || !(0 == systemActive)) [2022-11-20 11:15:59,133 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && ((((!(1 <= \old(pumpRunning)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && tmp == 0) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || !(\old(waterLevel) == 2)) || 0 == systemActive) || (((pumpRunning == 0 && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && (((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || waterLevel == 1) || !(\old(waterLevel) <= 2))) && (((((((!(\old(waterLevel) <= 1) || !(1 <= \old(pumpRunning))) || (((pumpRunning == \old(pumpRunning) && tmp == 0) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && tmp == 0) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || (((pumpRunning == 0 && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel))) && (((((!(\old(waterLevel) == 1) || !(1 <= \old(pumpRunning))) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && tmp == 0) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || 0 == systemActive) || (((pumpRunning == 0 && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-20 11:15:59,134 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) && (((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-20 11:15:59,134 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((pumpRunning == 0 && \result == 1) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && 0 == systemActive [2022-11-20 11:15:59,135 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((pumpRunning == 0 && 2 == \result) && \old(waterLevel) == waterLevel) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 2)) || !(0 == systemActive)) && ((((((pumpRunning == 0 && 2 == \result) && \old(waterLevel) == waterLevel) || !(\old(pumpRunning) == 0)) || (waterLevel <= 1 && \old(waterLevel) == waterLevel)) || ((1 <= pumpRunning && 2 == \result) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && \result <= waterLevel) && tmp == 0) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) || !(\old(waterLevel) == 1)) || !(1 <= \old(pumpRunning))) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) || ((((\result <= waterLevel && pumpRunning == 0) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && (((((((((pumpRunning == \old(pumpRunning) && \result <= waterLevel) && tmp == 0) && waterLevel == 1) && 1 <= switchedOnBeforeTS) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || (((\result <= waterLevel && pumpRunning == 0) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((((((!(\old(waterLevel) <= 1) || ((((pumpRunning == \old(pumpRunning) && tmp == 0) && \result < 2) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || (((pumpRunning == 0 && \result < 2) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && \result <= waterLevel) && tmp == 0) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) || ((((\result <= waterLevel && pumpRunning == 0) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && ((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \result < 2)) [2022-11-20 11:15:59,135 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) <= 1) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 <= \old(pumpRunning))) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-20 11:15:59,136 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(waterLevel <= 1)) || 0 == systemActive) || \result == 1) && (((!(1 <= \old(pumpRunning)) || !(waterLevel <= 1)) || 0 == systemActive) || !(1 <= switchedOnBeforeTS))) && (((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(waterLevel <= 2)) || 0 == systemActive) [2022-11-20 11:15:59,136 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) <= 1) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 <= \old(pumpRunning))) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-20 11:15:59,136 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || (tmp___0 == 0 && \result == 0)) || !(waterLevel <= 1)) || 0 == systemActive) && (((!(1 <= \old(pumpRunning)) || !(waterLevel <= 1)) || 0 == systemActive) || !(1 <= switchedOnBeforeTS))) && (((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(waterLevel <= 2)) || 0 == systemActive) [2022-11-20 11:15:59,141 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(\old(pumpRunning) == 0) || (1 <= pumpRunning && 2 == waterLevel)) || !(waterLevel <= 2)) || 0 == systemActive) && (((!(1 <= \old(pumpRunning)) || !(waterLevel <= 1)) || 0 == systemActive) || !(1 <= switchedOnBeforeTS)) [2022-11-20 11:15:59,197 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/bin/uautomizer-ug76WZFUDN/witness.graphml [2022-11-20 11:15:59,198 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-20 11:15:59,199 INFO L158 Benchmark]: Toolchain (without parser) took 28887.31ms. Allocated memory was 180.4MB in the beginning and 262.1MB in the end (delta: 81.8MB). Free memory was 138.6MB in the beginning and 76.1MB in the end (delta: 62.5MB). Peak memory consumption was 146.4MB. Max. memory is 16.1GB. [2022-11-20 11:15:59,199 INFO L158 Benchmark]: CDTParser took 0.35ms. Allocated memory is still 121.6MB. Free memory is still 66.4MB. There was no memory consumed. Max. memory is 16.1GB. [2022-11-20 11:15:59,200 INFO L158 Benchmark]: CACSL2BoogieTranslator took 559.33ms. Allocated memory is still 180.4MB. Free memory was 138.1MB in the beginning and 119.3MB in the end (delta: 18.8MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2022-11-20 11:15:59,200 INFO L158 Benchmark]: Boogie Procedure Inliner took 54.09ms. Allocated memory is still 180.4MB. Free memory was 119.3MB in the beginning and 117.1MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-20 11:15:59,201 INFO L158 Benchmark]: Boogie Preprocessor took 34.59ms. Allocated memory is still 180.4MB. Free memory was 117.1MB in the beginning and 115.6MB in the end (delta: 1.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-20 11:15:59,201 INFO L158 Benchmark]: RCFGBuilder took 772.55ms. Allocated memory is still 180.4MB. Free memory was 115.1MB in the beginning and 149.1MB in the end (delta: -34.0MB). Peak memory consumption was 22.7MB. Max. memory is 16.1GB. [2022-11-20 11:15:59,202 INFO L158 Benchmark]: TraceAbstraction took 27310.87ms. Allocated memory was 180.4MB in the beginning and 262.1MB in the end (delta: 81.8MB). Free memory was 147.5MB in the beginning and 82.5MB in the end (delta: 65.0MB). Peak memory consumption was 157.2MB. Max. memory is 16.1GB. [2022-11-20 11:15:59,204 INFO L158 Benchmark]: Witness Printer took 144.28ms. Allocated memory is still 262.1MB. Free memory was 82.5MB in the beginning and 76.1MB in the end (delta: 6.4MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-20 11:15:59,206 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.35ms. Allocated memory is still 121.6MB. Free memory is still 66.4MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 559.33ms. Allocated memory is still 180.4MB. Free memory was 138.1MB in the beginning and 119.3MB in the end (delta: 18.8MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 54.09ms. Allocated memory is still 180.4MB. Free memory was 119.3MB in the beginning and 117.1MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 34.59ms. Allocated memory is still 180.4MB. Free memory was 117.1MB in the beginning and 115.6MB in the end (delta: 1.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 772.55ms. Allocated memory is still 180.4MB. Free memory was 115.1MB in the beginning and 149.1MB in the end (delta: -34.0MB). Peak memory consumption was 22.7MB. Max. memory is 16.1GB. * TraceAbstraction took 27310.87ms. Allocated memory was 180.4MB in the beginning and 262.1MB in the end (delta: 81.8MB). Free memory was 147.5MB in the beginning and 82.5MB in the end (delta: 65.0MB). Peak memory consumption was 157.2MB. Max. memory is 16.1GB. * Witness Printer took 144.28ms. Allocated memory is still 262.1MB. Free memory was 82.5MB in the beginning and 76.1MB in the end (delta: 6.4MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 526]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 100 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 27.2s, OverallIterations: 12, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 7.7s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 12.9s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 3189 SdHoareTripleChecker+Valid, 4.3s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 3142 mSDsluCounter, 6606 SdHoareTripleChecker+Invalid, 3.5s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 5136 mSDsCounter, 1070 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 4179 IncrementalHoareTripleChecker+Invalid, 5249 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 1070 mSolverCounterUnsat, 1470 mSDtfsCounter, 4179 mSolverCounterSat, 0.2s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 893 GetRequests, 701 SyntacticMatches, 10 SemanticMatches, 182 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1571 ImplicationChecksByTransitivity, 2.7s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=853occurred in iteration=11, InterpolantAutomatonStates: 163, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.7s AutomataMinimizationTime, 12 MinimizatonAttempts, 484 StatesRemovedByMinimization, 9 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 46 LocationsWithAnnotation, 2288 PreInvPairs, 2662 NumberOfFragments, 2847 HoareAnnotationTreeSize, 2288 FomulaSimplifications, 4847 FormulaSimplificationTreeSizeReduction, 1.6s HoareSimplificationTime, 46 FomulaSimplificationsInter, 33221 FormulaSimplificationTreeSizeReductionInter, 11.2s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.4s SatisfiabilityAnalysisTime, 4.2s InterpolantComputationTime, 1140 NumberOfCodeBlocks, 1140 NumberOfCodeBlocksAsserted, 14 NumberOfCheckSat, 1401 ConstructedInterpolants, 0 QuantifiedInterpolants, 2764 SizeOfPredicates, 6 NumberOfNonLiveVariables, 892 ConjunctsInSsa, 21 ConjunctsInUnsatCore, 16 InterpolantComputations, 10 PerfectInterpolantSequences, 830/909 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 702]: Loop Invariant Derived loop invariant: (((((((1 <= pumpRunning && \result == 1) && waterLevel <= 1) && splverifierCounter == 0) && tmp == 1) && 1 <= switchedOnBeforeTS) && !(0 == systemActive)) || (((((1 <= pumpRunning && 2 == waterLevel) && \result == 1) && splverifierCounter == 0) && tmp == 1) && !(0 == systemActive))) || ((((pumpRunning == 0 && \result == 1) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) - InvariantResult [Line: 701]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 977]: Loop Invariant Derived loop invariant: (((((((pumpRunning == 0 && 2 == waterLevel) && \result == 1) && splverifierCounter == 0) && tmp == 1) && !(0 == systemActive)) || ((((((1 <= pumpRunning && \result == 1) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || (((((1 <= pumpRunning && 2 == waterLevel) && \result == 1) && splverifierCounter == 0) && tmp == 1) && !(0 == systemActive))) || (((((pumpRunning == 0 && \result == 1) && waterLevel <= 1) && splverifierCounter == 0) && tmp == 1) && !(0 == systemActive)) - InvariantResult [Line: 924]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || (tmp___0 == 0 && \result == 0)) || !(waterLevel <= 1)) || 0 == systemActive) && (((!(1 <= \old(pumpRunning)) || !(waterLevel <= 1)) || 0 == systemActive) || !(1 <= switchedOnBeforeTS))) && (((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(waterLevel <= 2)) || 0 == systemActive) - InvariantResult [Line: 589]: Loop Invariant Derived loop invariant: (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) <= 1) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 <= \old(pumpRunning))) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 418]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 428]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 962]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0 && \result == 1) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && 0 == systemActive - InvariantResult [Line: 943]: Loop Invariant Derived loop invariant: (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) <= 1) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 <= \old(pumpRunning))) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 1011]: Loop Invariant Derived loop invariant: ((pumpRunning == 0 && \result == 1) && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 522]: Loop Invariant Derived loop invariant: ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) && (((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 827]: Loop Invariant Derived loop invariant: (((((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && ((((!(1 <= \old(pumpRunning)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && tmp == 0) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || !(\old(waterLevel) == 2)) || 0 == systemActive) || (((pumpRunning == 0 && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && (((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || waterLevel == 1) || !(\old(waterLevel) <= 2))) && (((((((!(\old(waterLevel) <= 1) || !(1 <= \old(pumpRunning))) || (((pumpRunning == \old(pumpRunning) && tmp == 0) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && tmp == 0) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || (((pumpRunning == 0 && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel))) && (((((!(\old(waterLevel) == 1) || !(1 <= \old(pumpRunning))) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && tmp == 0) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || 0 == systemActive) || (((pumpRunning == 0 && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 498]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 484]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 542]: Loop Invariant Derived loop invariant: (((((!(\old(waterLevel) <= 1) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2)) || 0 == systemActive) - InvariantResult [Line: 680]: Loop Invariant Derived loop invariant: (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) <= 1) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 <= \old(pumpRunning))) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 534]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && \result == 1) && tmp == 1) && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 552]: Loop Invariant Derived loop invariant: (((((((((!(1 <= \old(pumpRunning)) || (((((\result <= waterLevel && pumpRunning == 0) && waterLevel == 1) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || (((((pumpRunning == \old(pumpRunning) && \result <= waterLevel) && tmp == 0) && waterLevel == 1) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS)) && (((((!(\old(waterLevel) == 1) || !(1 <= \old(pumpRunning))) || ((((((\result <= waterLevel && pumpRunning == 0) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || ((((((pumpRunning == \old(pumpRunning) && \result <= waterLevel) && tmp == 0) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && (((((((((pumpRunning == 0 && 2 == \result) && tmp == 2) && \old(waterLevel) == waterLevel) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || (((1 <= pumpRunning && 2 == \result) && tmp == 2) && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || ((((!(2 <= tmp) && pumpRunning == \old(pumpRunning)) && pumpRunning == 0) && \result < 2) && \old(waterLevel) == waterLevel))) && (((((((!(\old(waterLevel) <= 1) || (((((!(2 <= tmp) && pumpRunning == \old(pumpRunning)) && tmp == 0) && \result < 2) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || ((((((\result <= waterLevel && pumpRunning == 0) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || ((((((pumpRunning == \old(pumpRunning) && \result <= waterLevel) && tmp == 0) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS)) || (((((!(2 <= tmp) && pumpRunning == 0) && \result < 2) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && (((!(\old(pumpRunning) == 0) || ((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && 2 == \result) && tmp == 2) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2)) || !(0 == systemActive)) - InvariantResult [Line: 666]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(waterLevel <= 1)) || 0 == systemActive) || \result == 1) && (((!(1 <= \old(pumpRunning)) || !(waterLevel <= 1)) || 0 == systemActive) || !(1 <= switchedOnBeforeTS))) && (((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(waterLevel <= 2)) || 0 == systemActive) - InvariantResult [Line: 692]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1004]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 657]: Loop Invariant Derived loop invariant: (((((((((pumpRunning == 0 && 2 == \result) && \old(waterLevel) == waterLevel) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 2)) || !(0 == systemActive)) && ((((((pumpRunning == 0 && 2 == \result) && \old(waterLevel) == waterLevel) || !(\old(pumpRunning) == 0)) || (waterLevel <= 1 && \old(waterLevel) == waterLevel)) || ((1 <= pumpRunning && 2 == \result) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && \result <= waterLevel) && tmp == 0) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) || !(\old(waterLevel) == 1)) || !(1 <= \old(pumpRunning))) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) || ((((\result <= waterLevel && pumpRunning == 0) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && (((((((((pumpRunning == \old(pumpRunning) && \result <= waterLevel) && tmp == 0) && waterLevel == 1) && 1 <= switchedOnBeforeTS) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || (((\result <= waterLevel && pumpRunning == 0) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((((((!(\old(waterLevel) <= 1) || ((((pumpRunning == \old(pumpRunning) && tmp == 0) && \result < 2) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || (((pumpRunning == 0 && \result < 2) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && \result <= waterLevel) && tmp == 0) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) || ((((\result <= waterLevel && pumpRunning == 0) && waterLevel <= 1) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && ((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \result < 2)) - InvariantResult [Line: 997]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 852]: Loop Invariant Derived loop invariant: (((!(\old(pumpRunning) == 0) || (1 <= pumpRunning && 2 == waterLevel)) || !(waterLevel <= 2)) || 0 == systemActive) && (((!(1 <= \old(pumpRunning)) || !(waterLevel <= 1)) || 0 == systemActive) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 475]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && \result == 1) && tmp == 1) && waterLevel == 1) && !(0 == systemActive) RESULT: Ultimate proved your program to be correct! [2022-11-20 11:15:59,295 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_ec2cf394-579c-4304-910f-069dd9c9c0fb/bin/uautomizer-ug76WZFUDN/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE