./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 6b4ec56b Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a2eb43ae-664f-4560-8d65-a0aad559c04b/bin/uautomizer-ug76WZFUDN/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a2eb43ae-664f-4560-8d65-a0aad559c04b/bin/uautomizer-ug76WZFUDN/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a2eb43ae-664f-4560-8d65-a0aad559c04b/bin/uautomizer-ug76WZFUDN/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a2eb43ae-664f-4560-8d65-a0aad559c04b/bin/uautomizer-ug76WZFUDN/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a2eb43ae-664f-4560-8d65-a0aad559c04b/bin/uautomizer-ug76WZFUDN/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a2eb43ae-664f-4560-8d65-a0aad559c04b/bin/uautomizer-ug76WZFUDN --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash db9cad3d4bb6f197e1ca94da7e6c4fb3038f74aed96fd168a277cfa6f57caad2 --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-6b4ec56 [2022-11-20 12:46:05,594 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-20 12:46:05,598 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-20 12:46:05,635 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-20 12:46:05,636 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-20 12:46:05,639 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-20 12:46:05,643 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-20 12:46:05,648 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-20 12:46:05,651 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-20 12:46:05,653 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-20 12:46:05,655 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-20 12:46:05,659 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-20 12:46:05,661 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-20 12:46:05,664 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-20 12:46:05,666 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-20 12:46:05,670 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-20 12:46:05,673 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-20 12:46:05,679 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-20 12:46:05,681 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-20 12:46:05,684 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-20 12:46:05,689 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-20 12:46:05,691 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-20 12:46:05,692 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-20 12:46:05,693 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-20 12:46:05,697 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-20 12:46:05,697 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-20 12:46:05,698 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-20 12:46:05,699 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-20 12:46:05,699 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-20 12:46:05,700 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-20 12:46:05,701 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-20 12:46:05,702 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-20 12:46:05,709 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-20 12:46:05,710 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-20 12:46:05,712 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-20 12:46:05,712 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-20 12:46:05,713 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-20 12:46:05,713 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-20 12:46:05,713 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-20 12:46:05,714 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-20 12:46:05,716 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-20 12:46:05,718 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a2eb43ae-664f-4560-8d65-a0aad559c04b/bin/uautomizer-ug76WZFUDN/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-11-20 12:46:05,749 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-20 12:46:05,750 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-20 12:46:05,750 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-20 12:46:05,750 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-20 12:46:05,751 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-20 12:46:05,751 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-20 12:46:05,752 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-11-20 12:46:05,752 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-11-20 12:46:05,752 INFO L138 SettingsManager]: * Use SBE=true [2022-11-20 12:46:05,753 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-20 12:46:05,753 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-20 12:46:05,753 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-20 12:46:05,753 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-20 12:46:05,754 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-20 12:46:05,754 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-20 12:46:05,754 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-20 12:46:05,754 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-20 12:46:05,754 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-20 12:46:05,755 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-20 12:46:05,755 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-20 12:46:05,755 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-20 12:46:05,755 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-20 12:46:05,756 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-11-20 12:46:05,756 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-20 12:46:05,756 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-20 12:46:05,756 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-20 12:46:05,757 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-20 12:46:05,757 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-20 12:46:05,757 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-11-20 12:46:05,757 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-20 12:46:05,757 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-11-20 12:46:05,758 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-11-20 12:46:05,758 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-20 12:46:05,758 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a2eb43ae-664f-4560-8d65-a0aad559c04b/bin/uautomizer-ug76WZFUDN/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a2eb43ae-664f-4560-8d65-a0aad559c04b/bin/uautomizer-ug76WZFUDN Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> db9cad3d4bb6f197e1ca94da7e6c4fb3038f74aed96fd168a277cfa6f57caad2 [2022-11-20 12:46:06,072 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-20 12:46:06,119 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-20 12:46:06,122 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-20 12:46:06,123 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-20 12:46:06,123 INFO L275 PluginConnector]: CDTParser initialized [2022-11-20 12:46:06,125 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a2eb43ae-664f-4560-8d65-a0aad559c04b/bin/uautomizer-ug76WZFUDN/../../sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c [2022-11-20 12:46:09,794 INFO L500 CDTParser]: Created temporary CDT project at NULL [2022-11-20 12:46:10,123 INFO L351 CDTParser]: Found 1 translation units. [2022-11-20 12:46:10,124 INFO L172 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a2eb43ae-664f-4560-8d65-a0aad559c04b/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c [2022-11-20 12:46:10,137 INFO L394 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a2eb43ae-664f-4560-8d65-a0aad559c04b/bin/uautomizer-ug76WZFUDN/data/bd0f8dd18/383af29cbd5240928423ce3c875d055f/FLAGde5905c48 [2022-11-20 12:46:10,154 INFO L402 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a2eb43ae-664f-4560-8d65-a0aad559c04b/bin/uautomizer-ug76WZFUDN/data/bd0f8dd18/383af29cbd5240928423ce3c875d055f [2022-11-20 12:46:10,158 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-20 12:46:10,159 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-20 12:46:10,161 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-20 12:46:10,161 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-20 12:46:10,166 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-20 12:46:10,167 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.11 12:46:10" (1/1) ... [2022-11-20 12:46:10,168 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@5a7f77fc and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 12:46:10, skipping insertion in model container [2022-11-20 12:46:10,168 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.11 12:46:10" (1/1) ... [2022-11-20 12:46:10,177 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-20 12:46:10,215 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-20 12:46:10,522 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a2eb43ae-664f-4560-8d65-a0aad559c04b/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c[14935,14948] [2022-11-20 12:46:10,552 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-20 12:46:10,582 INFO L203 MainTranslator]: Completed pre-run [2022-11-20 12:46:10,654 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a2eb43ae-664f-4560-8d65-a0aad559c04b/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c[14935,14948] [2022-11-20 12:46:10,686 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-20 12:46:10,719 INFO L208 MainTranslator]: Completed translation [2022-11-20 12:46:10,720 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 12:46:10 WrapperNode [2022-11-20 12:46:10,720 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-20 12:46:10,722 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-20 12:46:10,722 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-20 12:46:10,723 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-20 12:46:10,732 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 12:46:10" (1/1) ... [2022-11-20 12:46:10,759 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 12:46:10" (1/1) ... [2022-11-20 12:46:10,816 INFO L138 Inliner]: procedures = 59, calls = 104, calls flagged for inlining = 28, calls inlined = 25, statements flattened = 232 [2022-11-20 12:46:10,816 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-20 12:46:10,817 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-20 12:46:10,817 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-20 12:46:10,817 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-20 12:46:10,826 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 12:46:10" (1/1) ... [2022-11-20 12:46:10,827 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 12:46:10" (1/1) ... [2022-11-20 12:46:10,829 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 12:46:10" (1/1) ... [2022-11-20 12:46:10,830 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 12:46:10" (1/1) ... [2022-11-20 12:46:10,835 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 12:46:10" (1/1) ... [2022-11-20 12:46:10,841 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 12:46:10" (1/1) ... [2022-11-20 12:46:10,843 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 12:46:10" (1/1) ... [2022-11-20 12:46:10,844 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 12:46:10" (1/1) ... [2022-11-20 12:46:10,847 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-20 12:46:10,848 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-20 12:46:10,848 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-20 12:46:10,849 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-20 12:46:10,850 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 12:46:10" (1/1) ... [2022-11-20 12:46:10,858 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-20 12:46:10,873 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a2eb43ae-664f-4560-8d65-a0aad559c04b/bin/uautomizer-ug76WZFUDN/z3 [2022-11-20 12:46:10,888 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a2eb43ae-664f-4560-8d65-a0aad559c04b/bin/uautomizer-ug76WZFUDN/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-20 12:46:10,895 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a2eb43ae-664f-4560-8d65-a0aad559c04b/bin/uautomizer-ug76WZFUDN/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-20 12:46:10,943 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-20 12:46:10,943 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-20 12:46:10,943 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-20 12:46:10,944 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-20 12:46:10,944 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-20 12:46:10,946 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-20 12:46:10,946 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-20 12:46:10,955 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-20 12:46:10,956 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-20 12:46:10,956 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-20 12:46:10,957 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-20 12:46:10,958 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-11-20 12:46:10,958 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-11-20 12:46:10,958 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-20 12:46:10,959 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-20 12:46:10,959 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-20 12:46:10,959 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-20 12:46:10,959 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-20 12:46:11,063 INFO L235 CfgBuilder]: Building ICFG [2022-11-20 12:46:11,068 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-20 12:46:11,536 INFO L276 CfgBuilder]: Performing block encoding [2022-11-20 12:46:11,545 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-20 12:46:11,546 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-20 12:46:11,548 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.11 12:46:11 BoogieIcfgContainer [2022-11-20 12:46:11,549 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-20 12:46:11,552 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-20 12:46:11,552 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-20 12:46:11,556 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-20 12:46:11,556 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.11 12:46:10" (1/3) ... [2022-11-20 12:46:11,557 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3219ce4 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.11 12:46:11, skipping insertion in model container [2022-11-20 12:46:11,557 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 12:46:10" (2/3) ... [2022-11-20 12:46:11,558 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3219ce4 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.11 12:46:11, skipping insertion in model container [2022-11-20 12:46:11,558 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.11 12:46:11" (3/3) ... [2022-11-20 12:46:11,568 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product58.cil.c [2022-11-20 12:46:11,606 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-20 12:46:11,623 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-20 12:46:11,737 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-20 12:46:11,750 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@69250878, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-20 12:46:11,751 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-20 12:46:11,760 INFO L276 IsEmpty]: Start isEmpty. Operand has 97 states, 76 states have (on average 1.368421052631579) internal successors, (104), 84 states have internal predecessors, (104), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-11-20 12:46:11,778 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2022-11-20 12:46:11,778 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 12:46:11,779 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 12:46:11,781 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 12:46:11,788 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 12:46:11,789 INFO L85 PathProgramCache]: Analyzing trace with hash -716350399, now seen corresponding path program 1 times [2022-11-20 12:46:11,801 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 12:46:11,802 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1747758077] [2022-11-20 12:46:11,802 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 12:46:11,803 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 12:46:12,082 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:12,202 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-11-20 12:46:12,206 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:12,212 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-11-20 12:46:12,214 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:12,218 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-20 12:46:12,219 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 12:46:12,220 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1747758077] [2022-11-20 12:46:12,220 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1747758077] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 12:46:12,221 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 12:46:12,221 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-20 12:46:12,231 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [924299288] [2022-11-20 12:46:12,232 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 12:46:12,238 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-20 12:46:12,238 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 12:46:12,289 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-20 12:46:12,290 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-20 12:46:12,295 INFO L87 Difference]: Start difference. First operand has 97 states, 76 states have (on average 1.368421052631579) internal successors, (104), 84 states have internal predecessors, (104), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-20 12:46:12,377 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 12:46:12,378 INFO L93 Difference]: Finished difference Result 185 states and 250 transitions. [2022-11-20 12:46:12,379 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-20 12:46:12,382 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2022-11-20 12:46:12,383 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 12:46:12,403 INFO L225 Difference]: With dead ends: 185 [2022-11-20 12:46:12,403 INFO L226 Difference]: Without dead ends: 88 [2022-11-20 12:46:12,409 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-20 12:46:12,417 INFO L413 NwaCegarLoop]: 122 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 122 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-20 12:46:12,419 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 122 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-20 12:46:12,441 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 88 states. [2022-11-20 12:46:12,471 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 88 to 88. [2022-11-20 12:46:12,473 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 88 states, 69 states have (on average 1.3043478260869565) internal successors, (90), 76 states have internal predecessors, (90), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-20 12:46:12,475 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 88 states to 88 states and 113 transitions. [2022-11-20 12:46:12,486 INFO L78 Accepts]: Start accepts. Automaton has 88 states and 113 transitions. Word has length 32 [2022-11-20 12:46:12,486 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 12:46:12,487 INFO L495 AbstractCegarLoop]: Abstraction has 88 states and 113 transitions. [2022-11-20 12:46:12,487 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-20 12:46:12,487 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 113 transitions. [2022-11-20 12:46:12,490 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-11-20 12:46:12,490 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 12:46:12,491 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 12:46:12,491 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-20 12:46:12,492 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 12:46:12,492 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 12:46:12,493 INFO L85 PathProgramCache]: Analyzing trace with hash 407802526, now seen corresponding path program 1 times [2022-11-20 12:46:12,493 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 12:46:12,493 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [197896520] [2022-11-20 12:46:12,494 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 12:46:12,494 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 12:46:12,521 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:12,640 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-11-20 12:46:12,645 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:12,653 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2022-11-20 12:46:12,660 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:12,663 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-20 12:46:12,664 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 12:46:12,664 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [197896520] [2022-11-20 12:46:12,664 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [197896520] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 12:46:12,665 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 12:46:12,665 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-20 12:46:12,665 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1925365641] [2022-11-20 12:46:12,666 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 12:46:12,675 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-20 12:46:12,676 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 12:46:12,676 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-20 12:46:12,677 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-20 12:46:12,677 INFO L87 Difference]: Start difference. First operand 88 states and 113 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-20 12:46:12,703 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 12:46:12,704 INFO L93 Difference]: Finished difference Result 140 states and 180 transitions. [2022-11-20 12:46:12,704 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-20 12:46:12,705 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2022-11-20 12:46:12,705 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 12:46:12,707 INFO L225 Difference]: With dead ends: 140 [2022-11-20 12:46:12,707 INFO L226 Difference]: Without dead ends: 79 [2022-11-20 12:46:12,708 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-20 12:46:12,710 INFO L413 NwaCegarLoop]: 100 mSDtfsCounter, 13 mSDsluCounter, 83 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 183 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-20 12:46:12,711 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [16 Valid, 183 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-20 12:46:12,712 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 79 states. [2022-11-20 12:46:12,723 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 79 to 79. [2022-11-20 12:46:12,724 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 79 states, 63 states have (on average 1.3174603174603174) internal successors, (83), 70 states have internal predecessors, (83), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-20 12:46:12,726 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 79 states to 79 states and 101 transitions. [2022-11-20 12:46:12,726 INFO L78 Accepts]: Start accepts. Automaton has 79 states and 101 transitions. Word has length 33 [2022-11-20 12:46:12,726 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 12:46:12,727 INFO L495 AbstractCegarLoop]: Abstraction has 79 states and 101 transitions. [2022-11-20 12:46:12,727 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-20 12:46:12,727 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 101 transitions. [2022-11-20 12:46:12,729 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-11-20 12:46:12,729 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 12:46:12,729 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 12:46:12,729 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-20 12:46:12,730 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 12:46:12,730 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 12:46:12,731 INFO L85 PathProgramCache]: Analyzing trace with hash -1999351370, now seen corresponding path program 1 times [2022-11-20 12:46:12,731 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 12:46:12,731 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1731255190] [2022-11-20 12:46:12,732 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 12:46:12,732 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 12:46:12,759 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:12,833 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-20 12:46:12,836 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:12,841 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2022-11-20 12:46:12,843 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:12,845 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-20 12:46:12,846 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 12:46:12,846 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1731255190] [2022-11-20 12:46:12,846 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1731255190] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 12:46:12,847 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 12:46:12,847 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-20 12:46:12,847 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [819485861] [2022-11-20 12:46:12,847 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 12:46:12,848 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-20 12:46:12,848 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 12:46:12,849 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-20 12:46:12,849 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-20 12:46:12,849 INFO L87 Difference]: Start difference. First operand 79 states and 101 transitions. Second operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-20 12:46:12,880 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 12:46:12,880 INFO L93 Difference]: Finished difference Result 150 states and 195 transitions. [2022-11-20 12:46:12,881 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-20 12:46:12,881 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2022-11-20 12:46:12,882 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 12:46:12,883 INFO L225 Difference]: With dead ends: 150 [2022-11-20 12:46:12,883 INFO L226 Difference]: Without dead ends: 79 [2022-11-20 12:46:12,884 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-20 12:46:12,886 INFO L413 NwaCegarLoop]: 99 mSDtfsCounter, 91 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 91 SdHoareTripleChecker+Valid, 99 SdHoareTripleChecker+Invalid, 2 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-20 12:46:12,887 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [91 Valid, 99 Invalid, 2 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-20 12:46:12,888 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 79 states. [2022-11-20 12:46:12,909 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 79 to 79. [2022-11-20 12:46:12,910 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 79 states, 63 states have (on average 1.3015873015873016) internal successors, (82), 70 states have internal predecessors, (82), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-20 12:46:12,911 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 79 states to 79 states and 100 transitions. [2022-11-20 12:46:12,912 INFO L78 Accepts]: Start accepts. Automaton has 79 states and 100 transitions. Word has length 38 [2022-11-20 12:46:12,913 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 12:46:12,913 INFO L495 AbstractCegarLoop]: Abstraction has 79 states and 100 transitions. [2022-11-20 12:46:12,914 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-20 12:46:12,914 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 100 transitions. [2022-11-20 12:46:12,916 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2022-11-20 12:46:12,916 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 12:46:12,916 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 12:46:12,916 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-20 12:46:12,917 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 12:46:12,917 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 12:46:12,918 INFO L85 PathProgramCache]: Analyzing trace with hash 879947394, now seen corresponding path program 1 times [2022-11-20 12:46:12,918 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 12:46:12,918 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1280954914] [2022-11-20 12:46:12,918 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 12:46:12,919 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 12:46:12,968 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:13,013 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-20 12:46:13,015 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:13,017 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 38 [2022-11-20 12:46:13,018 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:13,021 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-20 12:46:13,021 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 12:46:13,022 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1280954914] [2022-11-20 12:46:13,022 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1280954914] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 12:46:13,022 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 12:46:13,022 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-20 12:46:13,023 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [400471721] [2022-11-20 12:46:13,023 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 12:46:13,024 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-20 12:46:13,024 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 12:46:13,025 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-20 12:46:13,025 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-20 12:46:13,025 INFO L87 Difference]: Start difference. First operand 79 states and 100 transitions. Second operand has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-20 12:46:13,081 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 12:46:13,081 INFO L93 Difference]: Finished difference Result 199 states and 258 transitions. [2022-11-20 12:46:13,082 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-20 12:46:13,083 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 46 [2022-11-20 12:46:13,083 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 12:46:13,085 INFO L225 Difference]: With dead ends: 199 [2022-11-20 12:46:13,085 INFO L226 Difference]: Without dead ends: 128 [2022-11-20 12:46:13,087 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-20 12:46:13,088 INFO L413 NwaCegarLoop]: 108 mSDtfsCounter, 80 mSDsluCounter, 68 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 80 SdHoareTripleChecker+Valid, 176 SdHoareTripleChecker+Invalid, 15 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-20 12:46:13,089 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [80 Valid, 176 Invalid, 15 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-20 12:46:13,090 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 128 states. [2022-11-20 12:46:13,115 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 128 to 126. [2022-11-20 12:46:13,116 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 126 states, 99 states have (on average 1.2828282828282829) internal successors, (127), 107 states have internal predecessors, (127), 14 states have call successors, (14), 12 states have call predecessors, (14), 12 states have return successors, (18), 14 states have call predecessors, (18), 14 states have call successors, (18) [2022-11-20 12:46:13,118 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 126 states to 126 states and 159 transitions. [2022-11-20 12:46:13,118 INFO L78 Accepts]: Start accepts. Automaton has 126 states and 159 transitions. Word has length 46 [2022-11-20 12:46:13,125 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 12:46:13,125 INFO L495 AbstractCegarLoop]: Abstraction has 126 states and 159 transitions. [2022-11-20 12:46:13,125 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-20 12:46:13,126 INFO L276 IsEmpty]: Start isEmpty. Operand 126 states and 159 transitions. [2022-11-20 12:46:13,127 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2022-11-20 12:46:13,128 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 12:46:13,128 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 12:46:13,128 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-20 12:46:13,129 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 12:46:13,129 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 12:46:13,129 INFO L85 PathProgramCache]: Analyzing trace with hash -2106872253, now seen corresponding path program 1 times [2022-11-20 12:46:13,130 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 12:46:13,130 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [870252890] [2022-11-20 12:46:13,130 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 12:46:13,130 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 12:46:13,170 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:13,491 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-20 12:46:13,492 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:13,510 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-20 12:46:13,515 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:13,560 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-11-20 12:46:13,562 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:13,565 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 46 [2022-11-20 12:46:13,567 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:13,600 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-20 12:46:13,600 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 12:46:13,600 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [870252890] [2022-11-20 12:46:13,601 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [870252890] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 12:46:13,601 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 12:46:13,601 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-11-20 12:46:13,601 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1027268477] [2022-11-20 12:46:13,601 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 12:46:13,602 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-11-20 12:46:13,602 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 12:46:13,603 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-11-20 12:46:13,603 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-11-20 12:46:13,603 INFO L87 Difference]: Start difference. First operand 126 states and 159 transitions. Second operand has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-20 12:46:14,086 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 12:46:14,087 INFO L93 Difference]: Finished difference Result 280 states and 355 transitions. [2022-11-20 12:46:14,087 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2022-11-20 12:46:14,088 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 54 [2022-11-20 12:46:14,090 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 12:46:14,098 INFO L225 Difference]: With dead ends: 280 [2022-11-20 12:46:14,099 INFO L226 Difference]: Without dead ends: 162 [2022-11-20 12:46:14,101 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 24 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 25 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=53, Invalid=157, Unknown=0, NotChecked=0, Total=210 [2022-11-20 12:46:14,103 INFO L413 NwaCegarLoop]: 94 mSDtfsCounter, 142 mSDsluCounter, 363 mSDsCounter, 0 mSdLazyCounter, 199 mSolverCounterSat, 30 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 148 SdHoareTripleChecker+Valid, 457 SdHoareTripleChecker+Invalid, 229 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 30 IncrementalHoareTripleChecker+Valid, 199 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-20 12:46:14,104 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [148 Valid, 457 Invalid, 229 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [30 Valid, 199 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-20 12:46:14,105 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 162 states. [2022-11-20 12:46:14,134 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 162 to 148. [2022-11-20 12:46:14,135 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 148 states, 116 states have (on average 1.2586206896551724) internal successors, (146), 124 states have internal predecessors, (146), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2022-11-20 12:46:14,137 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 148 states to 148 states and 185 transitions. [2022-11-20 12:46:14,137 INFO L78 Accepts]: Start accepts. Automaton has 148 states and 185 transitions. Word has length 54 [2022-11-20 12:46:14,137 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 12:46:14,137 INFO L495 AbstractCegarLoop]: Abstraction has 148 states and 185 transitions. [2022-11-20 12:46:14,138 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-20 12:46:14,138 INFO L276 IsEmpty]: Start isEmpty. Operand 148 states and 185 transitions. [2022-11-20 12:46:14,140 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2022-11-20 12:46:14,140 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 12:46:14,140 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 12:46:14,140 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-20 12:46:14,141 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 12:46:14,141 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 12:46:14,141 INFO L85 PathProgramCache]: Analyzing trace with hash 1055316791, now seen corresponding path program 1 times [2022-11-20 12:46:14,141 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 12:46:14,142 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1032515161] [2022-11-20 12:46:14,142 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 12:46:14,142 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 12:46:14,163 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:14,255 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-20 12:46:14,256 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:14,262 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-20 12:46:14,275 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:14,346 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2022-11-20 12:46:14,348 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:14,355 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-20 12:46:14,355 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 12:46:14,355 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1032515161] [2022-11-20 12:46:14,356 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1032515161] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 12:46:14,356 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 12:46:14,356 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-20 12:46:14,356 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [167188210] [2022-11-20 12:46:14,357 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 12:46:14,358 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-20 12:46:14,360 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 12:46:14,360 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-20 12:46:14,361 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-20 12:46:14,365 INFO L87 Difference]: Start difference. First operand 148 states and 185 transitions. Second operand has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-20 12:46:14,613 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 12:46:14,613 INFO L93 Difference]: Finished difference Result 298 states and 383 transitions. [2022-11-20 12:46:14,614 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-20 12:46:14,614 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 56 [2022-11-20 12:46:14,615 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 12:46:14,621 INFO L225 Difference]: With dead ends: 298 [2022-11-20 12:46:14,621 INFO L226 Difference]: Without dead ends: 158 [2022-11-20 12:46:14,624 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=32, Invalid=58, Unknown=0, NotChecked=0, Total=90 [2022-11-20 12:46:14,632 INFO L413 NwaCegarLoop]: 83 mSDtfsCounter, 71 mSDsluCounter, 277 mSDsCounter, 0 mSdLazyCounter, 117 mSolverCounterSat, 21 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 74 SdHoareTripleChecker+Valid, 360 SdHoareTripleChecker+Invalid, 138 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 21 IncrementalHoareTripleChecker+Valid, 117 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-20 12:46:14,636 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [74 Valid, 360 Invalid, 138 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [21 Valid, 117 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-20 12:46:14,638 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 158 states. [2022-11-20 12:46:14,665 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 158 to 151. [2022-11-20 12:46:14,666 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 151 states, 119 states have (on average 1.2521008403361344) internal successors, (149), 127 states have internal predecessors, (149), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2022-11-20 12:46:14,679 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 151 states to 151 states and 188 transitions. [2022-11-20 12:46:14,679 INFO L78 Accepts]: Start accepts. Automaton has 151 states and 188 transitions. Word has length 56 [2022-11-20 12:46:14,680 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 12:46:14,680 INFO L495 AbstractCegarLoop]: Abstraction has 151 states and 188 transitions. [2022-11-20 12:46:14,680 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-20 12:46:14,681 INFO L276 IsEmpty]: Start isEmpty. Operand 151 states and 188 transitions. [2022-11-20 12:46:14,682 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2022-11-20 12:46:14,682 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 12:46:14,683 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 12:46:14,683 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-20 12:46:14,683 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 12:46:14,684 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 12:46:14,684 INFO L85 PathProgramCache]: Analyzing trace with hash -750121543, now seen corresponding path program 1 times [2022-11-20 12:46:14,684 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 12:46:14,684 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [441309128] [2022-11-20 12:46:14,684 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 12:46:14,685 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 12:46:14,708 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:14,864 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-20 12:46:14,871 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:14,879 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-20 12:46:14,885 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:14,987 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2022-11-20 12:46:14,988 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:14,990 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-20 12:46:14,990 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 12:46:14,990 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [441309128] [2022-11-20 12:46:14,991 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [441309128] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 12:46:14,991 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 12:46:14,991 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-20 12:46:14,991 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [679083693] [2022-11-20 12:46:14,991 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 12:46:14,992 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-20 12:46:14,992 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 12:46:14,992 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-20 12:46:14,993 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-20 12:46:14,993 INFO L87 Difference]: Start difference. First operand 151 states and 188 transitions. Second operand has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-20 12:46:15,222 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 12:46:15,222 INFO L93 Difference]: Finished difference Result 307 states and 393 transitions. [2022-11-20 12:46:15,223 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-20 12:46:15,223 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 56 [2022-11-20 12:46:15,225 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 12:46:15,227 INFO L225 Difference]: With dead ends: 307 [2022-11-20 12:46:15,227 INFO L226 Difference]: Without dead ends: 164 [2022-11-20 12:46:15,229 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=34, Invalid=56, Unknown=0, NotChecked=0, Total=90 [2022-11-20 12:46:15,235 INFO L413 NwaCegarLoop]: 84 mSDtfsCounter, 178 mSDsluCounter, 196 mSDsCounter, 0 mSdLazyCounter, 96 mSolverCounterSat, 41 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 182 SdHoareTripleChecker+Valid, 280 SdHoareTripleChecker+Invalid, 137 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 41 IncrementalHoareTripleChecker+Valid, 96 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-20 12:46:15,236 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [182 Valid, 280 Invalid, 137 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [41 Valid, 96 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-20 12:46:15,239 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 164 states. [2022-11-20 12:46:15,269 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 164 to 153. [2022-11-20 12:46:15,275 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 153 states, 121 states have (on average 1.2479338842975207) internal successors, (151), 129 states have internal predecessors, (151), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2022-11-20 12:46:15,276 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 153 states to 153 states and 190 transitions. [2022-11-20 12:46:15,277 INFO L78 Accepts]: Start accepts. Automaton has 153 states and 190 transitions. Word has length 56 [2022-11-20 12:46:15,277 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 12:46:15,277 INFO L495 AbstractCegarLoop]: Abstraction has 153 states and 190 transitions. [2022-11-20 12:46:15,278 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-20 12:46:15,278 INFO L276 IsEmpty]: Start isEmpty. Operand 153 states and 190 transitions. [2022-11-20 12:46:15,279 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2022-11-20 12:46:15,279 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 12:46:15,280 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 12:46:15,280 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-20 12:46:15,280 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 12:46:15,281 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 12:46:15,281 INFO L85 PathProgramCache]: Analyzing trace with hash -609572933, now seen corresponding path program 1 times [2022-11-20 12:46:15,281 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 12:46:15,281 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1174629870] [2022-11-20 12:46:15,281 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 12:46:15,282 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 12:46:15,307 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:15,400 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-20 12:46:15,402 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:15,409 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-20 12:46:15,414 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:15,450 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2022-11-20 12:46:15,452 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:15,457 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-20 12:46:15,457 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 12:46:15,457 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1174629870] [2022-11-20 12:46:15,458 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1174629870] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 12:46:15,458 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 12:46:15,458 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-20 12:46:15,458 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1026424800] [2022-11-20 12:46:15,459 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 12:46:15,459 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-20 12:46:15,459 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 12:46:15,460 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-20 12:46:15,460 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-20 12:46:15,461 INFO L87 Difference]: Start difference. First operand 153 states and 190 transitions. Second operand has 5 states, 5 states have (on average 9.4) internal successors, (47), 4 states have internal predecessors, (47), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-20 12:46:15,802 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 12:46:15,802 INFO L93 Difference]: Finished difference Result 430 states and 556 transitions. [2022-11-20 12:46:15,803 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-20 12:46:15,803 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.4) internal successors, (47), 4 states have internal predecessors, (47), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 56 [2022-11-20 12:46:15,803 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 12:46:15,808 INFO L225 Difference]: With dead ends: 430 [2022-11-20 12:46:15,808 INFO L226 Difference]: Without dead ends: 285 [2022-11-20 12:46:15,810 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2022-11-20 12:46:15,814 INFO L413 NwaCegarLoop]: 131 mSDtfsCounter, 215 mSDsluCounter, 172 mSDsCounter, 0 mSdLazyCounter, 155 mSolverCounterSat, 63 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 222 SdHoareTripleChecker+Valid, 303 SdHoareTripleChecker+Invalid, 218 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 63 IncrementalHoareTripleChecker+Valid, 155 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-20 12:46:15,816 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [222 Valid, 303 Invalid, 218 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [63 Valid, 155 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-20 12:46:15,819 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 285 states. [2022-11-20 12:46:15,868 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 285 to 283. [2022-11-20 12:46:15,869 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 283 states, 219 states have (on average 1.2191780821917808) internal successors, (267), 231 states have internal predecessors, (267), 34 states have call successors, (34), 28 states have call predecessors, (34), 29 states have return successors, (53), 34 states have call predecessors, (53), 34 states have call successors, (53) [2022-11-20 12:46:15,873 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 283 states to 283 states and 354 transitions. [2022-11-20 12:46:15,873 INFO L78 Accepts]: Start accepts. Automaton has 283 states and 354 transitions. Word has length 56 [2022-11-20 12:46:15,873 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 12:46:15,874 INFO L495 AbstractCegarLoop]: Abstraction has 283 states and 354 transitions. [2022-11-20 12:46:15,874 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.4) internal successors, (47), 4 states have internal predecessors, (47), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-20 12:46:15,874 INFO L276 IsEmpty]: Start isEmpty. Operand 283 states and 354 transitions. [2022-11-20 12:46:15,883 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2022-11-20 12:46:15,884 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 12:46:15,884 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 12:46:15,885 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-11-20 12:46:15,885 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 12:46:15,886 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 12:46:15,886 INFO L85 PathProgramCache]: Analyzing trace with hash 1449050389, now seen corresponding path program 1 times [2022-11-20 12:46:15,887 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 12:46:15,887 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [596732750] [2022-11-20 12:46:15,887 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 12:46:15,888 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 12:46:15,920 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:16,155 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-20 12:46:16,159 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:16,167 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-11-20 12:46:16,169 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:16,183 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2022-11-20 12:46:16,188 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:16,229 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 52 [2022-11-20 12:46:16,230 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:16,232 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-20 12:46:16,233 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 12:46:16,233 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [596732750] [2022-11-20 12:46:16,234 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [596732750] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 12:46:16,234 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 12:46:16,234 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2022-11-20 12:46:16,234 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1059112726] [2022-11-20 12:46:16,234 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 12:46:16,236 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-11-20 12:46:16,236 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 12:46:16,236 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-11-20 12:46:16,237 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=70, Unknown=0, NotChecked=0, Total=90 [2022-11-20 12:46:16,237 INFO L87 Difference]: Start difference. First operand 283 states and 354 transitions. Second operand has 10 states, 10 states have (on average 4.9) internal successors, (49), 8 states have internal predecessors, (49), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-20 12:46:17,354 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 12:46:17,355 INFO L93 Difference]: Finished difference Result 770 states and 1011 transitions. [2022-11-20 12:46:17,355 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2022-11-20 12:46:17,355 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.9) internal successors, (49), 8 states have internal predecessors, (49), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 60 [2022-11-20 12:46:17,356 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 12:46:17,360 INFO L225 Difference]: With dead ends: 770 [2022-11-20 12:46:17,360 INFO L226 Difference]: Without dead ends: 546 [2022-11-20 12:46:17,363 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 42 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 31 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 255 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=250, Invalid=806, Unknown=0, NotChecked=0, Total=1056 [2022-11-20 12:46:17,364 INFO L413 NwaCegarLoop]: 104 mSDtfsCounter, 624 mSDsluCounter, 442 mSDsCounter, 0 mSdLazyCounter, 518 mSolverCounterSat, 205 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 629 SdHoareTripleChecker+Valid, 546 SdHoareTripleChecker+Invalid, 723 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 205 IncrementalHoareTripleChecker+Valid, 518 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2022-11-20 12:46:17,364 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [629 Valid, 546 Invalid, 723 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [205 Valid, 518 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2022-11-20 12:46:17,366 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 546 states. [2022-11-20 12:46:17,440 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 546 to 440. [2022-11-20 12:46:17,442 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 440 states, 342 states have (on average 1.2076023391812865) internal successors, (413), 363 states have internal predecessors, (413), 51 states have call successors, (51), 39 states have call predecessors, (51), 46 states have return successors, (83), 52 states have call predecessors, (83), 51 states have call successors, (83) [2022-11-20 12:46:17,446 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 440 states to 440 states and 547 transitions. [2022-11-20 12:46:17,446 INFO L78 Accepts]: Start accepts. Automaton has 440 states and 547 transitions. Word has length 60 [2022-11-20 12:46:17,447 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 12:46:17,447 INFO L495 AbstractCegarLoop]: Abstraction has 440 states and 547 transitions. [2022-11-20 12:46:17,447 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 4.9) internal successors, (49), 8 states have internal predecessors, (49), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-20 12:46:17,448 INFO L276 IsEmpty]: Start isEmpty. Operand 440 states and 547 transitions. [2022-11-20 12:46:17,450 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 103 [2022-11-20 12:46:17,450 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 12:46:17,450 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 12:46:17,451 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2022-11-20 12:46:17,451 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 12:46:17,451 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 12:46:17,452 INFO L85 PathProgramCache]: Analyzing trace with hash -1477759876, now seen corresponding path program 1 times [2022-11-20 12:46:17,452 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-20 12:46:17,452 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2061550261] [2022-11-20 12:46:17,452 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 12:46:17,453 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 12:46:17,478 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:17,625 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-20 12:46:17,626 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:17,643 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2022-11-20 12:46:17,649 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:17,674 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-20 12:46:17,680 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:17,691 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2022-11-20 12:46:17,696 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:17,706 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 66 [2022-11-20 12:46:17,708 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:17,726 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 82 [2022-11-20 12:46:17,728 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:17,734 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-11-20 12:46:17,736 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:17,742 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 94 [2022-11-20 12:46:17,743 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:17,745 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 16 proven. 11 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2022-11-20 12:46:17,746 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-20 12:46:17,746 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2061550261] [2022-11-20 12:46:17,746 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2061550261] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-20 12:46:17,746 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1557804881] [2022-11-20 12:46:17,747 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 12:46:17,747 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-20 12:46:17,747 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a2eb43ae-664f-4560-8d65-a0aad559c04b/bin/uautomizer-ug76WZFUDN/z3 [2022-11-20 12:46:17,755 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a2eb43ae-664f-4560-8d65-a0aad559c04b/bin/uautomizer-ug76WZFUDN/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-20 12:46:17,783 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a2eb43ae-664f-4560-8d65-a0aad559c04b/bin/uautomizer-ug76WZFUDN/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-20 12:46:17,904 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 12:46:17,908 INFO L263 TraceCheckSpWp]: Trace formula consists of 356 conjuncts, 8 conjunts are in the unsatisfiable core [2022-11-20 12:46:17,920 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-20 12:46:18,218 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 25 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-20 12:46:18,219 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-20 12:46:18,477 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 19 proven. 8 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2022-11-20 12:46:18,478 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1557804881] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-20 12:46:18,478 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-20 12:46:18,478 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2022-11-20 12:46:18,478 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [380084182] [2022-11-20 12:46:18,479 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-20 12:46:18,479 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2022-11-20 12:46:18,480 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-20 12:46:18,480 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2022-11-20 12:46:18,480 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=174, Unknown=0, NotChecked=0, Total=210 [2022-11-20 12:46:18,481 INFO L87 Difference]: Start difference. First operand 440 states and 547 transitions. Second operand has 15 states, 15 states have (on average 8.4) internal successors, (126), 10 states have internal predecessors, (126), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 6 states have call successors, (16) [2022-11-20 12:46:20,000 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 12:46:20,001 INFO L93 Difference]: Finished difference Result 925 states and 1176 transitions. [2022-11-20 12:46:20,001 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2022-11-20 12:46:20,002 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 8.4) internal successors, (126), 10 states have internal predecessors, (126), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 6 states have call successors, (16) Word has length 102 [2022-11-20 12:46:20,002 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 12:46:20,003 INFO L225 Difference]: With dead ends: 925 [2022-11-20 12:46:20,003 INFO L226 Difference]: Without dead ends: 0 [2022-11-20 12:46:20,006 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 266 GetRequests, 224 SyntacticMatches, 4 SemanticMatches, 38 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 369 ImplicationChecksByTransitivity, 0.6s TimeCoverageRelationStatistics Valid=356, Invalid=1204, Unknown=0, NotChecked=0, Total=1560 [2022-11-20 12:46:20,007 INFO L413 NwaCegarLoop]: 169 mSDtfsCounter, 458 mSDsluCounter, 1022 mSDsCounter, 0 mSdLazyCounter, 983 mSolverCounterSat, 182 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 463 SdHoareTripleChecker+Valid, 1191 SdHoareTripleChecker+Invalid, 1165 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 182 IncrementalHoareTripleChecker+Valid, 983 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.9s IncrementalHoareTripleChecker+Time [2022-11-20 12:46:20,008 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [463 Valid, 1191 Invalid, 1165 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [182 Valid, 983 Invalid, 0 Unknown, 0 Unchecked, 0.9s Time] [2022-11-20 12:46:20,009 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-20 12:46:20,009 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-20 12:46:20,009 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-20 12:46:20,009 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-20 12:46:20,010 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 102 [2022-11-20 12:46:20,010 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 12:46:20,010 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-20 12:46:20,011 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 8.4) internal successors, (126), 10 states have internal predecessors, (126), 6 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 6 states have call successors, (16) [2022-11-20 12:46:20,011 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-20 12:46:20,011 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-20 12:46:20,014 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-20 12:46:20,028 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a2eb43ae-664f-4560-8d65-a0aad559c04b/bin/uautomizer-ug76WZFUDN/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-20 12:46:20,221 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a2eb43ae-664f-4560-8d65-a0aad559c04b/bin/uautomizer-ug76WZFUDN/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-20 12:46:20,223 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-20 12:46:26,053 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 790 796) no Hoare annotation was computed. [2022-11-20 12:46:26,054 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 790 796) the Hoare annotation is: true [2022-11-20 12:46:26,054 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 84 95) the Hoare annotation is: true [2022-11-20 12:46:26,054 INFO L899 garLoopResultBuilder]: For program point L88-1(lines 84 95) no Hoare annotation was computed. [2022-11-20 12:46:26,055 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 84 95) no Hoare annotation was computed. [2022-11-20 12:46:26,055 INFO L899 garLoopResultBuilder]: For program point L64(lines 64 68) no Hoare annotation was computed. [2022-11-20 12:46:26,055 INFO L899 garLoopResultBuilder]: For program point L770-2(lines 766 788) no Hoare annotation was computed. [2022-11-20 12:46:26,055 INFO L899 garLoopResultBuilder]: For program point L832(lines 832 840) no Hoare annotation was computed. [2022-11-20 12:46:26,056 INFO L895 garLoopResultBuilder]: At program point L192(line 192) the Hoare annotation is: (let ((.cse8 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse7 (= ~pumpRunning~0 0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0))) (and (let ((.cse3 (= ~waterLevel~0 1))) (or .cse0 .cse1 (and .cse2 .cse3 .cse4) .cse5 .cse6 (and .cse7 .cse3 .cse4))) (or .cse8 (and .cse7 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse0 .cse5) (or .cse8 .cse0 .cse5 .cse6) (let ((.cse9 (<= ~waterLevel~0 2))) (or .cse0 .cse1 (and .cse7 .cse9 .cse4) .cse5 (and .cse2 .cse9 .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-11-20 12:46:26,056 INFO L899 garLoopResultBuilder]: For program point L192-1(line 192) no Hoare annotation was computed. [2022-11-20 12:46:26,056 INFO L895 garLoopResultBuilder]: At program point L64-2(lines 60 71) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 (and .cse3 (<= ~waterLevel~0 2) .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2) (or .cse0 .cse1 (and .cse3 (= ~waterLevel~0 1) .cse4) .cse2 (not (<= 2 |old(~waterLevel~0)|))))) [2022-11-20 12:46:26,056 INFO L899 garLoopResultBuilder]: For program point L828(lines 828 845) no Hoare annotation was computed. [2022-11-20 12:46:26,057 INFO L895 garLoopResultBuilder]: At program point L973(lines 958 976) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 (and .cse3 (<= ~waterLevel~0 2) .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2) (or .cse0 .cse1 (and .cse3 (= ~waterLevel~0 1) .cse4) .cse2 (not (<= 2 |old(~waterLevel~0)|))))) [2022-11-20 12:46:26,057 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 763 789) no Hoare annotation was computed. [2022-11-20 12:46:26,057 INFO L895 garLoopResultBuilder]: At program point L156(lines 151 159) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 (and .cse3 (<= ~waterLevel~0 2) .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2) (or .cse0 .cse1 (and .cse3 (= ~waterLevel~0 1) .cse4) .cse2 (not (<= 2 |old(~waterLevel~0)|))))) [2022-11-20 12:46:26,058 INFO L895 garLoopResultBuilder]: At program point L177(line 177) the Hoare annotation is: (let ((.cse0 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1))) (and (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse3) (or .cse2 .cse4 .cse3 .cse5 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 .cse4 .cse3 .cse5 (not (<= 2 |old(~waterLevel~0)|)))))) [2022-11-20 12:46:26,058 INFO L899 garLoopResultBuilder]: For program point L177-1(line 177) no Hoare annotation was computed. [2022-11-20 12:46:26,058 INFO L899 garLoopResultBuilder]: For program point L685(line 685) no Hoare annotation was computed. [2022-11-20 12:46:26,059 INFO L895 garLoopResultBuilder]: At program point L838(line 838) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 (and .cse3 (<= ~waterLevel~0 2) .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2) (or .cse0 .cse1 (and .cse3 (= ~waterLevel~0 1) .cse4) .cse2 (not (<= 2 |old(~waterLevel~0)|))))) [2022-11-20 12:46:26,059 INFO L899 garLoopResultBuilder]: For program point L194(lines 194 204) no Hoare annotation was computed. [2022-11-20 12:46:26,059 INFO L899 garLoopResultBuilder]: For program point L190(lines 190 207) no Hoare annotation was computed. [2022-11-20 12:46:26,060 INFO L895 garLoopResultBuilder]: At program point L190-1(lines 182 210) the Hoare annotation is: (let ((.cse6 (= 1 ~systemActive~0))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse3 (not .cse6)) (.cse5 (not (<= 1 |old(~pumpRunning~0)|))) (.cse9 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse8 (<= 1 ~switchedOnBeforeTS~0)) (.cse4 (not (<= |old(~waterLevel~0)| 2))) (.cse10 (not (<= 2 |old(~waterLevel~0)|)))) (and (let ((.cse2 (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse0 (and .cse1 .cse2) .cse3 (and (<= 1 ~pumpRunning~0) (<= 2 ~waterLevel~0) .cse2) .cse4)) (let ((.cse7 (<= ~waterLevel~0 2))) (or .cse3 .cse5 (and .cse1 .cse6 .cse7 .cse8) .cse4 (and .cse9 .cse7 .cse8) (not (<= 1 |old(~switchedOnBeforeTS~0)|)))) (or .cse0 .cse3 (and (< 1 |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1|) (<= |timeShift_getWaterLevel_#res#1| 2) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| 2) (<= 2 |timeShift_getWaterLevel_#res#1|)) .cse4 .cse10) (let ((.cse11 (= ~waterLevel~0 1))) (or (and .cse1 .cse6 .cse11 .cse8) .cse3 .cse5 (and .cse9 .cse11 .cse8) .cse4 .cse10))))) [2022-11-20 12:46:26,060 INFO L895 garLoopResultBuilder]: At program point L880(lines 875 882) the Hoare annotation is: (let ((.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse2 (= ~pumpRunning~0 0)) (.cse3 (<= 1 ~switchedOnBeforeTS~0)) (.cse0 (not (= 1 ~systemActive~0))) (.cse4 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (and .cse2 (<= ~waterLevel~0 2) .cse3) .cse4 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 .cse1 .cse4 (not (<= 2 |old(~waterLevel~0)|)) (and .cse2 (= ~waterLevel~0 1) .cse3)) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse4))) [2022-11-20 12:46:26,060 INFO L895 garLoopResultBuilder]: At program point L686(lines 681 688) the Hoare annotation is: (let ((.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 .cse1 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2))) [2022-11-20 12:46:26,061 INFO L895 garLoopResultBuilder]: At program point L843(line 843) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= 1 |old(~pumpRunning~0)|))) (.cse1 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse0 .cse1) (or .cse0 .cse2 .cse1 (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 .cse2 .cse1 (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-11-20 12:46:26,061 INFO L895 garLoopResultBuilder]: At program point L843-1(lines 824 848) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse6 (= ~pumpRunning~0 0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0))) (and (let ((.cse3 (= ~waterLevel~0 1))) (or .cse0 .cse1 (and .cse2 .cse3 .cse4) .cse5 (not (<= 2 |old(~waterLevel~0)|)) (and .cse6 .cse3 .cse4))) (let ((.cse7 (= |old(~waterLevel~0)| ~waterLevel~0))) (or (not (= |old(~pumpRunning~0)| 0)) (and .cse6 .cse7) .cse0 (and (<= 1 ~pumpRunning~0) (<= 2 ~waterLevel~0) .cse7) .cse5)) (let ((.cse8 (<= ~waterLevel~0 2))) (or .cse0 .cse1 (and .cse6 .cse8 .cse4) .cse5 (and .cse2 .cse8 .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-11-20 12:46:26,061 INFO L899 garLoopResultBuilder]: For program point L777-1(lines 777 783) no Hoare annotation was computed. [2022-11-20 12:46:26,062 INFO L899 garLoopResultBuilder]: For program point L967(lines 967 971) no Hoare annotation was computed. [2022-11-20 12:46:26,062 INFO L899 garLoopResultBuilder]: For program point L967-2(lines 967 971) no Hoare annotation was computed. [2022-11-20 12:46:26,062 INFO L895 garLoopResultBuilder]: At program point L133(lines 128 136) the Hoare annotation is: (let ((.cse8 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse7 (= ~pumpRunning~0 0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0))) (and (let ((.cse3 (= ~waterLevel~0 1))) (or .cse0 .cse1 (and .cse2 .cse3 .cse4) .cse5 .cse6 (and .cse7 .cse3 .cse4))) (let ((.cse9 (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse8 (and .cse7 .cse9) .cse0 (and (<= 1 ~pumpRunning~0) (<= 2 ~waterLevel~0) .cse9) .cse5)) (or .cse8 .cse0 .cse5 (and (<= |timeShift_getWaterLevel_#res#1| 2) (<= 2 |timeShift_getWaterLevel_#res#1|)) .cse6) (let ((.cse10 (<= ~waterLevel~0 2))) (or .cse0 .cse1 (and .cse7 .cse10 .cse4) .cse5 (and .cse2 .cse10 .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-11-20 12:46:26,062 INFO L899 garLoopResultBuilder]: For program point L195(lines 195 201) no Hoare annotation was computed. [2022-11-20 12:46:26,063 INFO L895 garLoopResultBuilder]: At program point L179(lines 172 181) the Hoare annotation is: (let ((.cse0 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse3 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (<= 1 ~switchedOnBeforeTS~0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) .cse0) .cse1 .cse2) (or .cse3 .cse1 .cse4 .cse2 (not (<= 2 |old(~waterLevel~0)|))) (or .cse3 .cse1 .cse4 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-11-20 12:46:26,063 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 763 789) the Hoare annotation is: (let ((.cse0 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1))) (and (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse3) (or .cse2 .cse4 .cse3 .cse5 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 .cse4 .cse3 .cse5 (not (<= 2 |old(~waterLevel~0)|)))))) [2022-11-20 12:46:26,063 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 763 789) no Hoare annotation was computed. [2022-11-20 12:46:26,064 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 685) no Hoare annotation was computed. [2022-11-20 12:46:26,064 INFO L899 garLoopResultBuilder]: For program point L770(lines 770 776) no Hoare annotation was computed. [2022-11-20 12:46:26,064 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 580 609) no Hoare annotation was computed. [2022-11-20 12:46:26,064 INFO L902 garLoopResultBuilder]: At program point L605(lines 580 609) the Hoare annotation is: true [2022-11-20 12:46:26,064 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 580 609) the Hoare annotation is: true [2022-11-20 12:46:26,065 INFO L899 garLoopResultBuilder]: For program point L601(line 601) no Hoare annotation was computed. [2022-11-20 12:46:26,065 INFO L899 garLoopResultBuilder]: For program point L594(lines 594 598) no Hoare annotation was computed. [2022-11-20 12:46:26,065 INFO L902 garLoopResultBuilder]: At program point L594-1(lines 594 598) the Hoare annotation is: true [2022-11-20 12:46:26,065 INFO L899 garLoopResultBuilder]: For program point L591(line 591) no Hoare annotation was computed. [2022-11-20 12:46:26,065 INFO L902 garLoopResultBuilder]: At program point L590-2(lines 590 604) the Hoare annotation is: true [2022-11-20 12:46:26,066 INFO L902 garLoopResultBuilder]: At program point L586(line 586) the Hoare annotation is: true [2022-11-20 12:46:26,066 INFO L899 garLoopResultBuilder]: For program point L586-1(line 586) no Hoare annotation was computed. [2022-11-20 12:46:26,066 INFO L899 garLoopResultBuilder]: For program point L667(lines 667 674) no Hoare annotation was computed. [2022-11-20 12:46:26,066 INFO L899 garLoopResultBuilder]: For program point L667-2(lines 667 674) no Hoare annotation was computed. [2022-11-20 12:46:26,066 INFO L899 garLoopResultBuilder]: For program point L721(lines 721 727) no Hoare annotation was computed. [2022-11-20 12:46:26,067 INFO L899 garLoopResultBuilder]: For program point L721-1(lines 721 727) no Hoare annotation was computed. [2022-11-20 12:46:26,067 INFO L902 garLoopResultBuilder]: At program point L651(lines 643 653) the Hoare annotation is: true [2022-11-20 12:46:26,067 INFO L895 garLoopResultBuilder]: At program point L746(lines 701 748) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2 .cse3) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3) (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)))) [2022-11-20 12:46:26,067 INFO L895 garLoopResultBuilder]: At program point L713(line 713) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2 .cse3) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3) (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)))) [2022-11-20 12:46:26,068 INFO L902 garLoopResultBuilder]: At program point L676(lines 657 679) the Hoare annotation is: true [2022-11-20 12:46:26,068 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-11-20 12:46:26,068 INFO L895 garLoopResultBuilder]: At program point L639(lines 635 641) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-20 12:46:26,068 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-11-20 12:46:26,068 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-11-20 12:46:26,069 INFO L895 garLoopResultBuilder]: At program point L982(lines 977 984) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2 .cse3) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3) (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)))) [2022-11-20 12:46:26,069 INFO L895 garLoopResultBuilder]: At program point L169(lines 164 171) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-20 12:46:26,069 INFO L899 garLoopResultBuilder]: For program point L739(lines 739 743) no Hoare annotation was computed. [2022-11-20 12:46:26,069 INFO L895 garLoopResultBuilder]: At program point L739-2(lines 731 744) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2 .cse3) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3) (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)))) [2022-11-20 12:46:26,070 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-20 12:46:26,070 INFO L899 garLoopResultBuilder]: For program point L702(lines 701 748) no Hoare annotation was computed. [2022-11-20 12:46:26,070 INFO L899 garLoopResultBuilder]: For program point L731(lines 731 744) no Hoare annotation was computed. [2022-11-20 12:46:26,070 INFO L895 garLoopResultBuilder]: At program point L1016(lines 1011 1019) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-20 12:46:26,070 INFO L895 garLoopResultBuilder]: At program point L723(line 723) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2))) (or (and .cse0 (<= 2 ~waterLevel~0) .cse1 .cse2 .cse3) (and (= ~pumpRunning~0 0) .cse1 .cse2 .cse3) (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)))) [2022-11-20 12:46:26,071 INFO L895 garLoopResultBuilder]: At program point L1008(lines 1004 1010) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-20 12:46:26,071 INFO L902 garLoopResultBuilder]: At program point L752(lines 691 756) the Hoare annotation is: true [2022-11-20 12:46:26,071 INFO L899 garLoopResultBuilder]: For program point L711(lines 711 717) no Hoare annotation was computed. [2022-11-20 12:46:26,071 INFO L899 garLoopResultBuilder]: For program point L711-1(lines 711 717) no Hoare annotation was computed. [2022-11-20 12:46:26,072 INFO L899 garLoopResultBuilder]: For program point L703(lines 703 707) no Hoare annotation was computed. [2022-11-20 12:46:26,072 INFO L895 garLoopResultBuilder]: At program point L749(lines 700 750) the Hoare annotation is: false [2022-11-20 12:46:26,072 INFO L895 garLoopResultBuilder]: At program point L1001(lines 997 1003) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-20 12:46:26,072 INFO L899 garLoopResultBuilder]: For program point L865(lines 865 871) no Hoare annotation was computed. [2022-11-20 12:46:26,072 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 798 822) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) .cse0 .cse1))) [2022-11-20 12:46:26,073 INFO L895 garLoopResultBuilder]: At program point L865-2(lines 858 874) the Hoare annotation is: (let ((.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (<= ~waterLevel~0 2)))) (and (let ((.cse0 (<= 2 ~waterLevel~0))) (or (not (= |old(~pumpRunning~0)| 0)) (and (<= 1 ~pumpRunning~0) .cse0) .cse1 .cse2 (and (= ~pumpRunning~0 0) .cse0))) (or .cse1 (not (<= 1 |old(~pumpRunning~0)|)) .cse2 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-20 12:46:26,073 INFO L895 garLoopResultBuilder]: At program point L954(lines 939 957) the Hoare annotation is: (let ((.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (<= ~waterLevel~0 2)))) (and (let ((.cse0 (= ~pumpRunning~0 0))) (or (not (= |old(~pumpRunning~0)| 0)) (and .cse0 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp___0~2#1| 0) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1| 0) (not (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp~9#1| 0))) .cse1 .cse2 (and .cse0 (<= 2 ~waterLevel~0)))) (or .cse1 (not (<= 1 |old(~pumpRunning~0)|)) .cse2 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-20 12:46:26,073 INFO L895 garLoopResultBuilder]: At program point L890(lines 883 893) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1 (and (= ~pumpRunning~0 0) (<= 2 ~waterLevel~0))))) [2022-11-20 12:46:26,074 INFO L899 garLoopResultBuilder]: For program point L948(lines 948 952) no Hoare annotation was computed. [2022-11-20 12:46:26,074 INFO L899 garLoopResultBuilder]: For program point L948-2(lines 948 952) no Hoare annotation was computed. [2022-11-20 12:46:26,074 INFO L899 garLoopResultBuilder]: For program point L141(lines 141 147) no Hoare annotation was computed. [2022-11-20 12:46:26,074 INFO L895 garLoopResultBuilder]: At program point L812(line 812) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~6#1| 0)) (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-20 12:46:26,074 INFO L899 garLoopResultBuilder]: For program point L806(lines 806 814) no Hoare annotation was computed. [2022-11-20 12:46:26,075 INFO L899 garLoopResultBuilder]: For program point L802(lines 802 819) no Hoare annotation was computed. [2022-11-20 12:46:26,075 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 798 822) no Hoare annotation was computed. [2022-11-20 12:46:26,075 INFO L895 garLoopResultBuilder]: At program point L854(lines 849 856) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) (and (<= 1 ~pumpRunning~0) (<= 2 ~waterLevel~0)) .cse0 .cse1))) [2022-11-20 12:46:26,076 INFO L895 garLoopResultBuilder]: At program point L146(lines 137 150) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= ~waterLevel~0 2)))) (and (let ((.cse1 (= ~pumpRunning~0 0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and .cse1 (not (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1| 0))) .cse2 (and .cse1 (<= 2 ~waterLevel~0)))) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse2 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-20 12:46:26,076 INFO L895 garLoopResultBuilder]: At program point L817(line 817) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1))) [2022-11-20 12:46:26,076 INFO L899 garLoopResultBuilder]: For program point L817-1(lines 798 822) no Hoare annotation was computed. [2022-11-20 12:46:26,079 INFO L895 garLoopResultBuilder]: At program point L101(lines 96 104) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2)))) (and (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1 (and (= ~pumpRunning~0 0) (<= 2 ~waterLevel~0))))) [2022-11-20 12:46:26,083 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 72 83) no Hoare annotation was computed. [2022-11-20 12:46:26,083 INFO L899 garLoopResultBuilder]: For program point L76-1(lines 72 83) no Hoare annotation was computed. [2022-11-20 12:46:26,083 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 72 83) the Hoare annotation is: (let ((.cse1 (not (<= 1 ~pumpRunning~0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse3 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (<= 1 ~switchedOnBeforeTS~0))) (or .cse0 .cse1 .cse2 .cse3 (not (<= 2 |old(~waterLevel~0)|))) (or (not (= ~pumpRunning~0 0)) .cse0 .cse2 .cse3))) [2022-11-20 12:46:26,084 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 894 902) no Hoare annotation was computed. [2022-11-20 12:46:26,084 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 894 902) the Hoare annotation is: true [2022-11-20 12:46:26,084 INFO L899 garLoopResultBuilder]: For program point isPumpRunningFINAL(lines 894 902) no Hoare annotation was computed. [2022-11-20 12:46:26,088 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 12:46:26,091 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-20 12:46:26,154 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 20.11 12:46:26 BoogieIcfgContainer [2022-11-20 12:46:26,154 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-20 12:46:26,155 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-20 12:46:26,155 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-20 12:46:26,155 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-20 12:46:26,156 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.11 12:46:11" (3/4) ... [2022-11-20 12:46:26,169 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-20 12:46:26,177 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-20 12:46:26,177 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-20 12:46:26,181 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-20 12:46:26,182 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-20 12:46:26,182 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-20 12:46:26,182 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-20 12:46:26,183 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-11-20 12:46:26,202 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 26 nodes and edges [2022-11-20 12:46:26,203 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 8 nodes and edges [2022-11-20 12:46:26,203 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 4 nodes and edges [2022-11-20 12:46:26,204 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-20 12:46:26,204 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-20 12:46:26,242 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-20 12:46:26,243 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-11-20 12:46:26,246 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((pumpRunning == 0 && 1 == systemActive) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((1 < tmp && \result <= 2) && tmp <= 2) && 2 <= \result)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((((pumpRunning == 0 && 1 == systemActive) && waterLevel == 1) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-11-20 12:46:26,247 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS)) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-20 12:46:26,247 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-20 12:46:26,248 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS)) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || (\result <= 2 && 2 <= \result)) || !(2 <= \old(waterLevel)))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-20 12:46:26,248 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-11-20 12:46:26,248 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && !(\result == 0))) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) [2022-11-20 12:46:26,249 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-11-20 12:46:26,250 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && tmp___0 == 0) && \result == 0) && !(tmp == 0))) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) [2022-11-20 12:46:26,250 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-20 12:46:26,256 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) [2022-11-20 12:46:26,257 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) [2022-11-20 12:46:26,257 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || (1 <= pumpRunning && 2 <= waterLevel)) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) [2022-11-20 12:46:26,257 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || (1 <= pumpRunning && 2 <= waterLevel)) || !(1 == systemActive)) || !(waterLevel <= 2)) [2022-11-20 12:46:26,319 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a2eb43ae-664f-4560-8d65-a0aad559c04b/bin/uautomizer-ug76WZFUDN/witness.graphml [2022-11-20 12:46:26,320 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-20 12:46:26,321 INFO L158 Benchmark]: Toolchain (without parser) took 16161.32ms. Allocated memory was 121.6MB in the beginning and 188.7MB in the end (delta: 67.1MB). Free memory was 91.8MB in the beginning and 50.5MB in the end (delta: 41.3MB). Peak memory consumption was 108.9MB. Max. memory is 16.1GB. [2022-11-20 12:46:26,321 INFO L158 Benchmark]: CDTParser took 0.24ms. Allocated memory is still 96.5MB. Free memory is still 51.1MB. There was no memory consumed. Max. memory is 16.1GB. [2022-11-20 12:46:26,322 INFO L158 Benchmark]: CACSL2BoogieTranslator took 559.74ms. Allocated memory is still 121.6MB. Free memory was 91.3MB in the beginning and 72.4MB in the end (delta: 18.9MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2022-11-20 12:46:26,322 INFO L158 Benchmark]: Boogie Procedure Inliner took 94.23ms. Allocated memory is still 121.6MB. Free memory was 72.4MB in the beginning and 70.3MB in the end (delta: 2.1MB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-20 12:46:26,322 INFO L158 Benchmark]: Boogie Preprocessor took 30.69ms. Allocated memory is still 121.6MB. Free memory was 70.3MB in the beginning and 68.2MB in the end (delta: 2.1MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-11-20 12:46:26,323 INFO L158 Benchmark]: RCFGBuilder took 700.54ms. Allocated memory is still 121.6MB. Free memory was 68.2MB in the beginning and 50.9MB in the end (delta: 17.3MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2022-11-20 12:46:26,323 INFO L158 Benchmark]: TraceAbstraction took 14602.70ms. Allocated memory was 121.6MB in the beginning and 188.7MB in the end (delta: 67.1MB). Free memory was 50.4MB in the beginning and 56.8MB in the end (delta: -6.4MB). Peak memory consumption was 75.4MB. Max. memory is 16.1GB. [2022-11-20 12:46:26,324 INFO L158 Benchmark]: Witness Printer took 165.03ms. Allocated memory is still 188.7MB. Free memory was 56.8MB in the beginning and 50.5MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-20 12:46:26,326 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.24ms. Allocated memory is still 96.5MB. Free memory is still 51.1MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 559.74ms. Allocated memory is still 121.6MB. Free memory was 91.3MB in the beginning and 72.4MB in the end (delta: 18.9MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 94.23ms. Allocated memory is still 121.6MB. Free memory was 72.4MB in the beginning and 70.3MB in the end (delta: 2.1MB). There was no memory consumed. Max. memory is 16.1GB. * Boogie Preprocessor took 30.69ms. Allocated memory is still 121.6MB. Free memory was 70.3MB in the beginning and 68.2MB in the end (delta: 2.1MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * RCFGBuilder took 700.54ms. Allocated memory is still 121.6MB. Free memory was 68.2MB in the beginning and 50.9MB in the end (delta: 17.3MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 14602.70ms. Allocated memory was 121.6MB in the beginning and 188.7MB in the end (delta: 67.1MB). Free memory was 50.4MB in the beginning and 56.8MB in the end (delta: -6.4MB). Peak memory consumption was 75.4MB. Max. memory is 16.1GB. * Witness Printer took 165.03ms. Allocated memory is still 188.7MB. Free memory was 56.8MB in the beginning and 50.5MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 685]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 97 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 14.4s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 4.4s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 5.8s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1905 SdHoareTripleChecker+Valid, 2.4s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1872 mSDsluCounter, 3717 SdHoareTripleChecker+Invalid, 2.0s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2623 mSDsCounter, 549 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 2079 IncrementalHoareTripleChecker+Invalid, 2628 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 549 mSolverCounterUnsat, 1094 mSDtfsCounter, 2079 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 408 GetRequests, 298 SyntacticMatches, 4 SemanticMatches, 106 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 655 ImplicationChecksByTransitivity, 1.3s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=440occurred in iteration=9, InterpolantAutomatonStates: 101, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 10 MinimizatonAttempts, 142 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 46 LocationsWithAnnotation, 1015 PreInvPairs, 1233 NumberOfFragments, 1876 HoareAnnotationTreeSize, 1015 FomulaSimplifications, 752 FormulaSimplificationTreeSizeReduction, 0.5s HoareSimplificationTime, 46 FomulaSimplificationsInter, 9420 FormulaSimplificationTreeSizeReductionInter, 5.3s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 2.6s InterpolantComputationTime, 635 NumberOfCodeBlocks, 635 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 725 ConstructedInterpolants, 0 QuantifiedInterpolants, 1389 SizeOfPredicates, 3 NumberOfNonLiveVariables, 356 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 101/129 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 635]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 875]: Loop Invariant Derived loop invariant: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 700]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 691]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 977]: Loop Invariant Derived loop invariant: (((((1 <= pumpRunning && 2 <= waterLevel) && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) || (((pumpRunning == 0 && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2)) || ((((1 <= pumpRunning && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) && 1 <= switchedOnBeforeTS) - InvariantResult [Line: 128]: Loop Invariant Derived loop invariant: (((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS)) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || (\result <= 2 && 2 <= \result)) || !(2 <= \old(waterLevel)))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 172]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 96]: Loop Invariant Derived loop invariant: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) - InvariantResult [Line: 824]: Loop Invariant Derived loop invariant: ((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS)) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == 0 && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 590]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 1011]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 939]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && tmp___0 == 0) && \result == 0) && !(tmp == 0))) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 681]: Loop Invariant Derived loop invariant: ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 643]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 701]: Loop Invariant Derived loop invariant: (((((1 <= pumpRunning && 2 <= waterLevel) && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) || (((pumpRunning == 0 && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2)) || ((((1 <= pumpRunning && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) && 1 <= switchedOnBeforeTS) - InvariantResult [Line: 580]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 958]: Loop Invariant Derived loop invariant: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 182]: Loop Invariant Derived loop invariant: ((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || ((1 <= pumpRunning && 2 <= waterLevel) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((pumpRunning == 0 && 1 == systemActive) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((1 < tmp && \result <= 2) && tmp <= 2) && 2 <= \result)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((((pumpRunning == 0 && 1 == systemActive) && waterLevel == 1) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 883]: Loop Invariant Derived loop invariant: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) - InvariantResult [Line: 60]: Loop Invariant Derived loop invariant: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 164]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 858]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || (1 <= pumpRunning && 2 <= waterLevel)) || !(1 == systemActive)) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 1004]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 151]: Loop Invariant Derived loop invariant: (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel <= 2) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 137]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && !(\result == 0))) || !(waterLevel <= 2)) || (pumpRunning == 0 && 2 <= waterLevel)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 849]: Loop Invariant Derived loop invariant: (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 2)) || !(1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || (1 <= pumpRunning && 2 <= waterLevel)) || !(1 == systemActive)) || !(waterLevel <= 2)) - InvariantResult [Line: 997]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 657]: Loop Invariant Derived loop invariant: 1 RESULT: Ultimate proved your program to be correct! [2022-11-20 12:46:26,394 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a2eb43ae-664f-4560-8d65-a0aad559c04b/bin/uautomizer-ug76WZFUDN/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE