./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product49.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version b5237d83 Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/bin/uautomizer-vX5HgA9Q3a/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/bin/uautomizer-vX5HgA9Q3a/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/bin/uautomizer-vX5HgA9Q3a/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/bin/uautomizer-vX5HgA9Q3a/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product49.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/bin/uautomizer-vX5HgA9Q3a/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/bin/uautomizer-vX5HgA9Q3a --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 278b945680d29bf571e1aaa42d90b0a6b141ce129976e6e0985d57b09f7f9d7c --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-b5237d8 [2022-11-21 09:06:46,887 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-21 09:06:46,890 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-21 09:06:46,917 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-21 09:06:46,918 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-21 09:06:46,919 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-21 09:06:46,921 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-21 09:06:46,923 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-21 09:06:46,926 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-21 09:06:46,927 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-21 09:06:46,928 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-21 09:06:46,930 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-21 09:06:46,931 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-21 09:06:46,932 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-21 09:06:46,934 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-21 09:06:46,936 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-21 09:06:46,937 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-21 09:06:46,938 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-21 09:06:46,941 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-21 09:06:46,943 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-21 09:06:46,945 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-21 09:06:46,947 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-21 09:06:46,949 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-21 09:06:46,950 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-21 09:06:46,955 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-21 09:06:46,956 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-21 09:06:46,956 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-21 09:06:46,958 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-21 09:06:46,959 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-21 09:06:46,960 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-21 09:06:46,961 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-21 09:06:46,962 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-21 09:06:46,963 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-21 09:06:46,964 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-21 09:06:46,966 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-21 09:06:46,966 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-21 09:06:46,968 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-21 09:06:46,968 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-21 09:06:46,969 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-21 09:06:46,970 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-21 09:06:46,971 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-21 09:06:46,972 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/bin/uautomizer-vX5HgA9Q3a/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-11-21 09:06:47,002 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-21 09:06:47,002 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-21 09:06:47,003 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-21 09:06:47,003 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-21 09:06:47,004 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-21 09:06:47,004 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-21 09:06:47,005 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-11-21 09:06:47,006 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-11-21 09:06:47,006 INFO L138 SettingsManager]: * Use SBE=true [2022-11-21 09:06:47,007 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-21 09:06:47,007 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-21 09:06:47,007 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-21 09:06:47,008 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-21 09:06:47,008 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-21 09:06:47,008 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-21 09:06:47,009 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-21 09:06:47,009 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-21 09:06:47,009 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-21 09:06:47,010 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-21 09:06:47,010 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-21 09:06:47,011 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-21 09:06:47,011 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-21 09:06:47,011 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-11-21 09:06:47,012 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-21 09:06:47,012 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-21 09:06:47,012 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-21 09:06:47,013 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-21 09:06:47,013 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-21 09:06:47,014 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-11-21 09:06:47,014 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-21 09:06:47,014 INFO L138 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2022-11-21 09:06:47,015 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-11-21 09:06:47,015 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-21 09:06:47,015 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/bin/uautomizer-vX5HgA9Q3a/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/bin/uautomizer-vX5HgA9Q3a Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 278b945680d29bf571e1aaa42d90b0a6b141ce129976e6e0985d57b09f7f9d7c [2022-11-21 09:06:47,301 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-21 09:06:47,344 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-21 09:06:47,348 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-21 09:06:47,350 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-21 09:06:47,351 INFO L275 PluginConnector]: CDTParser initialized [2022-11-21 09:06:47,352 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/bin/uautomizer-vX5HgA9Q3a/../../sv-benchmarks/c/product-lines/minepump_spec5_product49.cil.c [2022-11-21 09:06:51,077 INFO L500 CDTParser]: Created temporary CDT project at NULL [2022-11-21 09:06:51,486 INFO L351 CDTParser]: Found 1 translation units. [2022-11-21 09:06:51,487 INFO L172 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/sv-benchmarks/c/product-lines/minepump_spec5_product49.cil.c [2022-11-21 09:06:51,500 INFO L394 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/bin/uautomizer-vX5HgA9Q3a/data/b09301e9e/1c6c02b7f487426f90f041f9a1dcab20/FLAG897239c12 [2022-11-21 09:06:51,521 INFO L402 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/bin/uautomizer-vX5HgA9Q3a/data/b09301e9e/1c6c02b7f487426f90f041f9a1dcab20 [2022-11-21 09:06:51,528 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-21 09:06:51,531 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-21 09:06:51,536 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-21 09:06:51,537 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-21 09:06:51,541 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-21 09:06:51,542 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 21.11 09:06:51" (1/1) ... [2022-11-21 09:06:51,544 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6180375f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.11 09:06:51, skipping insertion in model container [2022-11-21 09:06:51,545 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 21.11 09:06:51" (1/1) ... [2022-11-21 09:06:51,554 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-21 09:06:51,636 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-21 09:06:51,967 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/sv-benchmarks/c/product-lines/minepump_spec5_product49.cil.c[6886,6899] [2022-11-21 09:06:52,049 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-21 09:06:52,064 INFO L203 MainTranslator]: Completed pre-run [2022-11-21 09:06:52,108 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/sv-benchmarks/c/product-lines/minepump_spec5_product49.cil.c[6886,6899] [2022-11-21 09:06:52,156 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-21 09:06:52,178 INFO L208 MainTranslator]: Completed translation [2022-11-21 09:06:52,179 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.11 09:06:52 WrapperNode [2022-11-21 09:06:52,179 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-21 09:06:52,180 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-21 09:06:52,181 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-21 09:06:52,181 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-21 09:06:52,192 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.11 09:06:52" (1/1) ... [2022-11-21 09:06:52,209 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.11 09:06:52" (1/1) ... [2022-11-21 09:06:52,242 INFO L138 Inliner]: procedures = 57, calls = 101, calls flagged for inlining = 25, calls inlined = 21, statements flattened = 206 [2022-11-21 09:06:52,243 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-21 09:06:52,244 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-21 09:06:52,244 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-21 09:06:52,244 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-21 09:06:52,257 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.11 09:06:52" (1/1) ... [2022-11-21 09:06:52,258 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.11 09:06:52" (1/1) ... [2022-11-21 09:06:52,261 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.11 09:06:52" (1/1) ... [2022-11-21 09:06:52,261 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.11 09:06:52" (1/1) ... [2022-11-21 09:06:52,269 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.11 09:06:52" (1/1) ... [2022-11-21 09:06:52,276 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.11 09:06:52" (1/1) ... [2022-11-21 09:06:52,278 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.11 09:06:52" (1/1) ... [2022-11-21 09:06:52,280 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.11 09:06:52" (1/1) ... [2022-11-21 09:06:52,284 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-21 09:06:52,285 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-21 09:06:52,285 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-21 09:06:52,285 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-21 09:06:52,287 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.11 09:06:52" (1/1) ... [2022-11-21 09:06:52,295 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-21 09:06:52,327 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/bin/uautomizer-vX5HgA9Q3a/z3 [2022-11-21 09:06:52,344 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/bin/uautomizer-vX5HgA9Q3a/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-21 09:06:52,370 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/bin/uautomizer-vX5HgA9Q3a/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-21 09:06:52,410 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-21 09:06:52,411 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-21 09:06:52,411 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-21 09:06:52,411 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-21 09:06:52,412 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-21 09:06:52,412 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-21 09:06:52,412 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-21 09:06:52,415 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-21 09:06:52,416 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-21 09:06:52,416 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-21 09:06:52,416 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-21 09:06:52,417 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-11-21 09:06:52,417 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-11-21 09:06:52,417 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-21 09:06:52,418 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-21 09:06:52,418 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-21 09:06:52,418 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-21 09:06:52,418 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-21 09:06:52,608 INFO L235 CfgBuilder]: Building ICFG [2022-11-21 09:06:52,624 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-21 09:06:53,147 INFO L276 CfgBuilder]: Performing block encoding [2022-11-21 09:06:53,157 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-21 09:06:53,169 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-21 09:06:53,172 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 21.11 09:06:53 BoogieIcfgContainer [2022-11-21 09:06:53,172 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-21 09:06:53,175 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-21 09:06:53,176 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-21 09:06:53,180 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-21 09:06:53,182 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 21.11 09:06:51" (1/3) ... [2022-11-21 09:06:53,183 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3124a5f3 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 21.11 09:06:53, skipping insertion in model container [2022-11-21 09:06:53,183 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 21.11 09:06:52" (2/3) ... [2022-11-21 09:06:53,186 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3124a5f3 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 21.11 09:06:53, skipping insertion in model container [2022-11-21 09:06:53,186 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 21.11 09:06:53" (3/3) ... [2022-11-21 09:06:53,188 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product49.cil.c [2022-11-21 09:06:53,217 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-21 09:06:53,217 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-21 09:06:53,317 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-21 09:06:53,325 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@7d2e0d16, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-21 09:06:53,327 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-21 09:06:53,335 INFO L276 IsEmpty]: Start isEmpty. Operand has 92 states, 71 states have (on average 1.380281690140845) internal successors, (98), 79 states have internal predecessors, (98), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-11-21 09:06:53,353 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2022-11-21 09:06:53,354 INFO L187 NwaCegarLoop]: Found error trace [2022-11-21 09:06:53,355 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-21 09:06:53,356 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-21 09:06:53,365 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-21 09:06:53,366 INFO L85 PathProgramCache]: Analyzing trace with hash -1747145324, now seen corresponding path program 1 times [2022-11-21 09:06:53,379 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-21 09:06:53,381 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1687135247] [2022-11-21 09:06:53,382 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-21 09:06:53,383 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-21 09:06:53,538 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:53,625 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-11-21 09:06:53,629 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:53,635 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-11-21 09:06:53,639 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:53,644 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-21 09:06:53,644 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-21 09:06:53,645 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1687135247] [2022-11-21 09:06:53,646 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1687135247] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-21 09:06:53,646 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-21 09:06:53,647 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-21 09:06:53,649 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [816491963] [2022-11-21 09:06:53,650 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-21 09:06:53,656 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-21 09:06:53,657 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-21 09:06:53,693 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-21 09:06:53,694 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-21 09:06:53,697 INFO L87 Difference]: Start difference. First operand has 92 states, 71 states have (on average 1.380281690140845) internal successors, (98), 79 states have internal predecessors, (98), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-21 09:06:53,743 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-21 09:06:53,743 INFO L93 Difference]: Finished difference Result 175 states and 238 transitions. [2022-11-21 09:06:53,744 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-21 09:06:53,746 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2022-11-21 09:06:53,747 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-21 09:06:53,759 INFO L225 Difference]: With dead ends: 175 [2022-11-21 09:06:53,759 INFO L226 Difference]: Without dead ends: 83 [2022-11-21 09:06:53,764 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-21 09:06:53,769 INFO L413 NwaCegarLoop]: 116 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 116 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-21 09:06:53,770 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 116 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-21 09:06:53,788 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 83 states. [2022-11-21 09:06:53,818 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 83 to 83. [2022-11-21 09:06:53,820 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 83 states, 64 states have (on average 1.3125) internal successors, (84), 71 states have internal predecessors, (84), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-21 09:06:53,824 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 83 states to 83 states and 107 transitions. [2022-11-21 09:06:53,826 INFO L78 Accepts]: Start accepts. Automaton has 83 states and 107 transitions. Word has length 32 [2022-11-21 09:06:53,827 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-21 09:06:53,827 INFO L495 AbstractCegarLoop]: Abstraction has 83 states and 107 transitions. [2022-11-21 09:06:53,828 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-21 09:06:53,828 INFO L276 IsEmpty]: Start isEmpty. Operand 83 states and 107 transitions. [2022-11-21 09:06:53,832 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2022-11-21 09:06:53,832 INFO L187 NwaCegarLoop]: Found error trace [2022-11-21 09:06:53,833 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-21 09:06:53,833 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-21 09:06:53,833 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-21 09:06:53,834 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-21 09:06:53,835 INFO L85 PathProgramCache]: Analyzing trace with hash -372618950, now seen corresponding path program 1 times [2022-11-21 09:06:53,835 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-21 09:06:53,836 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [525816931] [2022-11-21 09:06:53,836 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-21 09:06:53,836 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-21 09:06:53,874 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:54,072 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-11-21 09:06:54,078 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:54,088 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 29 [2022-11-21 09:06:54,104 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:54,111 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-21 09:06:54,121 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-21 09:06:54,121 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [525816931] [2022-11-21 09:06:54,122 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [525816931] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-21 09:06:54,122 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-21 09:06:54,122 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-21 09:06:54,123 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [532355113] [2022-11-21 09:06:54,123 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-21 09:06:54,125 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-21 09:06:54,125 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-21 09:06:54,126 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-21 09:06:54,126 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-21 09:06:54,127 INFO L87 Difference]: Start difference. First operand 83 states and 107 transitions. Second operand has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-21 09:06:54,177 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-21 09:06:54,186 INFO L93 Difference]: Finished difference Result 158 states and 209 transitions. [2022-11-21 09:06:54,187 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-21 09:06:54,187 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 37 [2022-11-21 09:06:54,188 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-21 09:06:54,190 INFO L225 Difference]: With dead ends: 158 [2022-11-21 09:06:54,190 INFO L226 Difference]: Without dead ends: 83 [2022-11-21 09:06:54,191 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-21 09:06:54,195 INFO L413 NwaCegarLoop]: 105 mSDtfsCounter, 84 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 84 SdHoareTripleChecker+Valid, 105 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-21 09:06:54,196 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [84 Valid, 105 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-21 09:06:54,201 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 83 states. [2022-11-21 09:06:54,222 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 83 to 83. [2022-11-21 09:06:54,223 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 83 states, 64 states have (on average 1.296875) internal successors, (83), 71 states have internal predecessors, (83), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-21 09:06:54,225 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 83 states to 83 states and 106 transitions. [2022-11-21 09:06:54,226 INFO L78 Accepts]: Start accepts. Automaton has 83 states and 106 transitions. Word has length 37 [2022-11-21 09:06:54,227 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-21 09:06:54,228 INFO L495 AbstractCegarLoop]: Abstraction has 83 states and 106 transitions. [2022-11-21 09:06:54,228 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.0) internal successors, (30), 3 states have internal predecessors, (30), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-21 09:06:54,229 INFO L276 IsEmpty]: Start isEmpty. Operand 83 states and 106 transitions. [2022-11-21 09:06:54,231 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2022-11-21 09:06:54,231 INFO L187 NwaCegarLoop]: Found error trace [2022-11-21 09:06:54,231 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-21 09:06:54,232 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-21 09:06:54,234 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-21 09:06:54,239 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-21 09:06:54,239 INFO L85 PathProgramCache]: Analyzing trace with hash -2098549486, now seen corresponding path program 1 times [2022-11-21 09:06:54,240 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-21 09:06:54,240 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2128940004] [2022-11-21 09:06:54,240 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-21 09:06:54,241 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-21 09:06:54,285 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:54,413 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-11-21 09:06:54,415 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:54,423 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-11-21 09:06:54,426 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:54,429 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-11-21 09:06:54,431 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:54,433 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2022-11-21 09:06:54,434 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:54,437 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-21 09:06:54,437 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-21 09:06:54,438 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2128940004] [2022-11-21 09:06:54,438 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2128940004] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-21 09:06:54,438 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-21 09:06:54,439 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-21 09:06:54,439 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [898773915] [2022-11-21 09:06:54,439 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-21 09:06:54,440 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-21 09:06:54,440 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-21 09:06:54,441 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-21 09:06:54,441 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-21 09:06:54,441 INFO L87 Difference]: Start difference. First operand 83 states and 106 transitions. Second operand has 4 states, 4 states have (on average 7.75) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (6), 3 states have call predecessors, (6), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-21 09:06:54,627 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-21 09:06:54,627 INFO L93 Difference]: Finished difference Result 146 states and 186 transitions. [2022-11-21 09:06:54,628 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-11-21 09:06:54,628 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 7.75) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (6), 3 states have call predecessors, (6), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 43 [2022-11-21 09:06:54,628 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-21 09:06:54,629 INFO L225 Difference]: With dead ends: 146 [2022-11-21 09:06:54,629 INFO L226 Difference]: Without dead ends: 89 [2022-11-21 09:06:54,630 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-21 09:06:54,632 INFO L413 NwaCegarLoop]: 88 mSDtfsCounter, 63 mSDsluCounter, 106 mSDsCounter, 0 mSdLazyCounter, 54 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 70 SdHoareTripleChecker+Valid, 194 SdHoareTripleChecker+Invalid, 65 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 54 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-21 09:06:54,632 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [70 Valid, 194 Invalid, 65 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 54 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-21 09:06:54,633 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 89 states. [2022-11-21 09:06:54,645 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 89 to 74. [2022-11-21 09:06:54,646 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 74 states, 58 states have (on average 1.3103448275862069) internal successors, (76), 65 states have internal predecessors, (76), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-21 09:06:54,647 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 74 states to 74 states and 94 transitions. [2022-11-21 09:06:54,647 INFO L78 Accepts]: Start accepts. Automaton has 74 states and 94 transitions. Word has length 43 [2022-11-21 09:06:54,648 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-21 09:06:54,648 INFO L495 AbstractCegarLoop]: Abstraction has 74 states and 94 transitions. [2022-11-21 09:06:54,648 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 7.75) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (6), 3 states have call predecessors, (6), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-21 09:06:54,648 INFO L276 IsEmpty]: Start isEmpty. Operand 74 states and 94 transitions. [2022-11-21 09:06:54,651 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2022-11-21 09:06:54,651 INFO L187 NwaCegarLoop]: Found error trace [2022-11-21 09:06:54,651 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-21 09:06:54,651 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-21 09:06:54,652 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-21 09:06:54,652 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-21 09:06:54,653 INFO L85 PathProgramCache]: Analyzing trace with hash 273957597, now seen corresponding path program 1 times [2022-11-21 09:06:54,653 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-21 09:06:54,653 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1164745322] [2022-11-21 09:06:54,653 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-21 09:06:54,655 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-21 09:06:54,684 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:54,787 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-11-21 09:06:54,789 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:54,796 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-11-21 09:06:54,798 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:54,819 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-11-21 09:06:54,821 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:54,824 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2022-11-21 09:06:54,825 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:54,828 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-21 09:06:54,828 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-21 09:06:54,829 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1164745322] [2022-11-21 09:06:54,829 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1164745322] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-21 09:06:54,829 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-21 09:06:54,830 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-21 09:06:54,830 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [689913030] [2022-11-21 09:06:54,830 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-21 09:06:54,831 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-21 09:06:54,831 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-21 09:06:54,832 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-21 09:06:54,832 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-21 09:06:54,833 INFO L87 Difference]: Start difference. First operand 74 states and 94 transitions. Second operand has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-21 09:06:55,079 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-21 09:06:55,079 INFO L93 Difference]: Finished difference Result 218 states and 279 transitions. [2022-11-21 09:06:55,080 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-21 09:06:55,080 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) Word has length 47 [2022-11-21 09:06:55,081 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-21 09:06:55,082 INFO L225 Difference]: With dead ends: 218 [2022-11-21 09:06:55,083 INFO L226 Difference]: Without dead ends: 152 [2022-11-21 09:06:55,088 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=19, Invalid=37, Unknown=0, NotChecked=0, Total=56 [2022-11-21 09:06:55,096 INFO L413 NwaCegarLoop]: 124 mSDtfsCounter, 194 mSDsluCounter, 180 mSDsCounter, 0 mSdLazyCounter, 104 mSolverCounterSat, 46 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 197 SdHoareTripleChecker+Valid, 304 SdHoareTripleChecker+Invalid, 150 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 46 IncrementalHoareTripleChecker+Valid, 104 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-21 09:06:55,101 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [197 Valid, 304 Invalid, 150 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [46 Valid, 104 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-21 09:06:55,104 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 152 states. [2022-11-21 09:06:55,159 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 152 to 146. [2022-11-21 09:06:55,163 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 146 states, 113 states have (on average 1.2743362831858407) internal successors, (144), 120 states have internal predecessors, (144), 16 states have call successors, (16), 13 states have call predecessors, (16), 16 states have return successors, (21), 17 states have call predecessors, (21), 16 states have call successors, (21) [2022-11-21 09:06:55,167 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 146 states to 146 states and 181 transitions. [2022-11-21 09:06:55,172 INFO L78 Accepts]: Start accepts. Automaton has 146 states and 181 transitions. Word has length 47 [2022-11-21 09:06:55,173 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-21 09:06:55,173 INFO L495 AbstractCegarLoop]: Abstraction has 146 states and 181 transitions. [2022-11-21 09:06:55,174 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.2) internal successors, (36), 5 states have internal predecessors, (36), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-21 09:06:55,174 INFO L276 IsEmpty]: Start isEmpty. Operand 146 states and 181 transitions. [2022-11-21 09:06:55,176 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2022-11-21 09:06:55,184 INFO L187 NwaCegarLoop]: Found error trace [2022-11-21 09:06:55,184 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-21 09:06:55,184 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-21 09:06:55,185 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-21 09:06:55,186 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-21 09:06:55,186 INFO L85 PathProgramCache]: Analyzing trace with hash -419087457, now seen corresponding path program 1 times [2022-11-21 09:06:55,186 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-21 09:06:55,187 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1403517584] [2022-11-21 09:06:55,187 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-21 09:06:55,187 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-21 09:06:55,233 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:55,348 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-11-21 09:06:55,350 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:55,356 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-11-21 09:06:55,360 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:55,422 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2022-11-21 09:06:55,424 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:55,430 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-21 09:06:55,430 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-21 09:06:55,430 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1403517584] [2022-11-21 09:06:55,431 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1403517584] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-21 09:06:55,431 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-21 09:06:55,432 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-21 09:06:55,434 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [477949599] [2022-11-21 09:06:55,434 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-21 09:06:55,435 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-21 09:06:55,436 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-21 09:06:55,436 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-21 09:06:55,437 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-21 09:06:55,437 INFO L87 Difference]: Start difference. First operand 146 states and 181 transitions. Second operand has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-21 09:06:55,670 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-21 09:06:55,670 INFO L93 Difference]: Finished difference Result 292 states and 366 transitions. [2022-11-21 09:06:55,670 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-21 09:06:55,671 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 51 [2022-11-21 09:06:55,673 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-21 09:06:55,678 INFO L225 Difference]: With dead ends: 292 [2022-11-21 09:06:55,679 INFO L226 Difference]: Without dead ends: 154 [2022-11-21 09:06:55,681 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=32, Invalid=58, Unknown=0, NotChecked=0, Total=90 [2022-11-21 09:06:55,685 INFO L413 NwaCegarLoop]: 89 mSDtfsCounter, 64 mSDsluCounter, 291 mSDsCounter, 0 mSdLazyCounter, 116 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 67 SdHoareTripleChecker+Valid, 380 SdHoareTripleChecker+Invalid, 134 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 116 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-21 09:06:55,686 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [67 Valid, 380 Invalid, 134 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 116 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-21 09:06:55,687 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 154 states. [2022-11-21 09:06:55,729 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 154 to 149. [2022-11-21 09:06:55,730 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 149 states, 116 states have (on average 1.2672413793103448) internal successors, (147), 123 states have internal predecessors, (147), 16 states have call successors, (16), 13 states have call predecessors, (16), 16 states have return successors, (21), 17 states have call predecessors, (21), 16 states have call successors, (21) [2022-11-21 09:06:55,732 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 149 states to 149 states and 184 transitions. [2022-11-21 09:06:55,732 INFO L78 Accepts]: Start accepts. Automaton has 149 states and 184 transitions. Word has length 51 [2022-11-21 09:06:55,733 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-21 09:06:55,733 INFO L495 AbstractCegarLoop]: Abstraction has 149 states and 184 transitions. [2022-11-21 09:06:55,733 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-21 09:06:55,733 INFO L276 IsEmpty]: Start isEmpty. Operand 149 states and 184 transitions. [2022-11-21 09:06:55,737 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2022-11-21 09:06:55,738 INFO L187 NwaCegarLoop]: Found error trace [2022-11-21 09:06:55,738 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-21 09:06:55,738 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-21 09:06:55,738 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-21 09:06:55,739 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-21 09:06:55,746 INFO L85 PathProgramCache]: Analyzing trace with hash -2108031199, now seen corresponding path program 1 times [2022-11-21 09:06:55,746 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-21 09:06:55,747 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [996181889] [2022-11-21 09:06:55,747 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-21 09:06:55,747 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-21 09:06:55,783 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:55,909 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-11-21 09:06:55,912 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:55,920 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-11-21 09:06:55,928 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:55,966 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2022-11-21 09:06:55,967 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:55,971 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-21 09:06:55,972 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-21 09:06:55,972 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [996181889] [2022-11-21 09:06:55,972 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [996181889] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-21 09:06:55,972 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-21 09:06:55,973 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-21 09:06:55,973 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2070402578] [2022-11-21 09:06:55,973 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-21 09:06:55,975 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-21 09:06:55,976 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-21 09:06:55,976 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-21 09:06:55,977 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-21 09:06:55,978 INFO L87 Difference]: Start difference. First operand 149 states and 184 transitions. Second operand has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-21 09:06:56,137 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-21 09:06:56,137 INFO L93 Difference]: Finished difference Result 300 states and 377 transitions. [2022-11-21 09:06:56,138 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-21 09:06:56,138 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 51 [2022-11-21 09:06:56,139 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-21 09:06:56,143 INFO L225 Difference]: With dead ends: 300 [2022-11-21 09:06:56,143 INFO L226 Difference]: Without dead ends: 159 [2022-11-21 09:06:56,144 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-11-21 09:06:56,146 INFO L413 NwaCegarLoop]: 90 mSDtfsCounter, 67 mSDsluCounter, 207 mSDsCounter, 0 mSdLazyCounter, 88 mSolverCounterSat, 14 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 71 SdHoareTripleChecker+Valid, 297 SdHoareTripleChecker+Invalid, 102 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 14 IncrementalHoareTripleChecker+Valid, 88 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-21 09:06:56,149 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [71 Valid, 297 Invalid, 102 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [14 Valid, 88 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-21 09:06:56,151 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 159 states. [2022-11-21 09:06:56,191 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 159 to 151. [2022-11-21 09:06:56,192 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 151 states, 118 states have (on average 1.2627118644067796) internal successors, (149), 125 states have internal predecessors, (149), 16 states have call successors, (16), 13 states have call predecessors, (16), 16 states have return successors, (21), 17 states have call predecessors, (21), 16 states have call successors, (21) [2022-11-21 09:06:56,195 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 151 states to 151 states and 186 transitions. [2022-11-21 09:06:56,195 INFO L78 Accepts]: Start accepts. Automaton has 151 states and 186 transitions. Word has length 51 [2022-11-21 09:06:56,196 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-21 09:06:56,196 INFO L495 AbstractCegarLoop]: Abstraction has 151 states and 186 transitions. [2022-11-21 09:06:56,197 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-21 09:06:56,197 INFO L276 IsEmpty]: Start isEmpty. Operand 151 states and 186 transitions. [2022-11-21 09:06:56,198 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2022-11-21 09:06:56,198 INFO L187 NwaCegarLoop]: Found error trace [2022-11-21 09:06:56,199 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-21 09:06:56,199 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-21 09:06:56,199 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-21 09:06:56,200 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-21 09:06:56,200 INFO L85 PathProgramCache]: Analyzing trace with hash -1685329373, now seen corresponding path program 1 times [2022-11-21 09:06:56,200 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-21 09:06:56,200 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [979843913] [2022-11-21 09:06:56,201 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-21 09:06:56,201 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-21 09:06:56,234 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:56,386 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-11-21 09:06:56,388 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:56,396 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-11-21 09:06:56,402 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:56,421 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2022-11-21 09:06:56,422 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:56,424 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-21 09:06:56,424 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-21 09:06:56,424 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [979843913] [2022-11-21 09:06:56,424 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [979843913] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-21 09:06:56,425 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-21 09:06:56,425 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-21 09:06:56,425 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1765955379] [2022-11-21 09:06:56,425 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-21 09:06:56,426 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-21 09:06:56,426 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-21 09:06:56,427 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-21 09:06:56,427 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-21 09:06:56,428 INFO L87 Difference]: Start difference. First operand 151 states and 186 transitions. Second operand has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-21 09:06:56,740 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-21 09:06:56,740 INFO L93 Difference]: Finished difference Result 431 states and 551 transitions. [2022-11-21 09:06:56,744 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-21 09:06:56,745 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 51 [2022-11-21 09:06:56,747 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-21 09:06:56,751 INFO L225 Difference]: With dead ends: 431 [2022-11-21 09:06:56,751 INFO L226 Difference]: Without dead ends: 288 [2022-11-21 09:06:56,752 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2022-11-21 09:06:56,758 INFO L413 NwaCegarLoop]: 137 mSDtfsCounter, 212 mSDsluCounter, 170 mSDsCounter, 0 mSdLazyCounter, 158 mSolverCounterSat, 58 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 219 SdHoareTripleChecker+Valid, 307 SdHoareTripleChecker+Invalid, 216 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 58 IncrementalHoareTripleChecker+Valid, 158 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-21 09:06:56,758 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [219 Valid, 307 Invalid, 216 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [58 Valid, 158 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-21 09:06:56,761 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 288 states. [2022-11-21 09:06:56,828 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 288 to 280. [2022-11-21 09:06:56,829 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 280 states, 215 states have (on average 1.2465116279069768) internal successors, (268), 226 states have internal predecessors, (268), 34 states have call successors, (34), 29 states have call predecessors, (34), 30 states have return successors, (49), 34 states have call predecessors, (49), 34 states have call successors, (49) [2022-11-21 09:06:56,831 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 280 states to 280 states and 351 transitions. [2022-11-21 09:06:56,832 INFO L78 Accepts]: Start accepts. Automaton has 280 states and 351 transitions. Word has length 51 [2022-11-21 09:06:56,832 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-21 09:06:56,832 INFO L495 AbstractCegarLoop]: Abstraction has 280 states and 351 transitions. [2022-11-21 09:06:56,833 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-21 09:06:56,833 INFO L276 IsEmpty]: Start isEmpty. Operand 280 states and 351 transitions. [2022-11-21 09:06:56,834 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 54 [2022-11-21 09:06:56,834 INFO L187 NwaCegarLoop]: Found error trace [2022-11-21 09:06:56,834 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-21 09:06:56,834 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-21 09:06:56,835 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-21 09:06:56,835 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-21 09:06:56,835 INFO L85 PathProgramCache]: Analyzing trace with hash 716766725, now seen corresponding path program 1 times [2022-11-21 09:06:56,835 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-21 09:06:56,836 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2143595781] [2022-11-21 09:06:56,836 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-21 09:06:56,836 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-21 09:06:56,854 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:56,959 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 18 [2022-11-21 09:06:56,961 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:56,969 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 27 [2022-11-21 09:06:56,971 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:56,982 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-11-21 09:06:56,983 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:56,987 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 45 [2022-11-21 09:06:56,989 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:57,009 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-21 09:06:57,009 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-21 09:06:57,010 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2143595781] [2022-11-21 09:06:57,010 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2143595781] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-21 09:06:57,010 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-21 09:06:57,010 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-11-21 09:06:57,010 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2137403047] [2022-11-21 09:06:57,011 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-21 09:06:57,011 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-11-21 09:06:57,011 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-21 09:06:57,012 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-11-21 09:06:57,012 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-11-21 09:06:57,012 INFO L87 Difference]: Start difference. First operand 280 states and 351 transitions. Second operand has 7 states, 7 states have (on average 6.285714285714286) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-21 09:06:57,389 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-21 09:06:57,390 INFO L93 Difference]: Finished difference Result 568 states and 723 transitions. [2022-11-21 09:06:57,390 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2022-11-21 09:06:57,391 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.285714285714286) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 53 [2022-11-21 09:06:57,391 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-21 09:06:57,395 INFO L225 Difference]: With dead ends: 568 [2022-11-21 09:06:57,395 INFO L226 Difference]: Without dead ends: 296 [2022-11-21 09:06:57,397 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 24 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 25 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=53, Invalid=157, Unknown=0, NotChecked=0, Total=210 [2022-11-21 09:06:57,399 INFO L413 NwaCegarLoop]: 88 mSDtfsCounter, 128 mSDsluCounter, 341 mSDsCounter, 0 mSdLazyCounter, 198 mSolverCounterSat, 28 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 134 SdHoareTripleChecker+Valid, 429 SdHoareTripleChecker+Invalid, 226 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 28 IncrementalHoareTripleChecker+Valid, 198 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-21 09:06:57,399 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [134 Valid, 429 Invalid, 226 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [28 Valid, 198 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-21 09:06:57,402 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 296 states. [2022-11-21 09:06:57,450 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 296 to 276. [2022-11-21 09:06:57,451 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 276 states, 211 states have (on average 1.2132701421800949) internal successors, (256), 222 states have internal predecessors, (256), 34 states have call successors, (34), 29 states have call predecessors, (34), 30 states have return successors, (49), 34 states have call predecessors, (49), 34 states have call successors, (49) [2022-11-21 09:06:57,453 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 276 states to 276 states and 339 transitions. [2022-11-21 09:06:57,454 INFO L78 Accepts]: Start accepts. Automaton has 276 states and 339 transitions. Word has length 53 [2022-11-21 09:06:57,454 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-21 09:06:57,454 INFO L495 AbstractCegarLoop]: Abstraction has 276 states and 339 transitions. [2022-11-21 09:06:57,454 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.285714285714286) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-21 09:06:57,455 INFO L276 IsEmpty]: Start isEmpty. Operand 276 states and 339 transitions. [2022-11-21 09:06:57,457 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2022-11-21 09:06:57,457 INFO L187 NwaCegarLoop]: Found error trace [2022-11-21 09:06:57,457 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-21 09:06:57,457 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-11-21 09:06:57,458 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-21 09:06:57,458 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-21 09:06:57,458 INFO L85 PathProgramCache]: Analyzing trace with hash -1754438647, now seen corresponding path program 1 times [2022-11-21 09:06:57,458 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-21 09:06:57,459 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1233822121] [2022-11-21 09:06:57,459 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-21 09:06:57,459 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-21 09:06:57,495 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:57,698 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-21 09:06:57,700 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:57,773 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 22 [2022-11-21 09:06:57,775 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:57,787 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2022-11-21 09:06:57,792 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:57,819 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2022-11-21 09:06:57,821 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:57,823 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-21 09:06:57,823 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-21 09:06:57,824 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1233822121] [2022-11-21 09:06:57,824 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1233822121] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-21 09:06:57,824 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-21 09:06:57,824 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2022-11-21 09:06:57,825 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1564285525] [2022-11-21 09:06:57,825 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-21 09:06:57,826 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-11-21 09:06:57,826 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-21 09:06:57,827 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-11-21 09:06:57,827 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=72, Unknown=0, NotChecked=0, Total=90 [2022-11-21 09:06:57,828 INFO L87 Difference]: Start difference. First operand 276 states and 339 transitions. Second operand has 10 states, 10 states have (on average 4.4) internal successors, (44), 8 states have internal predecessors, (44), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-21 09:06:58,988 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-21 09:06:58,989 INFO L93 Difference]: Finished difference Result 818 states and 1041 transitions. [2022-11-21 09:06:58,990 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 29 states. [2022-11-21 09:06:58,991 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.4) internal successors, (44), 8 states have internal predecessors, (44), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) Word has length 55 [2022-11-21 09:06:58,992 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-21 09:06:58,997 INFO L225 Difference]: With dead ends: 818 [2022-11-21 09:06:58,997 INFO L226 Difference]: Without dead ends: 600 [2022-11-21 09:06:58,999 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 40 GetRequests, 10 SyntacticMatches, 1 SemanticMatches, 29 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 199 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=187, Invalid=743, Unknown=0, NotChecked=0, Total=930 [2022-11-21 09:06:59,003 INFO L413 NwaCegarLoop]: 120 mSDtfsCounter, 474 mSDsluCounter, 686 mSDsCounter, 0 mSdLazyCounter, 757 mSolverCounterSat, 149 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 480 SdHoareTripleChecker+Valid, 806 SdHoareTripleChecker+Invalid, 906 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 149 IncrementalHoareTripleChecker+Valid, 757 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2022-11-21 09:06:59,003 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [480 Valid, 806 Invalid, 906 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [149 Valid, 757 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2022-11-21 09:06:59,005 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 600 states. [2022-11-21 09:06:59,088 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 600 to 513. [2022-11-21 09:06:59,089 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 513 states, 394 states have (on average 1.2081218274111676) internal successors, (476), 416 states have internal predecessors, (476), 61 states have call successors, (61), 51 states have call predecessors, (61), 57 states have return successors, (85), 61 states have call predecessors, (85), 61 states have call successors, (85) [2022-11-21 09:06:59,095 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 513 states to 513 states and 622 transitions. [2022-11-21 09:06:59,095 INFO L78 Accepts]: Start accepts. Automaton has 513 states and 622 transitions. Word has length 55 [2022-11-21 09:06:59,095 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-21 09:06:59,096 INFO L495 AbstractCegarLoop]: Abstraction has 513 states and 622 transitions. [2022-11-21 09:06:59,096 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 4.4) internal successors, (44), 8 states have internal predecessors, (44), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-21 09:06:59,096 INFO L276 IsEmpty]: Start isEmpty. Operand 513 states and 622 transitions. [2022-11-21 09:06:59,098 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 97 [2022-11-21 09:06:59,098 INFO L187 NwaCegarLoop]: Found error trace [2022-11-21 09:06:59,099 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-21 09:06:59,099 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2022-11-21 09:06:59,099 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-21 09:06:59,100 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-21 09:06:59,104 INFO L85 PathProgramCache]: Analyzing trace with hash 1281558822, now seen corresponding path program 1 times [2022-11-21 09:06:59,105 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-21 09:06:59,105 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1116323531] [2022-11-21 09:06:59,105 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-21 09:06:59,105 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-21 09:06:59,145 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:59,291 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-21 09:06:59,294 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:59,310 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2022-11-21 09:06:59,314 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:59,324 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-21 09:06:59,326 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:59,336 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2022-11-21 09:06:59,338 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:59,342 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 60 [2022-11-21 09:06:59,344 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:59,345 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 76 [2022-11-21 09:06:59,347 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:59,350 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-11-21 09:06:59,351 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:59,353 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 88 [2022-11-21 09:06:59,354 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:59,356 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 4 proven. 10 refuted. 0 times theorem prover too weak. 19 trivial. 0 not checked. [2022-11-21 09:06:59,356 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-21 09:06:59,356 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1116323531] [2022-11-21 09:06:59,357 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1116323531] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-21 09:06:59,357 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1343154921] [2022-11-21 09:06:59,357 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-21 09:06:59,358 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-21 09:06:59,358 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/bin/uautomizer-vX5HgA9Q3a/z3 [2022-11-21 09:06:59,362 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/bin/uautomizer-vX5HgA9Q3a/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-21 09:06:59,384 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/bin/uautomizer-vX5HgA9Q3a/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-21 09:06:59,509 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:06:59,513 INFO L263 TraceCheckSpWp]: Trace formula consists of 334 conjuncts, 8 conjunts are in the unsatisfiable core [2022-11-21 09:06:59,521 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-21 09:06:59,779 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 24 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-21 09:06:59,779 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-21 09:07:00,171 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 18 proven. 8 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2022-11-21 09:07:00,171 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1343154921] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-21 09:07:00,171 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-21 09:07:00,172 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 6, 6] total 14 [2022-11-21 09:07:00,172 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1163340322] [2022-11-21 09:07:00,172 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-21 09:07:00,178 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2022-11-21 09:07:00,179 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-21 09:07:00,179 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2022-11-21 09:07:00,179 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=29, Invalid=153, Unknown=0, NotChecked=0, Total=182 [2022-11-21 09:07:00,180 INFO L87 Difference]: Start difference. First operand 513 states and 622 transitions. Second operand has 14 states, 14 states have (on average 9.142857142857142) internal successors, (128), 10 states have internal predecessors, (128), 5 states have call successors, (18), 6 states have call predecessors, (18), 5 states have return successors, (17), 6 states have call predecessors, (17), 5 states have call successors, (17) [2022-11-21 09:07:01,876 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-21 09:07:01,877 INFO L93 Difference]: Finished difference Result 1171 states and 1466 transitions. [2022-11-21 09:07:01,877 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 38 states. [2022-11-21 09:07:01,878 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 14 states have (on average 9.142857142857142) internal successors, (128), 10 states have internal predecessors, (128), 5 states have call successors, (18), 6 states have call predecessors, (18), 5 states have return successors, (17), 6 states have call predecessors, (17), 5 states have call successors, (17) Word has length 96 [2022-11-21 09:07:01,878 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-21 09:07:01,883 INFO L225 Difference]: With dead ends: 1171 [2022-11-21 09:07:01,883 INFO L226 Difference]: Without dead ends: 714 [2022-11-21 09:07:01,886 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 269 GetRequests, 218 SyntacticMatches, 4 SemanticMatches, 47 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 575 ImplicationChecksByTransitivity, 0.8s TimeCoverageRelationStatistics Valid=471, Invalid=1881, Unknown=0, NotChecked=0, Total=2352 [2022-11-21 09:07:01,887 INFO L413 NwaCegarLoop]: 166 mSDtfsCounter, 486 mSDsluCounter, 1077 mSDsCounter, 0 mSdLazyCounter, 937 mSolverCounterSat, 180 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 490 SdHoareTripleChecker+Valid, 1243 SdHoareTripleChecker+Invalid, 1117 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 180 IncrementalHoareTripleChecker+Valid, 937 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2022-11-21 09:07:01,889 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [490 Valid, 1243 Invalid, 1117 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [180 Valid, 937 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2022-11-21 09:07:01,890 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 714 states. [2022-11-21 09:07:02,021 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 714 to 580. [2022-11-21 09:07:02,023 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 580 states, 442 states have (on average 1.2036199095022624) internal successors, (532), 471 states have internal predecessors, (532), 71 states have call successors, (71), 61 states have call predecessors, (71), 66 states have return successors, (91), 68 states have call predecessors, (91), 71 states have call successors, (91) [2022-11-21 09:07:02,031 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 580 states to 580 states and 694 transitions. [2022-11-21 09:07:02,033 INFO L78 Accepts]: Start accepts. Automaton has 580 states and 694 transitions. Word has length 96 [2022-11-21 09:07:02,034 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-21 09:07:02,034 INFO L495 AbstractCegarLoop]: Abstraction has 580 states and 694 transitions. [2022-11-21 09:07:02,035 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 14 states have (on average 9.142857142857142) internal successors, (128), 10 states have internal predecessors, (128), 5 states have call successors, (18), 6 states have call predecessors, (18), 5 states have return successors, (17), 6 states have call predecessors, (17), 5 states have call successors, (17) [2022-11-21 09:07:02,035 INFO L276 IsEmpty]: Start isEmpty. Operand 580 states and 694 transitions. [2022-11-21 09:07:02,039 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 173 [2022-11-21 09:07:02,040 INFO L187 NwaCegarLoop]: Found error trace [2022-11-21 09:07:02,041 INFO L195 NwaCegarLoop]: trace histogram [5, 5, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-21 09:07:02,056 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/bin/uautomizer-vX5HgA9Q3a/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-21 09:07:02,256 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/bin/uautomizer-vX5HgA9Q3a/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-21 09:07:02,257 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-21 09:07:02,260 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-21 09:07:02,260 INFO L85 PathProgramCache]: Analyzing trace with hash -1223995222, now seen corresponding path program 1 times [2022-11-21 09:07:02,260 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-21 09:07:02,260 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [915714428] [2022-11-21 09:07:02,261 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-21 09:07:02,261 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-21 09:07:02,302 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:07:02,548 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-21 09:07:02,550 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:07:02,564 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2022-11-21 09:07:02,568 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:07:02,574 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-21 09:07:02,579 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:07:02,588 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2022-11-21 09:07:02,590 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:07:02,594 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 58 [2022-11-21 09:07:02,597 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:07:02,603 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-21 09:07:02,604 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:07:02,607 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-11-21 09:07:02,609 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:07:02,610 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-11-21 09:07:02,611 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:07:02,613 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 99 [2022-11-21 09:07:02,618 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:07:02,722 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-21 09:07:02,724 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:07:02,725 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 129 [2022-11-21 09:07:02,728 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:07:02,734 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 139 [2022-11-21 09:07:02,736 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:07:02,744 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 148 [2022-11-21 09:07:02,747 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:07:02,754 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 164 [2022-11-21 09:07:02,755 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:07:02,757 INFO L134 CoverageAnalysis]: Checked inductivity of 190 backedges. 69 proven. 5 refuted. 0 times theorem prover too weak. 116 trivial. 0 not checked. [2022-11-21 09:07:02,757 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-21 09:07:02,758 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [915714428] [2022-11-21 09:07:02,758 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [915714428] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-21 09:07:02,758 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2086276663] [2022-11-21 09:07:02,758 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-21 09:07:02,759 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-21 09:07:02,759 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/bin/uautomizer-vX5HgA9Q3a/z3 [2022-11-21 09:07:02,760 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/bin/uautomizer-vX5HgA9Q3a/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-21 09:07:02,790 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/bin/uautomizer-vX5HgA9Q3a/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-21 09:07:02,937 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-21 09:07:02,940 INFO L263 TraceCheckSpWp]: Trace formula consists of 535 conjuncts, 13 conjunts are in the unsatisfiable core [2022-11-21 09:07:02,947 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-21 09:07:03,316 INFO L134 CoverageAnalysis]: Checked inductivity of 190 backedges. 140 proven. 4 refuted. 0 times theorem prover too weak. 46 trivial. 0 not checked. [2022-11-21 09:07:03,316 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-21 09:07:04,014 INFO L134 CoverageAnalysis]: Checked inductivity of 190 backedges. 78 proven. 44 refuted. 0 times theorem prover too weak. 68 trivial. 0 not checked. [2022-11-21 09:07:04,014 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2086276663] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-21 09:07:04,015 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-21 09:07:04,015 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 10, 11] total 25 [2022-11-21 09:07:04,015 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1655825121] [2022-11-21 09:07:04,015 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-21 09:07:04,016 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 25 states [2022-11-21 09:07:04,017 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-21 09:07:04,017 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 25 interpolants. [2022-11-21 09:07:04,018 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=118, Invalid=482, Unknown=0, NotChecked=0, Total=600 [2022-11-21 09:07:04,018 INFO L87 Difference]: Start difference. First operand 580 states and 694 transitions. Second operand has 25 states, 25 states have (on average 8.6) internal successors, (215), 22 states have internal predecessors, (215), 9 states have call successors, (30), 9 states have call predecessors, (30), 10 states have return successors, (32), 8 states have call predecessors, (32), 9 states have call successors, (32) [2022-11-21 09:07:05,745 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-21 09:07:05,746 INFO L93 Difference]: Finished difference Result 1229 states and 1520 transitions. [2022-11-21 09:07:05,746 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2022-11-21 09:07:05,747 INFO L78 Accepts]: Start accepts. Automaton has has 25 states, 25 states have (on average 8.6) internal successors, (215), 22 states have internal predecessors, (215), 9 states have call successors, (30), 9 states have call predecessors, (30), 10 states have return successors, (32), 8 states have call predecessors, (32), 9 states have call successors, (32) Word has length 172 [2022-11-21 09:07:05,747 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-21 09:07:05,749 INFO L225 Difference]: With dead ends: 1229 [2022-11-21 09:07:05,749 INFO L226 Difference]: Without dead ends: 0 [2022-11-21 09:07:05,753 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 411 GetRequests, 360 SyntacticMatches, 5 SemanticMatches, 46 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 435 ImplicationChecksByTransitivity, 1.0s TimeCoverageRelationStatistics Valid=483, Invalid=1773, Unknown=0, NotChecked=0, Total=2256 [2022-11-21 09:07:05,754 INFO L413 NwaCegarLoop]: 101 mSDtfsCounter, 811 mSDsluCounter, 793 mSDsCounter, 0 mSdLazyCounter, 1027 mSolverCounterSat, 285 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 814 SdHoareTripleChecker+Valid, 894 SdHoareTripleChecker+Invalid, 1312 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 285 IncrementalHoareTripleChecker+Valid, 1027 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.0s IncrementalHoareTripleChecker+Time [2022-11-21 09:07:05,754 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [814 Valid, 894 Invalid, 1312 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [285 Valid, 1027 Invalid, 0 Unknown, 0 Unchecked, 1.0s Time] [2022-11-21 09:07:05,755 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-21 09:07:05,755 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-21 09:07:05,755 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-21 09:07:05,756 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-21 09:07:05,756 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 172 [2022-11-21 09:07:05,756 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-21 09:07:05,756 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-21 09:07:05,757 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 25 states, 25 states have (on average 8.6) internal successors, (215), 22 states have internal predecessors, (215), 9 states have call successors, (30), 9 states have call predecessors, (30), 10 states have return successors, (32), 8 states have call predecessors, (32), 9 states have call successors, (32) [2022-11-21 09:07:05,757 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-21 09:07:05,757 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-21 09:07:05,761 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-21 09:07:05,769 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/bin/uautomizer-vX5HgA9Q3a/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-21 09:07:05,969 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/bin/uautomizer-vX5HgA9Q3a/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2022-11-21 09:07:05,972 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-21 09:07:15,827 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 92 98) no Hoare annotation was computed. [2022-11-21 09:07:15,827 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 92 98) the Hoare annotation is: true [2022-11-21 09:07:15,827 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 357 368) the Hoare annotation is: true [2022-11-21 09:07:15,828 INFO L899 garLoopResultBuilder]: For program point L361-1(lines 357 368) no Hoare annotation was computed. [2022-11-21 09:07:15,828 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 357 368) no Hoare annotation was computed. [2022-11-21 09:07:15,828 INFO L899 garLoopResultBuilder]: For program point L450-1(line 450) no Hoare annotation was computed. [2022-11-21 09:07:15,828 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 444 473) no Hoare annotation was computed. [2022-11-21 09:07:15,828 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 444 473) the Hoare annotation is: true [2022-11-21 09:07:15,828 INFO L902 garLoopResultBuilder]: At program point L469(lines 444 473) the Hoare annotation is: true [2022-11-21 09:07:15,828 INFO L899 garLoopResultBuilder]: For program point L465(line 465) no Hoare annotation was computed. [2022-11-21 09:07:15,829 INFO L899 garLoopResultBuilder]: For program point L458(lines 458 462) no Hoare annotation was computed. [2022-11-21 09:07:15,829 INFO L902 garLoopResultBuilder]: At program point L458-1(lines 458 462) the Hoare annotation is: true [2022-11-21 09:07:15,829 INFO L899 garLoopResultBuilder]: For program point L455(line 455) no Hoare annotation was computed. [2022-11-21 09:07:15,829 INFO L902 garLoopResultBuilder]: At program point L454-2(lines 454 468) the Hoare annotation is: true [2022-11-21 09:07:15,829 INFO L902 garLoopResultBuilder]: At program point L450(line 450) the Hoare annotation is: true [2022-11-21 09:07:15,829 INFO L899 garLoopResultBuilder]: For program point L337(lines 337 341) no Hoare annotation was computed. [2022-11-21 09:07:15,830 INFO L899 garLoopResultBuilder]: For program point L977(lines 977 983) no Hoare annotation was computed. [2022-11-21 09:07:15,830 INFO L895 garLoopResultBuilder]: At program point L337-2(lines 333 344) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= 1 ~systemActive~0)) (.cse1 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (and (<= 1 ~pumpRunning~0) .cse0 (<= ~waterLevel~0 1) .cse7 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse1)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (not .cse7)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) (and .cse0 (= ~waterLevel~0 1) .cse1) .cse5) (or (not (= |old(~waterLevel~0)| 1)) .cse2 .cse3 .cse4 .cse6) (or (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse5)))) [2022-11-21 09:07:15,830 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 65 91) no Hoare annotation was computed. [2022-11-21 09:07:15,831 INFO L895 garLoopResultBuilder]: At program point L164(lines 159 166) the Hoare annotation is: (let ((.cse8 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= |timeShift_processEnvironment_~tmp~1#1| 0))) (.cse9 (= 1 ~systemActive~0)) (.cse3 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse6 (and .cse8 .cse1 .cse2 (<= ~waterLevel~0 1) .cse9 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse3)) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse7 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse0 (not .cse9)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 (and .cse1 .cse2 (= ~waterLevel~0 1) .cse3) .cse4 (not (< 1 |old(~waterLevel~0)|)) .cse5) (or (not (= |old(~waterLevel~0)| 1)) .cse6 .cse0 .cse4 .cse7) (or (and .cse1 .cse2 (= |old(~waterLevel~0)| ~waterLevel~0) .cse3) .cse6 .cse0 .cse4 .cse5 .cse7) (or .cse8 .cse0 .cse5)))) [2022-11-21 09:07:15,831 INFO L895 garLoopResultBuilder]: At program point L961(lines 954 963) the Hoare annotation is: (let ((.cse0 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse3 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (<= 1 ~switchedOnBeforeTS~0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) .cse0) .cse1 .cse2) (or .cse3 .cse1 .cse4 (not (= |old(~waterLevel~0)| 2))) (or .cse3 .cse1 .cse4 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-11-21 09:07:15,832 INFO L899 garLoopResultBuilder]: For program point L251(lines 251 255) no Hoare annotation was computed. [2022-11-21 09:07:15,832 INFO L899 garLoopResultBuilder]: For program point L251-2(lines 251 255) no Hoare annotation was computed. [2022-11-21 09:07:15,832 INFO L895 garLoopResultBuilder]: At program point L974(line 974) the Hoare annotation is: (let ((.cse7 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= ~pumpRunning~0 0)) (.cse3 (= ~waterLevel~0 |timeShift_getWaterLevel_#res#1|)) (.cse12 (not (= |timeShift_processEnvironment_~tmp~1#1| 0))) (.cse4 (<= ~waterLevel~0 1)) (.cse16 (= 1 ~systemActive~0)) (.cse18 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse9 (<= 1 ~switchedOnBeforeTS~0)) (.cse10 (<= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| ~waterLevel~0))) (let ((.cse6 (not (<= |old(~waterLevel~0)| 2))) (.cse13 (and .cse0 .cse2 .cse3 .cse12 .cse4 .cse16 .cse18 .cse9 .cse10)) (.cse1 (not .cse16)) (.cse11 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse14 (and (<= 1 ~pumpRunning~0) .cse7 .cse3 .cse4 .cse16 .cse18 .cse9 .cse10)) (.cse15 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))) (and (or .cse0 .cse1 (and .cse2 .cse3 (< |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| 2) .cse4 .cse5) .cse6) (let ((.cse8 (= ~waterLevel~0 1))) (or (and .cse7 .cse3 .cse8 .cse9 .cse10) .cse1 .cse11 (not (< 1 |old(~waterLevel~0)|)) (and .cse2 .cse3 .cse12 .cse8 .cse9 .cse10) .cse6)) (or .cse13 (not (= |old(~waterLevel~0)| 1)) .cse1 .cse11 .cse14 .cse15) (let ((.cse17 (not (<= 2 |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1|)))) (or (not (<= |old(~waterLevel~0)| 1)) (and .cse0 .cse2 .cse3 .cse12 .cse16 .cse17 .cse5 .cse9) .cse13 .cse1 .cse11 (and .cse7 .cse3 .cse17 .cse5 .cse9) .cse14 .cse15))))) [2022-11-21 09:07:15,833 INFO L895 garLoopResultBuilder]: At program point L429(lines 424 432) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= 1 ~systemActive~0)) (.cse1 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (and (<= 1 ~pumpRunning~0) .cse0 (<= ~waterLevel~0 1) .cse7 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse1)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (not .cse7)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) (and .cse0 (= ~waterLevel~0 1) .cse1) .cse5) (or (not (= |old(~waterLevel~0)| 1)) .cse2 .cse3 .cse4 .cse6) (or (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse5)))) [2022-11-21 09:07:15,833 INFO L899 garLoopResultBuilder]: For program point L974-1(line 974) no Hoare annotation was computed. [2022-11-21 09:07:15,833 INFO L895 garLoopResultBuilder]: At program point L140(line 140) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= 1 ~systemActive~0)) (.cse1 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (and (<= 1 ~pumpRunning~0) .cse0 (<= ~waterLevel~0 1) .cse7 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse1)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (not .cse7)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) (and .cse0 (= ~waterLevel~0 1) .cse1) .cse5) (or (not (= |old(~waterLevel~0)| 1)) .cse2 .cse3 .cse4 .cse6) (or (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse5)))) [2022-11-21 09:07:15,833 INFO L899 garLoopResultBuilder]: For program point L438(line 438) no Hoare annotation was computed. [2022-11-21 09:07:15,834 INFO L895 garLoopResultBuilder]: At program point L145(line 145) the Hoare annotation is: (let ((.cse1 (not (<= |old(~waterLevel~0)| 2))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= 1 |old(~pumpRunning~0)|)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse0 .cse1) (or .cse0 .cse2 (not (< 1 |old(~waterLevel~0)|)) .cse1) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-11-21 09:07:15,834 INFO L895 garLoopResultBuilder]: At program point L145-1(lines 126 150) the Hoare annotation is: (let ((.cse13 (<= 1 ~pumpRunning~0)) (.cse6 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse11 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= |timeShift_processEnvironment_~tmp~1#1| 0))) (.cse15 (<= ~waterLevel~0 1)) (.cse14 (= 1 ~systemActive~0)) (.cse16 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse8 (and .cse11 .cse1 .cse2 .cse15 .cse14 .cse16 .cse4)) (.cse0 (not .cse14)) (.cse5 (not (<= 1 |old(~pumpRunning~0)|))) (.cse12 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse9 (and .cse13 .cse6 .cse15 .cse14 .cse16 .cse4)) (.cse7 (not (<= |old(~waterLevel~0)| 2))) (.cse10 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))) (and (let ((.cse3 (= ~waterLevel~0 1))) (or .cse0 (and .cse1 .cse2 .cse3 .cse4) .cse5 (not (< 1 |old(~waterLevel~0)|)) (and .cse6 .cse3 .cse4) .cse7)) (or (not (= |old(~waterLevel~0)| 1)) .cse8 .cse0 .cse5 .cse9 .cse10) (or .cse11 (and .cse1 .cse12) .cse0 .cse7 (and .cse13 (= 2 ~waterLevel~0) .cse12)) (or (and .cse6 .cse12 .cse4) .cse8 .cse0 .cse5 (and .cse11 .cse1 .cse2 .cse14 .cse12 .cse4) .cse9 .cse7 .cse10)))) [2022-11-21 09:07:15,835 INFO L899 garLoopResultBuilder]: For program point L79-1(lines 79 85) no Hoare annotation was computed. [2022-11-21 09:07:15,835 INFO L895 garLoopResultBuilder]: At program point L257(lines 242 260) the Hoare annotation is: (let ((.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= 1 ~systemActive~0)) (.cse3 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (and (<= 1 ~pumpRunning~0) .cse2 (<= ~waterLevel~0 1) .cse7 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse3)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse0 (not .cse7)) (.cse4 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (not (< 1 |old(~waterLevel~0)|)) (and .cse2 (= ~waterLevel~0 1) .cse3) .cse4) (or (not (<= |old(~waterLevel~0)| 1)) (and .cse2 (= |old(~waterLevel~0)| ~waterLevel~0) .cse3) .cse0 .cse1 .cse5 .cse6) (or (not (= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse5 .cse6) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse4)))) [2022-11-21 09:07:15,835 INFO L895 garLoopResultBuilder]: At program point L959(line 959) the Hoare annotation is: (let ((.cse0 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1))) (and (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse3) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse4 .cse5 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 .cse4 (not (< 1 |old(~waterLevel~0)|)) .cse3 .cse5)))) [2022-11-21 09:07:15,835 INFO L899 garLoopResultBuilder]: For program point L959-1(line 959) no Hoare annotation was computed. [2022-11-21 09:07:15,836 INFO L895 garLoopResultBuilder]: At program point L439(lines 434 441) the Hoare annotation is: (let ((.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (not (< 1 |old(~waterLevel~0)|)) .cse2) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse1 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2))) [2022-11-21 09:07:15,836 INFO L895 garLoopResultBuilder]: At program point L406(lines 401 409) the Hoare annotation is: (let ((.cse6 (<= 1 ~pumpRunning~0)) (.cse13 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= ~pumpRunning~0 0)) (.cse3 (= ~waterLevel~0 |timeShift_getWaterLevel_#res#1|)) (.cse10 (not (= |timeShift_processEnvironment_~tmp~1#1| 0))) (.cse15 (<= ~waterLevel~0 1)) (.cse11 (= 1 ~systemActive~0)) (.cse16 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse12 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse4 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse8 (and .cse0 .cse2 .cse3 .cse10 .cse15 .cse11 .cse16 .cse12)) (.cse9 (and .cse6 .cse13 .cse3 .cse15 .cse11 .cse16 .cse12)) (.cse14 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse1 (not .cse11)) (.cse7 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (and .cse2 .cse3 .cse4) .cse5 (and .cse6 (= 2 ~waterLevel~0) (= 2 |timeShift_getWaterLevel_#res#1|) .cse4)) (or .cse1 .cse7 .cse8 (not (= |old(~waterLevel~0)| 2)) .cse9) (or (not (<= |old(~waterLevel~0)| 1)) .cse1 .cse7 .cse8 (and .cse0 .cse2 .cse3 .cse10 .cse11 .cse4 .cse12) (and .cse13 .cse3 .cse4 .cse12) .cse9 .cse14) (or (not (= |old(~waterLevel~0)| 1)) .cse1 .cse7 .cse8 .cse9 .cse14) (or .cse1 .cse7 (not (< 1 |old(~waterLevel~0)|)) (= ~waterLevel~0 1) .cse5)))) [2022-11-21 09:07:15,836 INFO L899 garLoopResultBuilder]: For program point L976(lines 976 986) no Hoare annotation was computed. [2022-11-21 09:07:15,837 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 65 91) the Hoare annotation is: (let ((.cse0 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1))) (and (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse3) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse4 .cse5 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 .cse4 (not (< 1 |old(~waterLevel~0)|)) .cse3 .cse5)))) [2022-11-21 09:07:15,837 INFO L899 garLoopResultBuilder]: For program point L972(lines 972 989) no Hoare annotation was computed. [2022-11-21 09:07:15,838 INFO L895 garLoopResultBuilder]: At program point L972-1(lines 964 992) the Hoare annotation is: (let ((.cse17 (<= 1 ~pumpRunning~0)) (.cse8 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (= ~waterLevel~0 |timeShift_getWaterLevel_#res#1|)) (.cse3 (not (= |timeShift_processEnvironment_~tmp~1#1| 0))) (.cse18 (<= ~waterLevel~0 1)) (.cse4 (= 1 ~systemActive~0)) (.cse20 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse7 (<= 1 ~switchedOnBeforeTS~0)) (.cse21 (<= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| ~waterLevel~0))) (let ((.cse5 (not (<= 2 |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1|))) (.cse6 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse9 (and .cse0 .cse1 .cse2 .cse3 .cse18 .cse4 .cse20 .cse7 .cse21)) (.cse10 (and .cse17 .cse8 .cse0 .cse2 .cse18 .cse4 .cse20 .cse7 .cse21)) (.cse13 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse11 (not .cse4)) (.cse12 (not (<= 1 |old(~pumpRunning~0)|))) (.cse19 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (<= |old(~waterLevel~0)| 1)) (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6 .cse7) (and .cse8 .cse0 .cse2 .cse4 .cse5 .cse6 .cse7) .cse9 .cse10 .cse11 .cse12 .cse13) (let ((.cse14 (= 2 |timeShift_getWaterLevel_#res#1|)) (.cse15 (<= 2 ~waterLevel~0)) (.cse16 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| 2))) (or .cse0 (and .cse1 .cse14 .cse15 .cse6 .cse16) .cse11 (and .cse17 .cse14 .cse15 .cse6 .cse16) (and .cse1 .cse2 .cse18 .cse5 .cse6) .cse19)) (or .cse9 .cse10 .cse11 .cse12 (not (= |old(~waterLevel~0)| 2))) (or .cse9 (not (= |old(~waterLevel~0)| 1)) .cse10 .cse11 .cse12 .cse13) (or .cse11 .cse12 (not (< 1 |old(~waterLevel~0)|)) (= ~waterLevel~0 1) .cse19)))) [2022-11-21 09:07:15,838 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 65 91) no Hoare annotation was computed. [2022-11-21 09:07:15,838 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 438) no Hoare annotation was computed. [2022-11-21 09:07:15,838 INFO L899 garLoopResultBuilder]: For program point L72(lines 72 78) no Hoare annotation was computed. [2022-11-21 09:07:15,838 INFO L899 garLoopResultBuilder]: For program point L72-2(lines 68 90) no Hoare annotation was computed. [2022-11-21 09:07:15,839 INFO L899 garLoopResultBuilder]: For program point L134(lines 134 142) no Hoare annotation was computed. [2022-11-21 09:07:15,839 INFO L899 garLoopResultBuilder]: For program point L130(lines 130 147) no Hoare annotation was computed. [2022-11-21 09:07:15,839 INFO L895 garLoopResultBuilder]: At program point L287(line 287) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse5 (= 2 ~waterLevel~0)) (.cse4 (= ~pumpRunning~0 0)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)) (and .cse4 .cse5 .cse2 .cse3) (and .cse0 .cse5 .cse2 .cse3) (and .cse4 .cse1 .cse2 .cse3))) [2022-11-21 09:07:15,839 INFO L902 garLoopResultBuilder]: At program point L539(lines 520 542) the Hoare annotation is: true [2022-11-21 09:07:15,840 INFO L895 garLoopResultBuilder]: At program point L502(lines 498 504) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-21 09:07:15,840 INFO L895 garLoopResultBuilder]: At program point L321(lines 274 322) the Hoare annotation is: false [2022-11-21 09:07:15,840 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-11-21 09:07:15,840 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-11-21 09:07:15,840 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-11-21 09:07:15,840 INFO L899 garLoopResultBuilder]: For program point L276(lines 275 320) no Hoare annotation was computed. [2022-11-21 09:07:15,841 INFO L899 garLoopResultBuilder]: For program point L305(lines 305 316) no Hoare annotation was computed. [2022-11-21 09:07:15,841 INFO L895 garLoopResultBuilder]: At program point L297(line 297) the Hoare annotation is: (let ((.cse3 (<= 1 ~pumpRunning~0)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1 .cse2) (and .cse3 (= 2 ~waterLevel~0) .cse0 .cse1) (and .cse3 .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2022-11-21 09:07:15,841 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-21 09:07:15,841 INFO L895 garLoopResultBuilder]: At program point L574(lines 569 577) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-21 09:07:15,842 INFO L895 garLoopResultBuilder]: At program point L318(lines 275 320) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse5 (= 2 ~waterLevel~0)) (.cse4 (= ~pumpRunning~0 0)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)) (and .cse4 .cse5 .cse2 .cse3) (and .cse0 .cse5 .cse2 .cse3) (and .cse4 .cse1 .cse2 .cse3))) [2022-11-21 09:07:15,842 INFO L899 garLoopResultBuilder]: For program point L285(lines 285 291) no Hoare annotation was computed. [2022-11-21 09:07:15,842 INFO L899 garLoopResultBuilder]: For program point L285-1(lines 285 291) no Hoare annotation was computed. [2022-11-21 09:07:15,842 INFO L895 garLoopResultBuilder]: At program point L566(lines 562 568) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-21 09:07:15,842 INFO L899 garLoopResultBuilder]: For program point L277(lines 277 281) no Hoare annotation was computed. [2022-11-21 09:07:15,843 INFO L895 garLoopResultBuilder]: At program point L951(lines 946 953) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-21 09:07:15,843 INFO L899 garLoopResultBuilder]: For program point L311(lines 311 315) no Hoare annotation was computed. [2022-11-21 09:07:15,843 INFO L895 garLoopResultBuilder]: At program point L311-2(lines 305 316) the Hoare annotation is: (let ((.cse3 (<= 1 ~pumpRunning~0)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1 .cse2) (and .cse3 (= 2 ~waterLevel~0) .cse0 .cse1) (and .cse3 .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2022-11-21 09:07:15,843 INFO L899 garLoopResultBuilder]: For program point L530(lines 530 537) no Hoare annotation was computed. [2022-11-21 09:07:15,844 INFO L899 garLoopResultBuilder]: For program point L530-2(lines 530 537) no Hoare annotation was computed. [2022-11-21 09:07:15,844 INFO L895 garLoopResultBuilder]: At program point L559(lines 555 561) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-21 09:07:15,844 INFO L899 garLoopResultBuilder]: For program point L295(lines 295 301) no Hoare annotation was computed. [2022-11-21 09:07:15,844 INFO L899 garLoopResultBuilder]: For program point L295-1(lines 295 301) no Hoare annotation was computed. [2022-11-21 09:07:15,844 INFO L902 garLoopResultBuilder]: At program point L324(lines 265 328) the Hoare annotation is: true [2022-11-21 09:07:15,845 INFO L902 garLoopResultBuilder]: At program point L514(lines 506 516) the Hoare annotation is: true [2022-11-21 09:07:15,845 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 100 124) the Hoare annotation is: (let ((.cse1 (not (<= ~waterLevel~0 1))) (.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (= ~pumpRunning~0 0)) (.cse0 (not (= 1 ~systemActive~0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or .cse2 .cse3 .cse0 .cse1) (or .cse2 .cse3 .cse0 (not (= 2 ~waterLevel~0))))) [2022-11-21 09:07:15,845 INFO L895 garLoopResultBuilder]: At program point L114(line 114) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~0#1| 0)) (not (<= ~waterLevel~0 2))) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-21 09:07:15,846 INFO L895 garLoopResultBuilder]: At program point L238(lines 223 241) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (<= ~waterLevel~0 1)))) (and (or (and (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1| 0) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp___0~0#1| 0)) .cse0 .cse1 .cse2) (or .cse0 (= ~pumpRunning~0 0) .cse1 (not (<= ~waterLevel~0 2))) (or .cse1 (not (<= 1 |old(~pumpRunning~0)|)) .cse2 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-21 09:07:15,846 INFO L899 garLoopResultBuilder]: For program point L108(lines 108 116) no Hoare annotation was computed. [2022-11-21 09:07:15,846 INFO L899 garLoopResultBuilder]: For program point L104(lines 104 121) no Hoare annotation was computed. [2022-11-21 09:07:15,846 INFO L899 garLoopResultBuilder]: For program point L232(lines 232 236) no Hoare annotation was computed. [2022-11-21 09:07:15,846 INFO L899 garLoopResultBuilder]: For program point L232-2(lines 232 236) no Hoare annotation was computed. [2022-11-21 09:07:15,847 INFO L899 garLoopResultBuilder]: For program point L414(lines 414 420) no Hoare annotation was computed. [2022-11-21 09:07:15,847 INFO L895 garLoopResultBuilder]: At program point L156(lines 151 158) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and (<= 1 ~pumpRunning~0) (= 2 ~waterLevel~0)) (not (<= ~waterLevel~0 2))) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-21 09:07:15,847 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 100 124) no Hoare annotation was computed. [2022-11-21 09:07:15,847 INFO L895 garLoopResultBuilder]: At program point L119(line 119) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (not (<= ~waterLevel~0 2))))) [2022-11-21 09:07:15,848 INFO L899 garLoopResultBuilder]: For program point L119-1(lines 100 124) no Hoare annotation was computed. [2022-11-21 09:07:15,848 INFO L895 garLoopResultBuilder]: At program point L419(lines 410 423) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (let ((.cse1 (= ~pumpRunning~0 0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and .cse1 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1| 1)) (and .cse1 (= 2 ~waterLevel~0)) (not (<= ~waterLevel~0 2)))) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-21 09:07:15,848 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 345 356) no Hoare annotation was computed. [2022-11-21 09:07:15,848 INFO L899 garLoopResultBuilder]: For program point L349-1(lines 345 356) no Hoare annotation was computed. [2022-11-21 09:07:15,849 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 345 356) the Hoare annotation is: (let ((.cse1 (not (<= 1 ~pumpRunning~0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 .cse1 (not (= |old(~waterLevel~0)| 2)) .cse2) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse2 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= ~pumpRunning~0 0)) .cse0 .cse2 (not (<= |old(~waterLevel~0)| 2))))) [2022-11-21 09:07:15,849 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 178 186) no Hoare annotation was computed. [2022-11-21 09:07:15,849 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 178 186) the Hoare annotation is: true [2022-11-21 09:07:15,849 INFO L899 garLoopResultBuilder]: For program point isPumpRunningFINAL(lines 178 186) no Hoare annotation was computed. [2022-11-21 09:07:15,854 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-21 09:07:15,856 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-21 09:07:15,939 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 21.11 09:07:15 BoogieIcfgContainer [2022-11-21 09:07:15,939 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-21 09:07:15,940 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-21 09:07:15,940 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-21 09:07:15,940 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-21 09:07:15,941 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 21.11 09:06:53" (3/4) ... [2022-11-21 09:07:15,944 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-21 09:07:15,957 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-21 09:07:15,963 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-21 09:07:15,963 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-21 09:07:15,963 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-21 09:07:15,967 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-21 09:07:15,968 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-21 09:07:15,968 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-11-21 09:07:15,978 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 23 nodes and edges [2022-11-21 09:07:15,979 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 8 nodes and edges [2022-11-21 09:07:15,980 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 4 nodes and edges [2022-11-21 09:07:15,980 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-21 09:07:15,981 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-21 09:07:16,017 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && (((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2))) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-21 09:07:16,019 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-21 09:07:16,020 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((!(\old(waterLevel) <= 1) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && 1 == systemActive) && !(2 <= tmp)) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((pumpRunning == \old(pumpRunning) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && 1 == systemActive) && !(2 <= tmp)) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel)) || ((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) && (((((!(\old(pumpRunning) == 0) || ((((pumpRunning == 0 && 2 == \result) && 2 <= waterLevel) && \old(waterLevel) == waterLevel) && tmp == 2)) || !(1 == systemActive)) || ((((1 <= pumpRunning && 2 == \result) && 2 <= waterLevel) && \old(waterLevel) == waterLevel) && tmp == 2)) || ((((pumpRunning == 0 && waterLevel == \result) && waterLevel <= 1) && !(2 <= tmp)) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && ((((((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel) || ((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2))) && (((((((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel) || !(\old(waterLevel) == 1)) || ((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) [2022-11-21 09:07:16,021 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(1 == systemActive) || (((pumpRunning == 0 && !(tmp == 0)) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) == 1) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && 2 == waterLevel) && \old(waterLevel) == waterLevel))) && (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-21 09:07:16,022 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-21 09:07:16,023 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && waterLevel == \result) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || (((1 <= pumpRunning && 2 == waterLevel) && 2 == \result) && \old(waterLevel) == waterLevel)) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) == 2)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && (((((((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || (((pumpRunning == \old(pumpRunning) && waterLevel == \result) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) [2022-11-21 09:07:16,023 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-21 09:07:16,024 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && \result == 1)) || (pumpRunning == 0 && 2 == waterLevel)) || !(waterLevel <= 2)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) [2022-11-21 09:07:16,024 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) <= 1) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-21 09:07:16,024 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((\result == 0 && tmp___0 == 0) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || !(waterLevel <= 1)) && (((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(waterLevel <= 2))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) [2022-11-21 09:07:16,025 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(1 == systemActive) || (((pumpRunning == 0 && !(tmp == 0)) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) && ((((!(\old(waterLevel) == 1) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((((((((pumpRunning == 0 && !(tmp == 0)) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-21 09:07:16,025 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (1 <= pumpRunning && 2 == waterLevel)) || !(waterLevel <= 2)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) [2022-11-21 09:07:16,073 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/bin/uautomizer-vX5HgA9Q3a/witness.graphml [2022-11-21 09:07:16,073 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-21 09:07:16,074 INFO L158 Benchmark]: Toolchain (without parser) took 24542.83ms. Allocated memory was 140.5MB in the beginning and 270.5MB in the end (delta: 130.0MB). Free memory was 98.5MB in the beginning and 175.8MB in the end (delta: -77.3MB). Peak memory consumption was 53.1MB. Max. memory is 16.1GB. [2022-11-21 09:07:16,074 INFO L158 Benchmark]: CDTParser took 0.34ms. Allocated memory is still 140.5MB. Free memory is still 82.6MB. There was no memory consumed. Max. memory is 16.1GB. [2022-11-21 09:07:16,074 INFO L158 Benchmark]: CACSL2BoogieTranslator took 643.25ms. Allocated memory is still 140.5MB. Free memory was 98.5MB in the beginning and 79.6MB in the end (delta: 18.9MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2022-11-21 09:07:16,075 INFO L158 Benchmark]: Boogie Procedure Inliner took 62.55ms. Allocated memory is still 140.5MB. Free memory was 79.6MB in the beginning and 77.5MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-21 09:07:16,075 INFO L158 Benchmark]: Boogie Preprocessor took 40.21ms. Allocated memory is still 140.5MB. Free memory was 77.5MB in the beginning and 75.9MB in the end (delta: 1.6MB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-21 09:07:16,076 INFO L158 Benchmark]: RCFGBuilder took 887.50ms. Allocated memory was 140.5MB in the beginning and 186.6MB in the end (delta: 46.1MB). Free memory was 75.9MB in the beginning and 147.7MB in the end (delta: -71.9MB). Peak memory consumption was 16.1MB. Max. memory is 16.1GB. [2022-11-21 09:07:16,077 INFO L158 Benchmark]: TraceAbstraction took 22763.97ms. Allocated memory was 186.6MB in the beginning and 270.5MB in the end (delta: 83.9MB). Free memory was 146.7MB in the beginning and 181.0MB in the end (delta: -34.3MB). Peak memory consumption was 152.3MB. Max. memory is 16.1GB. [2022-11-21 09:07:16,078 INFO L158 Benchmark]: Witness Printer took 133.27ms. Allocated memory is still 270.5MB. Free memory was 181.0MB in the beginning and 175.8MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-11-21 09:07:16,081 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.34ms. Allocated memory is still 140.5MB. Free memory is still 82.6MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 643.25ms. Allocated memory is still 140.5MB. Free memory was 98.5MB in the beginning and 79.6MB in the end (delta: 18.9MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 62.55ms. Allocated memory is still 140.5MB. Free memory was 79.6MB in the beginning and 77.5MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 40.21ms. Allocated memory is still 140.5MB. Free memory was 77.5MB in the beginning and 75.9MB in the end (delta: 1.6MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 887.50ms. Allocated memory was 140.5MB in the beginning and 186.6MB in the end (delta: 46.1MB). Free memory was 75.9MB in the beginning and 147.7MB in the end (delta: -71.9MB). Peak memory consumption was 16.1MB. Max. memory is 16.1GB. * TraceAbstraction took 22763.97ms. Allocated memory was 186.6MB in the beginning and 270.5MB in the end (delta: 83.9MB). Free memory was 146.7MB in the beginning and 181.0MB in the end (delta: -34.3MB). Peak memory consumption was 152.3MB. Max. memory is 16.1GB. * Witness Printer took 133.27ms. Allocated memory is still 270.5MB. Free memory was 181.0MB in the beginning and 175.8MB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 438]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 92 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 22.6s, OverallIterations: 11, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 6.4s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 9.9s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2626 SdHoareTripleChecker+Valid, 3.5s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2583 mSDsluCounter, 5075 SdHoareTripleChecker+Invalid, 2.9s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3851 mSDsCounter, 789 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 3440 IncrementalHoareTripleChecker+Invalid, 4229 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 789 mSolverCounterUnsat, 1224 mSDtfsCounter, 3440 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 828 GetRequests, 656 SyntacticMatches, 10 SemanticMatches, 162 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1241 ImplicationChecksByTransitivity, 2.4s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=580occurred in iteration=10, InterpolantAutomatonStates: 143, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.6s AutomataMinimizationTime, 11 MinimizatonAttempts, 283 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 42 LocationsWithAnnotation, 1395 PreInvPairs, 1661 NumberOfFragments, 2740 HoareAnnotationTreeSize, 1395 FomulaSimplifications, 5612 FormulaSimplificationTreeSizeReduction, 1.3s HoareSimplificationTime, 42 FomulaSimplificationsInter, 24532 FormulaSimplificationTreeSizeReductionInter, 8.4s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.4s SatisfiabilityAnalysisTime, 4.1s InterpolantComputationTime, 956 NumberOfCodeBlocks, 956 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 1209 ConstructedInterpolants, 0 QuantifiedInterpolants, 2411 SizeOfPredicates, 6 NumberOfNonLiveVariables, 869 ConjunctsInSsa, 21 ConjunctsInUnsatCore, 15 InterpolantComputations, 9 PerfectInterpolantSequences, 616/696 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 520]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 946]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 434]: Loop Invariant Derived loop invariant: ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 151]: Loop Invariant Derived loop invariant: (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (1 <= pumpRunning && 2 == waterLevel)) || !(waterLevel <= 2)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 498]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 401]: Loop Invariant Derived loop invariant: (((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && waterLevel == \result) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || (((1 <= pumpRunning && 2 == waterLevel) && 2 == \result) && \old(waterLevel) == waterLevel)) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) == 2)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && (((((((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || (((pumpRunning == \old(pumpRunning) && waterLevel == \result) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 223]: Loop Invariant Derived loop invariant: (((((\result == 0 && tmp___0 == 0) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || !(waterLevel <= 1)) && (((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(waterLevel <= 2))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 159]: Loop Invariant Derived loop invariant: ((((((!(1 == systemActive) || (((pumpRunning == 0 && !(tmp == 0)) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) && ((((!(\old(waterLevel) == 1) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((((((((pumpRunning == 0 && !(tmp == 0)) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 275]: Loop Invariant Derived loop invariant: ((((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && splverifierCounter == 0) && 1 <= switchedOnBeforeTS) || (((pumpRunning == 0 && 2 == waterLevel) && 1 == systemActive) && splverifierCounter == 0)) || (((1 <= pumpRunning && 2 == waterLevel) && 1 == systemActive) && splverifierCounter == 0)) || (((pumpRunning == 0 && waterLevel <= 1) && 1 == systemActive) && splverifierCounter == 0) - InvariantResult [Line: 242]: Loop Invariant Derived loop invariant: ((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) <= 1) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 410]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && \result == 1)) || (pumpRunning == 0 && 2 == waterLevel)) || !(waterLevel <= 2)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 562]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 424]: Loop Invariant Derived loop invariant: (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 454]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 555]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 506]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 964]: Loop Invariant Derived loop invariant: ((((((((((!(\old(waterLevel) <= 1) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && 1 == systemActive) && !(2 <= tmp)) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((pumpRunning == \old(pumpRunning) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && 1 == systemActive) && !(2 <= tmp)) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel)) || ((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS))) && (((((!(\old(pumpRunning) == 0) || ((((pumpRunning == 0 && 2 == \result) && 2 <= waterLevel) && \old(waterLevel) == waterLevel) && tmp == 2)) || !(1 == systemActive)) || ((((1 <= pumpRunning && 2 == \result) && 2 <= waterLevel) && \old(waterLevel) == waterLevel) && tmp == 2)) || ((((pumpRunning == 0 && waterLevel == \result) && waterLevel <= 1) && !(2 <= tmp)) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && ((((((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel) || ((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2))) && (((((((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel) || !(\old(waterLevel) == 1)) || ((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS) && tmp <= waterLevel)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 333]: Loop Invariant Derived loop invariant: (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 444]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 569]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 274]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 954]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && (((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2))) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 265]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 126]: Loop Invariant Derived loop invariant: (((((((!(1 == systemActive) || (((pumpRunning == 0 && !(tmp == 0)) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) == 1) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && 2 == waterLevel) && \old(waterLevel) == waterLevel))) && (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) RESULT: Ultimate proved your program to be correct! [2022-11-21 09:07:16,150 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2f300ae3-598a-43e3-b2df-6bd3d7d93afc/bin/uautomizer-vX5HgA9Q3a/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE