./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product42.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 38b53e6a Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a006e1d6-e1a2-49d5-bb48-63139147b41b/bin/uautomizer-ZsLfNo2U6R/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a006e1d6-e1a2-49d5-bb48-63139147b41b/bin/uautomizer-ZsLfNo2U6R/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a006e1d6-e1a2-49d5-bb48-63139147b41b/bin/uautomizer-ZsLfNo2U6R/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a006e1d6-e1a2-49d5-bb48-63139147b41b/bin/uautomizer-ZsLfNo2U6R/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product42.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a006e1d6-e1a2-49d5-bb48-63139147b41b/bin/uautomizer-ZsLfNo2U6R/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a006e1d6-e1a2-49d5-bb48-63139147b41b/bin/uautomizer-ZsLfNo2U6R --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 76f5874bdc2210da6be360b9991ed804689b1623a0180577df5607e0ad5d02da --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-38b53e6 [2022-11-25 15:36:42,861 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-25 15:36:42,864 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-25 15:36:42,885 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-25 15:36:42,886 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-25 15:36:42,887 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-25 15:36:42,888 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-25 15:36:42,890 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-25 15:36:42,892 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-25 15:36:42,892 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-25 15:36:42,893 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-25 15:36:42,895 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-25 15:36:42,895 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-25 15:36:42,896 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-25 15:36:42,897 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-25 15:36:42,898 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-25 15:36:42,899 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-25 15:36:42,900 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-25 15:36:42,902 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-25 15:36:42,904 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-25 15:36:42,905 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-25 15:36:42,907 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-25 15:36:42,908 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-25 15:36:42,909 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-25 15:36:42,913 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-25 15:36:42,913 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-25 15:36:42,913 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-25 15:36:42,914 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-25 15:36:42,915 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-25 15:36:42,916 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-25 15:36:42,916 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-25 15:36:42,917 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-25 15:36:42,918 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-25 15:36:42,919 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-25 15:36:42,920 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-25 15:36:42,920 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-25 15:36:42,921 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-25 15:36:42,921 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-25 15:36:42,922 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-25 15:36:42,923 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-25 15:36:42,924 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-25 15:36:42,924 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a006e1d6-e1a2-49d5-bb48-63139147b41b/bin/uautomizer-ZsLfNo2U6R/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-11-25 15:36:42,948 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-25 15:36:42,949 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-25 15:36:42,949 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-25 15:36:42,949 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-25 15:36:42,950 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-25 15:36:42,950 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-25 15:36:42,951 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-11-25 15:36:42,951 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-11-25 15:36:42,952 INFO L138 SettingsManager]: * Use SBE=true [2022-11-25 15:36:42,952 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-25 15:36:42,952 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-25 15:36:42,952 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-25 15:36:42,953 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-25 15:36:42,953 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-25 15:36:42,953 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-25 15:36:42,953 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-25 15:36:42,954 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-25 15:36:42,954 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-25 15:36:42,954 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-25 15:36:42,955 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-25 15:36:42,955 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-25 15:36:42,955 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-25 15:36:42,955 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-11-25 15:36:42,956 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-25 15:36:42,956 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-25 15:36:42,956 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-25 15:36:42,956 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-25 15:36:42,957 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-25 15:36:42,957 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-11-25 15:36:42,957 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-25 15:36:42,957 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-11-25 15:36:42,958 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-25 15:36:42,958 INFO L138 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2022-11-25 15:36:42,958 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2022-11-25 15:36:42,958 INFO L138 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a006e1d6-e1a2-49d5-bb48-63139147b41b/bin/uautomizer-ZsLfNo2U6R/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a006e1d6-e1a2-49d5-bb48-63139147b41b/bin/uautomizer-ZsLfNo2U6R Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 76f5874bdc2210da6be360b9991ed804689b1623a0180577df5607e0ad5d02da [2022-11-25 15:36:43,221 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-25 15:36:43,244 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-25 15:36:43,247 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-25 15:36:43,248 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-25 15:36:43,248 INFO L275 PluginConnector]: CDTParser initialized [2022-11-25 15:36:43,250 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a006e1d6-e1a2-49d5-bb48-63139147b41b/bin/uautomizer-ZsLfNo2U6R/../../sv-benchmarks/c/product-lines/minepump_spec5_product42.cil.c [2022-11-25 15:36:46,472 INFO L500 CDTParser]: Created temporary CDT project at NULL [2022-11-25 15:36:46,710 INFO L351 CDTParser]: Found 1 translation units. [2022-11-25 15:36:46,710 INFO L172 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a006e1d6-e1a2-49d5-bb48-63139147b41b/sv-benchmarks/c/product-lines/minepump_spec5_product42.cil.c [2022-11-25 15:36:46,722 INFO L394 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a006e1d6-e1a2-49d5-bb48-63139147b41b/bin/uautomizer-ZsLfNo2U6R/data/db5785704/279719e9b1a9483eb7fce171a2214d3a/FLAG6da56b08a [2022-11-25 15:36:46,743 INFO L402 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a006e1d6-e1a2-49d5-bb48-63139147b41b/bin/uautomizer-ZsLfNo2U6R/data/db5785704/279719e9b1a9483eb7fce171a2214d3a [2022-11-25 15:36:46,750 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-25 15:36:46,753 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-25 15:36:46,757 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-25 15:36:46,757 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-25 15:36:46,760 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-25 15:36:46,761 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 25.11 03:36:46" (1/1) ... [2022-11-25 15:36:46,763 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@314cc5ca and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 03:36:46, skipping insertion in model container [2022-11-25 15:36:46,763 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 25.11 03:36:46" (1/1) ... [2022-11-25 15:36:46,770 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-25 15:36:46,831 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-25 15:36:47,000 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a006e1d6-e1a2-49d5-bb48-63139147b41b/sv-benchmarks/c/product-lines/minepump_spec5_product42.cil.c[3693,3706] [2022-11-25 15:36:47,087 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-25 15:36:47,098 INFO L203 MainTranslator]: Completed pre-run [2022-11-25 15:36:47,119 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a006e1d6-e1a2-49d5-bb48-63139147b41b/sv-benchmarks/c/product-lines/minepump_spec5_product42.cil.c[3693,3706] [2022-11-25 15:36:47,196 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-25 15:36:47,218 INFO L208 MainTranslator]: Completed translation [2022-11-25 15:36:47,219 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 03:36:47 WrapperNode [2022-11-25 15:36:47,219 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-25 15:36:47,220 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-25 15:36:47,221 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-25 15:36:47,221 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-25 15:36:47,228 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 03:36:47" (1/1) ... [2022-11-25 15:36:47,254 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 03:36:47" (1/1) ... [2022-11-25 15:36:47,293 INFO L138 Inliner]: procedures = 56, calls = 99, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 198 [2022-11-25 15:36:47,294 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-25 15:36:47,294 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-25 15:36:47,295 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-25 15:36:47,295 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-25 15:36:47,305 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 03:36:47" (1/1) ... [2022-11-25 15:36:47,305 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 03:36:47" (1/1) ... [2022-11-25 15:36:47,312 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 03:36:47" (1/1) ... [2022-11-25 15:36:47,313 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 03:36:47" (1/1) ... [2022-11-25 15:36:47,317 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 03:36:47" (1/1) ... [2022-11-25 15:36:47,322 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 03:36:47" (1/1) ... [2022-11-25 15:36:47,323 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 03:36:47" (1/1) ... [2022-11-25 15:36:47,325 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 03:36:47" (1/1) ... [2022-11-25 15:36:47,327 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-25 15:36:47,328 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-25 15:36:47,328 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-25 15:36:47,328 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-25 15:36:47,329 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 03:36:47" (1/1) ... [2022-11-25 15:36:47,336 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-25 15:36:47,348 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a006e1d6-e1a2-49d5-bb48-63139147b41b/bin/uautomizer-ZsLfNo2U6R/z3 [2022-11-25 15:36:47,370 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a006e1d6-e1a2-49d5-bb48-63139147b41b/bin/uautomizer-ZsLfNo2U6R/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-25 15:36:47,380 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a006e1d6-e1a2-49d5-bb48-63139147b41b/bin/uautomizer-ZsLfNo2U6R/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-25 15:36:47,417 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-25 15:36:47,417 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-25 15:36:47,418 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-25 15:36:47,418 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-25 15:36:47,418 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-25 15:36:47,418 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-25 15:36:47,420 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-25 15:36:47,421 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-25 15:36:47,421 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-25 15:36:47,421 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-11-25 15:36:47,422 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-11-25 15:36:47,422 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-25 15:36:47,422 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-25 15:36:47,422 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-25 15:36:47,423 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-25 15:36:47,423 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-25 15:36:47,548 INFO L235 CfgBuilder]: Building ICFG [2022-11-25 15:36:47,550 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-25 15:36:47,936 INFO L276 CfgBuilder]: Performing block encoding [2022-11-25 15:36:47,943 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-25 15:36:47,943 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-25 15:36:47,946 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 25.11 03:36:47 BoogieIcfgContainer [2022-11-25 15:36:47,946 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-25 15:36:47,949 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-25 15:36:47,949 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-25 15:36:47,953 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-25 15:36:47,953 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 25.11 03:36:46" (1/3) ... [2022-11-25 15:36:47,954 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@77eed949 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 25.11 03:36:47, skipping insertion in model container [2022-11-25 15:36:47,954 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 03:36:47" (2/3) ... [2022-11-25 15:36:47,954 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@77eed949 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 25.11 03:36:47, skipping insertion in model container [2022-11-25 15:36:47,954 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 25.11 03:36:47" (3/3) ... [2022-11-25 15:36:47,956 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product42.cil.c [2022-11-25 15:36:47,976 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-25 15:36:47,976 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-25 15:36:48,033 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-25 15:36:48,040 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@79c4f0ec, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-25 15:36:48,040 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-25 15:36:48,045 INFO L276 IsEmpty]: Start isEmpty. Operand has 85 states, 67 states have (on average 1.373134328358209) internal successors, (92), 73 states have internal predecessors, (92), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-11-25 15:36:48,056 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2022-11-25 15:36:48,056 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 15:36:48,057 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 15:36:48,057 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-25 15:36:48,063 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 15:36:48,063 INFO L85 PathProgramCache]: Analyzing trace with hash -690410843, now seen corresponding path program 1 times [2022-11-25 15:36:48,074 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-25 15:36:48,074 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2089458061] [2022-11-25 15:36:48,075 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 15:36:48,075 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-25 15:36:48,210 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:48,297 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-11-25 15:36:48,305 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:48,313 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-11-25 15:36:48,332 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:48,335 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-25 15:36:48,336 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-25 15:36:48,336 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2089458061] [2022-11-25 15:36:48,337 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2089458061] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-25 15:36:48,337 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-25 15:36:48,338 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-25 15:36:48,339 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [645559945] [2022-11-25 15:36:48,343 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-25 15:36:48,348 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-25 15:36:48,349 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-25 15:36:48,392 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-25 15:36:48,393 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-25 15:36:48,396 INFO L87 Difference]: Start difference. First operand has 85 states, 67 states have (on average 1.373134328358209) internal successors, (92), 73 states have internal predecessors, (92), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-25 15:36:48,432 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 15:36:48,432 INFO L93 Difference]: Finished difference Result 161 states and 218 transitions. [2022-11-25 15:36:48,433 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-25 15:36:48,435 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2022-11-25 15:36:48,435 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 15:36:48,443 INFO L225 Difference]: With dead ends: 161 [2022-11-25 15:36:48,444 INFO L226 Difference]: Without dead ends: 76 [2022-11-25 15:36:48,447 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-25 15:36:48,451 INFO L413 NwaCegarLoop]: 106 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 106 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-25 15:36:48,452 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 106 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-25 15:36:48,467 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 76 states. [2022-11-25 15:36:48,489 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 76 to 76. [2022-11-25 15:36:48,491 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 76 states, 60 states have (on average 1.3) internal successors, (78), 65 states have internal predecessors, (78), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-25 15:36:48,493 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 76 states to 76 states and 97 transitions. [2022-11-25 15:36:48,495 INFO L78 Accepts]: Start accepts. Automaton has 76 states and 97 transitions. Word has length 32 [2022-11-25 15:36:48,495 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 15:36:48,495 INFO L495 AbstractCegarLoop]: Abstraction has 76 states and 97 transitions. [2022-11-25 15:36:48,496 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-25 15:36:48,496 INFO L276 IsEmpty]: Start isEmpty. Operand 76 states and 97 transitions. [2022-11-25 15:36:48,498 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-11-25 15:36:48,498 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 15:36:48,499 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 15:36:48,499 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-25 15:36:48,499 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-25 15:36:48,500 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 15:36:48,500 INFO L85 PathProgramCache]: Analyzing trace with hash 1965939987, now seen corresponding path program 1 times [2022-11-25 15:36:48,501 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-25 15:36:48,501 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1230123001] [2022-11-25 15:36:48,501 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 15:36:48,501 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-25 15:36:48,524 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:48,627 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-11-25 15:36:48,630 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:48,632 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2022-11-25 15:36:48,634 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:48,637 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-25 15:36:48,637 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-25 15:36:48,638 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1230123001] [2022-11-25 15:36:48,647 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1230123001] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-25 15:36:48,647 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-25 15:36:48,648 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-25 15:36:48,648 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [549792959] [2022-11-25 15:36:48,648 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-25 15:36:48,651 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-25 15:36:48,651 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-25 15:36:48,652 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-25 15:36:48,652 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-25 15:36:48,654 INFO L87 Difference]: Start difference. First operand 76 states and 97 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-25 15:36:48,683 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 15:36:48,683 INFO L93 Difference]: Finished difference Result 116 states and 148 transitions. [2022-11-25 15:36:48,688 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-25 15:36:48,689 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2022-11-25 15:36:48,690 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 15:36:48,693 INFO L225 Difference]: With dead ends: 116 [2022-11-25 15:36:48,695 INFO L226 Difference]: Without dead ends: 67 [2022-11-25 15:36:48,696 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-25 15:36:48,697 INFO L413 NwaCegarLoop]: 84 mSDtfsCounter, 13 mSDsluCounter, 67 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 151 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-25 15:36:48,698 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [16 Valid, 151 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-25 15:36:48,703 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 67 states. [2022-11-25 15:36:48,710 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 67 to 67. [2022-11-25 15:36:48,711 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 67 states, 54 states have (on average 1.3148148148148149) internal successors, (71), 59 states have internal predecessors, (71), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-11-25 15:36:48,712 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 67 states to 67 states and 85 transitions. [2022-11-25 15:36:48,713 INFO L78 Accepts]: Start accepts. Automaton has 67 states and 85 transitions. Word has length 33 [2022-11-25 15:36:48,713 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 15:36:48,713 INFO L495 AbstractCegarLoop]: Abstraction has 67 states and 85 transitions. [2022-11-25 15:36:48,713 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-25 15:36:48,714 INFO L276 IsEmpty]: Start isEmpty. Operand 67 states and 85 transitions. [2022-11-25 15:36:48,715 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-11-25 15:36:48,715 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 15:36:48,715 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 15:36:48,715 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-25 15:36:48,716 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-25 15:36:48,716 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 15:36:48,716 INFO L85 PathProgramCache]: Analyzing trace with hash -1695410136, now seen corresponding path program 1 times [2022-11-25 15:36:48,717 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-25 15:36:48,717 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [727263253] [2022-11-25 15:36:48,717 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 15:36:48,717 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-25 15:36:48,740 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:48,861 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-25 15:36:48,863 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:48,868 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2022-11-25 15:36:48,869 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:48,872 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-25 15:36:48,872 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-25 15:36:48,873 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [727263253] [2022-11-25 15:36:48,873 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [727263253] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-25 15:36:48,873 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-25 15:36:48,873 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-25 15:36:48,873 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2091903544] [2022-11-25 15:36:48,874 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-25 15:36:48,874 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-25 15:36:48,874 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-25 15:36:48,875 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-25 15:36:48,875 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-25 15:36:48,876 INFO L87 Difference]: Start difference. First operand 67 states and 85 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-25 15:36:48,998 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 15:36:49,003 INFO L93 Difference]: Finished difference Result 126 states and 163 transitions. [2022-11-25 15:36:49,004 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-25 15:36:49,005 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2022-11-25 15:36:49,005 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 15:36:49,006 INFO L225 Difference]: With dead ends: 126 [2022-11-25 15:36:49,008 INFO L226 Difference]: Without dead ends: 67 [2022-11-25 15:36:49,008 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-11-25 15:36:49,011 INFO L413 NwaCegarLoop]: 78 mSDtfsCounter, 108 mSDsluCounter, 122 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 108 SdHoareTripleChecker+Valid, 200 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-25 15:36:49,016 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [108 Valid, 200 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-25 15:36:49,017 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 67 states. [2022-11-25 15:36:49,027 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 67 to 67. [2022-11-25 15:36:49,035 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 67 states, 54 states have (on average 1.2962962962962963) internal successors, (70), 59 states have internal predecessors, (70), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-11-25 15:36:49,036 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 67 states to 67 states and 84 transitions. [2022-11-25 15:36:49,037 INFO L78 Accepts]: Start accepts. Automaton has 67 states and 84 transitions. Word has length 38 [2022-11-25 15:36:49,038 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 15:36:49,039 INFO L495 AbstractCegarLoop]: Abstraction has 67 states and 84 transitions. [2022-11-25 15:36:49,039 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-25 15:36:49,039 INFO L276 IsEmpty]: Start isEmpty. Operand 67 states and 84 transitions. [2022-11-25 15:36:49,041 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2022-11-25 15:36:49,042 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 15:36:49,043 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 15:36:49,043 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-25 15:36:49,044 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-25 15:36:49,044 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 15:36:49,045 INFO L85 PathProgramCache]: Analyzing trace with hash 610140587, now seen corresponding path program 1 times [2022-11-25 15:36:49,045 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-25 15:36:49,045 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [738864049] [2022-11-25 15:36:49,046 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 15:36:49,046 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-25 15:36:49,078 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:49,224 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-25 15:36:49,226 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:49,229 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-25 15:36:49,230 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:49,231 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2022-11-25 15:36:49,232 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:49,234 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-25 15:36:49,234 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-25 15:36:49,235 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [738864049] [2022-11-25 15:36:49,235 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [738864049] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-25 15:36:49,235 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-25 15:36:49,235 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-25 15:36:49,236 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [34205110] [2022-11-25 15:36:49,236 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-25 15:36:49,236 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-25 15:36:49,236 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-25 15:36:49,237 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-25 15:36:49,237 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-25 15:36:49,238 INFO L87 Difference]: Start difference. First operand 67 states and 84 transitions. Second operand has 3 states, 3 states have (on average 11.333333333333334) internal successors, (34), 3 states have internal predecessors, (34), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-25 15:36:49,300 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 15:36:49,301 INFO L93 Difference]: Finished difference Result 171 states and 219 transitions. [2022-11-25 15:36:49,301 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-25 15:36:49,302 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.333333333333334) internal successors, (34), 3 states have internal predecessors, (34), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 43 [2022-11-25 15:36:49,302 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 15:36:49,303 INFO L225 Difference]: With dead ends: 171 [2022-11-25 15:36:49,303 INFO L226 Difference]: Without dead ends: 112 [2022-11-25 15:36:49,304 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-25 15:36:49,305 INFO L413 NwaCegarLoop]: 93 mSDtfsCounter, 52 mSDsluCounter, 57 mSDsCounter, 0 mSdLazyCounter, 7 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 52 SdHoareTripleChecker+Valid, 150 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 7 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-25 15:36:49,306 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [52 Valid, 150 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 7 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-25 15:36:49,307 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 112 states. [2022-11-25 15:36:49,323 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 112 to 110. [2022-11-25 15:36:49,324 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 110 states, 87 states have (on average 1.2873563218390804) internal successors, (112), 94 states have internal predecessors, (112), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (14), 12 states have call predecessors, (14), 12 states have call successors, (14) [2022-11-25 15:36:49,326 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 110 states to 110 states and 138 transitions. [2022-11-25 15:36:49,326 INFO L78 Accepts]: Start accepts. Automaton has 110 states and 138 transitions. Word has length 43 [2022-11-25 15:36:49,327 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 15:36:49,327 INFO L495 AbstractCegarLoop]: Abstraction has 110 states and 138 transitions. [2022-11-25 15:36:49,327 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.333333333333334) internal successors, (34), 3 states have internal predecessors, (34), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-25 15:36:49,327 INFO L276 IsEmpty]: Start isEmpty. Operand 110 states and 138 transitions. [2022-11-25 15:36:49,329 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2022-11-25 15:36:49,329 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 15:36:49,329 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 15:36:49,329 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-25 15:36:49,330 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-25 15:36:49,330 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 15:36:49,330 INFO L85 PathProgramCache]: Analyzing trace with hash 1028234707, now seen corresponding path program 1 times [2022-11-25 15:36:49,331 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-25 15:36:49,331 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [338975928] [2022-11-25 15:36:49,331 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 15:36:49,331 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-25 15:36:49,346 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:49,439 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-25 15:36:49,441 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:49,443 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2022-11-25 15:36:49,445 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:49,446 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 41 [2022-11-25 15:36:49,448 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:49,481 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-25 15:36:49,481 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-25 15:36:49,482 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [338975928] [2022-11-25 15:36:49,482 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [338975928] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-25 15:36:49,482 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-25 15:36:49,482 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-25 15:36:49,482 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2043172951] [2022-11-25 15:36:49,483 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-25 15:36:49,483 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-25 15:36:49,483 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-25 15:36:49,484 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-25 15:36:49,484 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-25 15:36:49,484 INFO L87 Difference]: Start difference. First operand 110 states and 138 transitions. Second operand has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-11-25 15:36:49,607 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 15:36:49,607 INFO L93 Difference]: Finished difference Result 217 states and 276 transitions. [2022-11-25 15:36:49,608 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-11-25 15:36:49,608 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 49 [2022-11-25 15:36:49,609 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 15:36:49,610 INFO L225 Difference]: With dead ends: 217 [2022-11-25 15:36:49,610 INFO L226 Difference]: Without dead ends: 115 [2022-11-25 15:36:49,611 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-11-25 15:36:49,612 INFO L413 NwaCegarLoop]: 95 mSDtfsCounter, 37 mSDsluCounter, 310 mSDsCounter, 0 mSdLazyCounter, 50 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 38 SdHoareTripleChecker+Valid, 405 SdHoareTripleChecker+Invalid, 53 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 50 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-25 15:36:49,613 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [38 Valid, 405 Invalid, 53 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 50 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-25 15:36:49,614 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 115 states. [2022-11-25 15:36:49,636 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 115 to 109. [2022-11-25 15:36:49,637 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 109 states, 86 states have (on average 1.2674418604651163) internal successors, (109), 93 states have internal predecessors, (109), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (14), 12 states have call predecessors, (14), 12 states have call successors, (14) [2022-11-25 15:36:49,638 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 109 states to 109 states and 135 transitions. [2022-11-25 15:36:49,639 INFO L78 Accepts]: Start accepts. Automaton has 109 states and 135 transitions. Word has length 49 [2022-11-25 15:36:49,639 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 15:36:49,639 INFO L495 AbstractCegarLoop]: Abstraction has 109 states and 135 transitions. [2022-11-25 15:36:49,639 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-11-25 15:36:49,640 INFO L276 IsEmpty]: Start isEmpty. Operand 109 states and 135 transitions. [2022-11-25 15:36:49,641 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2022-11-25 15:36:49,641 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 15:36:49,641 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 15:36:49,641 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-25 15:36:49,642 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-25 15:36:49,642 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 15:36:49,642 INFO L85 PathProgramCache]: Analyzing trace with hash -2048289411, now seen corresponding path program 1 times [2022-11-25 15:36:49,642 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-25 15:36:49,643 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [521731106] [2022-11-25 15:36:49,643 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 15:36:49,643 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-25 15:36:49,670 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:49,801 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-25 15:36:49,802 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:49,804 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2022-11-25 15:36:49,805 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:49,806 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-25 15:36:49,807 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-25 15:36:49,807 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [521731106] [2022-11-25 15:36:49,807 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [521731106] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-25 15:36:49,807 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-25 15:36:49,807 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-25 15:36:49,808 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1334160604] [2022-11-25 15:36:49,808 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-25 15:36:49,808 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-25 15:36:49,808 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-25 15:36:49,809 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-25 15:36:49,809 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-25 15:36:49,809 INFO L87 Difference]: Start difference. First operand 109 states and 135 transitions. Second operand has 5 states, 5 states have (on average 8.8) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-25 15:36:49,915 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 15:36:49,915 INFO L93 Difference]: Finished difference Result 234 states and 298 transitions. [2022-11-25 15:36:49,916 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-11-25 15:36:49,916 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.8) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 51 [2022-11-25 15:36:49,917 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 15:36:49,918 INFO L225 Difference]: With dead ends: 234 [2022-11-25 15:36:49,919 INFO L226 Difference]: Without dead ends: 133 [2022-11-25 15:36:49,920 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-11-25 15:36:49,921 INFO L413 NwaCegarLoop]: 97 mSDtfsCounter, 33 mSDsluCounter, 251 mSDsCounter, 0 mSdLazyCounter, 13 mSolverCounterSat, 7 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 35 SdHoareTripleChecker+Valid, 348 SdHoareTripleChecker+Invalid, 20 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 7 IncrementalHoareTripleChecker+Valid, 13 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-25 15:36:49,921 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [35 Valid, 348 Invalid, 20 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [7 Valid, 13 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-25 15:36:49,922 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 133 states. [2022-11-25 15:36:49,949 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 133 to 112. [2022-11-25 15:36:49,950 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 112 states, 89 states have (on average 1.2584269662921348) internal successors, (112), 96 states have internal predecessors, (112), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (14), 12 states have call predecessors, (14), 12 states have call successors, (14) [2022-11-25 15:36:49,953 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 112 states to 112 states and 138 transitions. [2022-11-25 15:36:49,953 INFO L78 Accepts]: Start accepts. Automaton has 112 states and 138 transitions. Word has length 51 [2022-11-25 15:36:49,956 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 15:36:49,956 INFO L495 AbstractCegarLoop]: Abstraction has 112 states and 138 transitions. [2022-11-25 15:36:49,957 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.8) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-25 15:36:49,957 INFO L276 IsEmpty]: Start isEmpty. Operand 112 states and 138 transitions. [2022-11-25 15:36:49,962 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2022-11-25 15:36:49,962 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 15:36:49,963 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 15:36:49,963 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-25 15:36:49,964 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-25 15:36:49,965 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 15:36:49,965 INFO L85 PathProgramCache]: Analyzing trace with hash -1625587585, now seen corresponding path program 1 times [2022-11-25 15:36:49,967 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-25 15:36:49,968 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1395744424] [2022-11-25 15:36:49,968 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 15:36:49,968 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-25 15:36:49,994 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:50,047 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-25 15:36:50,048 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:50,050 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2022-11-25 15:36:50,051 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:50,052 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-25 15:36:50,053 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-25 15:36:50,053 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1395744424] [2022-11-25 15:36:50,053 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1395744424] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-25 15:36:50,053 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-25 15:36:50,054 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-25 15:36:50,054 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [199559218] [2022-11-25 15:36:50,054 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-25 15:36:50,054 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-25 15:36:50,055 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-25 15:36:50,055 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-25 15:36:50,055 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-25 15:36:50,056 INFO L87 Difference]: Start difference. First operand 112 states and 138 transitions. Second operand has 4 states, 4 states have (on average 11.0) internal successors, (44), 4 states have internal predecessors, (44), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-25 15:36:50,101 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 15:36:50,102 INFO L93 Difference]: Finished difference Result 232 states and 293 transitions. [2022-11-25 15:36:50,102 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-11-25 15:36:50,102 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 11.0) internal successors, (44), 4 states have internal predecessors, (44), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 51 [2022-11-25 15:36:50,103 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 15:36:50,104 INFO L225 Difference]: With dead ends: 232 [2022-11-25 15:36:50,104 INFO L226 Difference]: Without dead ends: 128 [2022-11-25 15:36:50,105 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-25 15:36:50,106 INFO L413 NwaCegarLoop]: 86 mSDtfsCounter, 27 mSDsluCounter, 160 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 27 SdHoareTripleChecker+Valid, 246 SdHoareTripleChecker+Invalid, 13 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-25 15:36:50,106 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [27 Valid, 246 Invalid, 13 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-25 15:36:50,107 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 128 states. [2022-11-25 15:36:50,120 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 128 to 114. [2022-11-25 15:36:50,120 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 114 states, 91 states have (on average 1.2527472527472527) internal successors, (114), 98 states have internal predecessors, (114), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (14), 12 states have call predecessors, (14), 12 states have call successors, (14) [2022-11-25 15:36:50,121 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 114 states to 114 states and 140 transitions. [2022-11-25 15:36:50,121 INFO L78 Accepts]: Start accepts. Automaton has 114 states and 140 transitions. Word has length 51 [2022-11-25 15:36:50,121 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 15:36:50,122 INFO L495 AbstractCegarLoop]: Abstraction has 114 states and 140 transitions. [2022-11-25 15:36:50,122 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 11.0) internal successors, (44), 4 states have internal predecessors, (44), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-25 15:36:50,122 INFO L276 IsEmpty]: Start isEmpty. Operand 114 states and 140 transitions. [2022-11-25 15:36:50,123 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2022-11-25 15:36:50,123 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 15:36:50,123 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 15:36:50,123 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-25 15:36:50,124 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-25 15:36:50,124 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 15:36:50,124 INFO L85 PathProgramCache]: Analyzing trace with hash 863941377, now seen corresponding path program 1 times [2022-11-25 15:36:50,124 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-25 15:36:50,124 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [297752427] [2022-11-25 15:36:50,125 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 15:36:50,125 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-25 15:36:50,135 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:50,194 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-25 15:36:50,196 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:50,198 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2022-11-25 15:36:50,199 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:50,201 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-25 15:36:50,201 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-25 15:36:50,201 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [297752427] [2022-11-25 15:36:50,201 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [297752427] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-25 15:36:50,202 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-25 15:36:50,202 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-25 15:36:50,202 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [156002949] [2022-11-25 15:36:50,202 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-25 15:36:50,202 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-25 15:36:50,203 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-25 15:36:50,203 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-25 15:36:50,203 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-25 15:36:50,203 INFO L87 Difference]: Start difference. First operand 114 states and 140 transitions. Second operand has 3 states, 3 states have (on average 14.666666666666666) internal successors, (44), 3 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-25 15:36:50,244 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 15:36:50,244 INFO L93 Difference]: Finished difference Result 266 states and 331 transitions. [2022-11-25 15:36:50,245 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-25 15:36:50,245 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 14.666666666666666) internal successors, (44), 3 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 51 [2022-11-25 15:36:50,245 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 15:36:50,249 INFO L225 Difference]: With dead ends: 266 [2022-11-25 15:36:50,249 INFO L226 Difference]: Without dead ends: 160 [2022-11-25 15:36:50,249 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-25 15:36:50,254 INFO L413 NwaCegarLoop]: 89 mSDtfsCounter, 35 mSDsluCounter, 70 mSDsCounter, 0 mSdLazyCounter, 10 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 35 SdHoareTripleChecker+Valid, 159 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 10 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-25 15:36:50,254 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [35 Valid, 159 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 10 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-25 15:36:50,257 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 160 states. [2022-11-25 15:36:50,286 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 160 to 160. [2022-11-25 15:36:50,287 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 160 states, 127 states have (on average 1.2283464566929134) internal successors, (156), 135 states have internal predecessors, (156), 18 states have call successors, (18), 15 states have call predecessors, (18), 14 states have return successors, (20), 17 states have call predecessors, (20), 18 states have call successors, (20) [2022-11-25 15:36:50,289 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 160 states to 160 states and 194 transitions. [2022-11-25 15:36:50,290 INFO L78 Accepts]: Start accepts. Automaton has 160 states and 194 transitions. Word has length 51 [2022-11-25 15:36:50,290 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 15:36:50,293 INFO L495 AbstractCegarLoop]: Abstraction has 160 states and 194 transitions. [2022-11-25 15:36:50,293 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 14.666666666666666) internal successors, (44), 3 states have internal predecessors, (44), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-25 15:36:50,294 INFO L276 IsEmpty]: Start isEmpty. Operand 160 states and 194 transitions. [2022-11-25 15:36:50,298 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2022-11-25 15:36:50,299 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 15:36:50,299 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 15:36:50,299 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-11-25 15:36:50,299 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-25 15:36:50,300 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 15:36:50,300 INFO L85 PathProgramCache]: Analyzing trace with hash 159207591, now seen corresponding path program 1 times [2022-11-25 15:36:50,300 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-25 15:36:50,300 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1854133876] [2022-11-25 15:36:50,300 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 15:36:50,300 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-25 15:36:50,325 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:50,539 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-25 15:36:50,542 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:50,605 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-11-25 15:36:50,608 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:50,613 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 47 [2022-11-25 15:36:50,614 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:50,618 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-25 15:36:50,619 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-25 15:36:50,619 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1854133876] [2022-11-25 15:36:50,619 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1854133876] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-25 15:36:50,619 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-25 15:36:50,620 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-11-25 15:36:50,620 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [63839773] [2022-11-25 15:36:50,620 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-25 15:36:50,620 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-25 15:36:50,620 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-25 15:36:50,621 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-25 15:36:50,621 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2022-11-25 15:36:50,621 INFO L87 Difference]: Start difference. First operand 160 states and 194 transitions. Second operand has 8 states, 8 states have (on average 5.75) internal successors, (46), 7 states have internal predecessors, (46), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-25 15:36:51,035 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 15:36:51,036 INFO L93 Difference]: Finished difference Result 540 states and 679 transitions. [2022-11-25 15:36:51,036 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2022-11-25 15:36:51,036 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 5.75) internal successors, (46), 7 states have internal predecessors, (46), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 55 [2022-11-25 15:36:51,037 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 15:36:51,039 INFO L225 Difference]: With dead ends: 540 [2022-11-25 15:36:51,039 INFO L226 Difference]: Without dead ends: 434 [2022-11-25 15:36:51,040 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 22 GetRequests, 7 SyntacticMatches, 1 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 24 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=56, Invalid=184, Unknown=0, NotChecked=0, Total=240 [2022-11-25 15:36:51,041 INFO L413 NwaCegarLoop]: 116 mSDtfsCounter, 223 mSDsluCounter, 509 mSDsCounter, 0 mSdLazyCounter, 299 mSolverCounterSat, 50 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 232 SdHoareTripleChecker+Valid, 625 SdHoareTripleChecker+Invalid, 349 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 50 IncrementalHoareTripleChecker+Valid, 299 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-25 15:36:51,041 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [232 Valid, 625 Invalid, 349 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [50 Valid, 299 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-25 15:36:51,042 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 434 states. [2022-11-25 15:36:51,090 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 434 to 400. [2022-11-25 15:36:51,091 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 400 states, 319 states have (on average 1.2163009404388714) internal successors, (388), 341 states have internal predecessors, (388), 44 states have call successors, (44), 33 states have call predecessors, (44), 36 states have return successors, (54), 42 states have call predecessors, (54), 44 states have call successors, (54) [2022-11-25 15:36:51,093 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 400 states to 400 states and 486 transitions. [2022-11-25 15:36:51,093 INFO L78 Accepts]: Start accepts. Automaton has 400 states and 486 transitions. Word has length 55 [2022-11-25 15:36:51,094 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 15:36:51,094 INFO L495 AbstractCegarLoop]: Abstraction has 400 states and 486 transitions. [2022-11-25 15:36:51,094 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 5.75) internal successors, (46), 7 states have internal predecessors, (46), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-25 15:36:51,094 INFO L276 IsEmpty]: Start isEmpty. Operand 400 states and 486 transitions. [2022-11-25 15:36:51,095 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 88 [2022-11-25 15:36:51,096 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 15:36:51,096 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 15:36:51,096 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2022-11-25 15:36:51,096 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-25 15:36:51,097 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 15:36:51,097 INFO L85 PathProgramCache]: Analyzing trace with hash -2045084638, now seen corresponding path program 1 times [2022-11-25 15:36:51,097 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-25 15:36:51,097 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [648634494] [2022-11-25 15:36:51,098 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 15:36:51,098 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-25 15:36:51,127 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:51,294 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-25 15:36:51,295 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:51,309 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2022-11-25 15:36:51,313 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:51,351 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-25 15:36:51,352 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:51,354 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 61 [2022-11-25 15:36:51,355 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:51,368 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 72 [2022-11-25 15:36:51,369 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:51,371 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 79 [2022-11-25 15:36:51,372 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:51,374 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 18 proven. 7 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2022-11-25 15:36:51,374 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-25 15:36:51,374 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [648634494] [2022-11-25 15:36:51,374 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [648634494] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-25 15:36:51,375 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [382022646] [2022-11-25 15:36:51,375 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 15:36:51,375 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-25 15:36:51,375 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a006e1d6-e1a2-49d5-bb48-63139147b41b/bin/uautomizer-ZsLfNo2U6R/z3 [2022-11-25 15:36:51,379 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a006e1d6-e1a2-49d5-bb48-63139147b41b/bin/uautomizer-ZsLfNo2U6R/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-25 15:36:51,389 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a006e1d6-e1a2-49d5-bb48-63139147b41b/bin/uautomizer-ZsLfNo2U6R/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-25 15:36:51,512 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 15:36:51,515 INFO L263 TraceCheckSpWp]: Trace formula consists of 316 conjuncts, 8 conjunts are in the unsatisfiable core [2022-11-25 15:36:51,521 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 15:36:51,746 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 23 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-25 15:36:51,746 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-25 15:36:52,025 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 19 proven. 6 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2022-11-25 15:36:52,026 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [382022646] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-25 15:36:52,026 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-25 15:36:52,026 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2022-11-25 15:36:52,026 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1380487008] [2022-11-25 15:36:52,026 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-25 15:36:52,027 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2022-11-25 15:36:52,027 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-25 15:36:52,028 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2022-11-25 15:36:52,028 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=35, Invalid=175, Unknown=0, NotChecked=0, Total=210 [2022-11-25 15:36:52,028 INFO L87 Difference]: Start difference. First operand 400 states and 486 transitions. Second operand has 15 states, 15 states have (on average 7.2) internal successors, (108), 11 states have internal predecessors, (108), 5 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 5 states have call successors, (13) [2022-11-25 15:36:52,758 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 15:36:52,758 INFO L93 Difference]: Finished difference Result 641 states and 804 transitions. [2022-11-25 15:36:52,759 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2022-11-25 15:36:52,759 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 7.2) internal successors, (108), 11 states have internal predecessors, (108), 5 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 5 states have call successors, (13) Word has length 87 [2022-11-25 15:36:52,759 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 15:36:52,760 INFO L225 Difference]: With dead ends: 641 [2022-11-25 15:36:52,760 INFO L226 Difference]: Without dead ends: 0 [2022-11-25 15:36:52,762 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 219 GetRequests, 186 SyntacticMatches, 4 SemanticMatches, 29 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 166 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=176, Invalid=754, Unknown=0, NotChecked=0, Total=930 [2022-11-25 15:36:52,763 INFO L413 NwaCegarLoop]: 136 mSDtfsCounter, 267 mSDsluCounter, 822 mSDsCounter, 0 mSdLazyCounter, 564 mSolverCounterSat, 100 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 268 SdHoareTripleChecker+Valid, 958 SdHoareTripleChecker+Invalid, 664 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 100 IncrementalHoareTripleChecker+Valid, 564 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2022-11-25 15:36:52,764 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [268 Valid, 958 Invalid, 664 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [100 Valid, 564 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2022-11-25 15:36:52,764 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-25 15:36:52,765 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-25 15:36:52,765 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-25 15:36:52,765 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-25 15:36:52,765 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 87 [2022-11-25 15:36:52,766 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 15:36:52,766 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-25 15:36:52,766 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 7.2) internal successors, (108), 11 states have internal predecessors, (108), 5 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 5 states have call successors, (13) [2022-11-25 15:36:52,766 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-25 15:36:52,766 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-25 15:36:52,769 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-25 15:36:52,776 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a006e1d6-e1a2-49d5-bb48-63139147b41b/bin/uautomizer-ZsLfNo2U6R/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2022-11-25 15:36:52,975 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a006e1d6-e1a2-49d5-bb48-63139147b41b/bin/uautomizer-ZsLfNo2U6R/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-25 15:36:52,977 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-25 15:36:56,484 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 815 821) no Hoare annotation was computed. [2022-11-25 15:36:56,484 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 815 821) the Hoare annotation is: true [2022-11-25 15:36:56,485 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 647 658) the Hoare annotation is: true [2022-11-25 15:36:56,485 INFO L899 garLoopResultBuilder]: For program point L651-1(lines 647 658) no Hoare annotation was computed. [2022-11-25 15:36:56,485 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 647 658) no Hoare annotation was computed. [2022-11-25 15:36:56,485 INFO L899 garLoopResultBuilder]: For program point L704(lines 704 710) no Hoare annotation was computed. [2022-11-25 15:36:56,485 INFO L899 garLoopResultBuilder]: For program point L795(lines 795 801) no Hoare annotation was computed. [2022-11-25 15:36:56,485 INFO L899 garLoopResultBuilder]: For program point L795-2(lines 791 813) no Hoare annotation was computed. [2022-11-25 15:36:56,485 INFO L895 garLoopResultBuilder]: At program point L696(lines 691 699) the Hoare annotation is: (let ((.cse3 (= 0 ~systemActive~0))) (let ((.cse4 (= ~pumpRunning~0 0)) (.cse6 (not .cse3)) (.cse7 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse10 (not (< 1 |old(~waterLevel~0)|))) (.cse11 (not (<= |old(~waterLevel~0)| 2))) (.cse1 (<= 1 ~pumpRunning~0)) (.cse5 (= ~waterLevel~0 1)) (.cse2 (<= 1 ~switchedOnBeforeTS~0))) (and (or .cse0 (and .cse1 .cse2) .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (and .cse4 .cse5 .cse6) .cse7 (not (= |old(~waterLevel~0)| 1)) .cse3) (let ((.cse8 (= 2 |timeShift_getWaterLevel_#res#1|)) (.cse9 (= |old(~waterLevel~0)| ~waterLevel~0))) (or (and .cse4 .cse8 .cse9 .cse6) .cse7 .cse10 (and .cse1 .cse8 .cse9) .cse3 .cse11)) (or .cse0 .cse10 .cse3 .cse11 (and .cse1 .cse5 .cse2))))) [2022-11-25 15:36:56,486 INFO L895 garLoopResultBuilder]: At program point L853(lines 848 855) the Hoare annotation is: (let ((.cse1 (not (< 1 |old(~waterLevel~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 (and (<= 1 ~pumpRunning~0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse2 .cse3) (or .cse4 .cse1 .cse2 .cse3) (or .cse4 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse2))) [2022-11-25 15:36:56,486 INFO L899 garLoopResultBuilder]: For program point L85(lines 85 91) no Hoare annotation was computed. [2022-11-25 15:36:56,486 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 788 814) no Hoare annotation was computed. [2022-11-25 15:36:56,486 INFO L895 garLoopResultBuilder]: At program point L69(lines 62 71) the Hoare annotation is: (let ((.cse5 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse6 (not (< 1 |old(~waterLevel~0)|))) (.cse1 (and (<= 1 ~pumpRunning~0) .cse5 (<= 1 ~switchedOnBeforeTS~0))) (.cse7 (not (<= |old(~waterLevel~0)| 2))) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse4 (= ~pumpRunning~0 0)) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse3 (and .cse4 .cse5) .cse6 .cse2 .cse7) (or .cse0 .cse6 .cse1 .cse2 .cse7) (or .cse3 (not (= |old(~waterLevel~0)| 1)) (and .cse4 (= ~waterLevel~0 1)) .cse2)))) [2022-11-25 15:36:56,486 INFO L895 garLoopResultBuilder]: At program point L709(lines 700 713) the Hoare annotation is: (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse4 (not (< 1 |old(~waterLevel~0)|))) (.cse2 (= 0 ~systemActive~0)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and (= |timeShift_isHighWaterSensorDry_#res#1| 1) .cse1 (= ~waterLevel~0 1)) .cse2) (or .cse3 .cse4 .cse2 .cse5) (or .cse3 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 (and .cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse4 .cse2 .cse5))) [2022-11-25 15:36:56,486 INFO L895 garLoopResultBuilder]: At program point L837(line 837) the Hoare annotation is: (let ((.cse2 (= 0 ~systemActive~0))) (let ((.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse1 (not (< 1 |old(~waterLevel~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (= ~pumpRunning~0 0)) (.cse6 (= |timeShift_processEnvironment_~tmp~6#1| 0)) (.cse7 (not .cse2))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse4 .cse1 (and .cse5 .cse6 (= |old(~waterLevel~0)| ~waterLevel~0) .cse7) .cse2 .cse3) (or .cse4 (and .cse5 .cse6 (= ~waterLevel~0 1) .cse7) (not (= |old(~waterLevel~0)| 1)) .cse2)))) [2022-11-25 15:36:56,487 INFO L895 garLoopResultBuilder]: At program point L953(lines 938 956) the Hoare annotation is: (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse4 (not (< 1 |old(~waterLevel~0)|))) (.cse2 (= 0 ~systemActive~0)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 (= |timeShift_isHighWaterLevel_~tmp___0~2#1| 0) (= |timeShift_isHighWaterLevel_#res#1| 0) (= ~waterLevel~0 1)) .cse2) (or .cse3 .cse4 .cse2 .cse5) (or .cse3 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 (and .cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse4 .cse2 .cse5))) [2022-11-25 15:36:56,487 INFO L895 garLoopResultBuilder]: At program point L664(lines 659 667) the Hoare annotation is: (let ((.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse1 (not (< 1 |old(~waterLevel~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse4 (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse1 .cse2 .cse3) (or .cse4 (not (= |old(~waterLevel~0)| 1)) .cse2))) [2022-11-25 15:36:56,487 INFO L899 garLoopResultBuilder]: For program point L627(lines 627 631) no Hoare annotation was computed. [2022-11-25 15:36:56,487 INFO L895 garLoopResultBuilder]: At program point L82(line 82) the Hoare annotation is: (let ((.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (not (< 1 |old(~waterLevel~0)|))) (.cse6 (not (<= |old(~waterLevel~0)| 2))) (.cse1 (<= 1 ~pumpRunning~0)) (.cse2 (<= 1 ~switchedOnBeforeTS~0)) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse7 (= ~waterLevel~0 1)) (.cse3 (= 0 ~systemActive~0))) (and (or .cse0 (and .cse1 .cse2) .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse4 .cse5 .cse3 .cse6) (or .cse0 .cse5 .cse3 .cse6 (and .cse1 .cse7 .cse2)) (or .cse4 (not (= |old(~waterLevel~0)| 1)) (and (= ~pumpRunning~0 0) .cse7) .cse3))) [2022-11-25 15:36:56,487 INFO L895 garLoopResultBuilder]: At program point L627-2(lines 623 634) the Hoare annotation is: (let ((.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (not (< 1 |old(~waterLevel~0)|))) (.cse6 (not (<= |old(~waterLevel~0)| 2))) (.cse1 (<= 1 ~pumpRunning~0)) (.cse2 (<= 1 ~switchedOnBeforeTS~0)) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (= 0 ~systemActive~0))) (and (or .cse0 (and .cse1 .cse2) .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse4 .cse5 .cse3 .cse6) (or .cse0 .cse5 .cse3 .cse6 (and .cse1 (= ~waterLevel~0 1) .cse2)) (or .cse4 (not (= |old(~waterLevel~0)| 1)) .cse3))) [2022-11-25 15:36:56,487 INFO L899 garLoopResultBuilder]: For program point L82-1(line 82) no Hoare annotation was computed. [2022-11-25 15:36:56,487 INFO L895 garLoopResultBuilder]: At program point L842(line 842) the Hoare annotation is: (let ((.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (not (< 1 |old(~waterLevel~0)|))) (.cse6 (not (<= |old(~waterLevel~0)| 2))) (.cse1 (<= 1 ~pumpRunning~0)) (.cse2 (<= 1 ~switchedOnBeforeTS~0)) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (= 0 ~systemActive~0))) (and (or .cse0 (and .cse1 .cse2) .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse4 .cse5 .cse3 .cse6) (or .cse0 .cse5 .cse3 .cse6 (and .cse1 (= ~waterLevel~0 1) .cse2)) (or .cse4 (not (= |old(~waterLevel~0)| 1)) .cse3))) [2022-11-25 15:36:56,488 INFO L895 garLoopResultBuilder]: At program point L842-1(lines 823 847) the Hoare annotation is: (let ((.cse3 (= 0 ~systemActive~0))) (let ((.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (= ~waterLevel~0 1)) (.cse2 (<= 1 ~switchedOnBeforeTS~0)) (.cse7 (not (= |old(~pumpRunning~0)| 0))) (.cse8 (not (< 1 |old(~waterLevel~0)|))) (.cse4 (= ~pumpRunning~0 0)) (.cse6 (not .cse3)) (.cse1 (<= 1 ~pumpRunning~0)) (.cse9 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 (and .cse1 .cse2) .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (and .cse4 .cse5 .cse6) .cse7 (not (= |old(~waterLevel~0)| 1)) .cse3) (or .cse0 .cse8 .cse3 .cse9 (and .cse1 .cse5 .cse2)) (let ((.cse10 (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse7 .cse8 (and .cse4 .cse10 .cse6) (and .cse1 .cse10) .cse3 .cse9))))) [2022-11-25 15:36:56,488 INFO L899 garLoopResultBuilder]: For program point L211(line 211) no Hoare annotation was computed. [2022-11-25 15:36:56,488 INFO L895 garLoopResultBuilder]: At program point L67(line 67) the Hoare annotation is: (let ((.cse1 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse8 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse0 (= ~pumpRunning~0 0)) (.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (not (< 1 |old(~waterLevel~0)|))) (.cse6 (not (<= |old(~waterLevel~0)| 2))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (= 0 ~systemActive~0)) (.cse7 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse1 .cse8))) (and (or (and .cse0 .cse1 (= ~waterLevel~0 1)) .cse2 (not (= |old(~waterLevel~0)| 1)) .cse3) (or .cse4 .cse5 .cse3 .cse6 .cse7) (or (and .cse0 .cse1 .cse8) .cse2 .cse5 .cse3 .cse6) (or .cse4 .cse3 .cse7 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-11-25 15:36:56,488 INFO L899 garLoopResultBuilder]: For program point L67-1(line 67) no Hoare annotation was computed. [2022-11-25 15:36:56,488 INFO L899 garLoopResultBuilder]: For program point L802-1(lines 802 808) no Hoare annotation was computed. [2022-11-25 15:36:56,488 INFO L899 garLoopResultBuilder]: For program point L864(lines 864 870) no Hoare annotation was computed. [2022-11-25 15:36:56,488 INFO L899 garLoopResultBuilder]: For program point L831(lines 831 839) no Hoare annotation was computed. [2022-11-25 15:36:56,488 INFO L895 garLoopResultBuilder]: At program point L864-2(lines 857 873) the Hoare annotation is: (let ((.cse1 (not (< 1 |old(~waterLevel~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 .cse3) (let ((.cse5 (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse4 (and (= ~pumpRunning~0 0) .cse5) .cse1 (and (<= 1 ~pumpRunning~0) .cse5) .cse2 .cse3)) (or .cse0 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse4 (not (= |old(~waterLevel~0)| 1)) .cse2))) [2022-11-25 15:36:56,489 INFO L899 garLoopResultBuilder]: For program point L827(lines 827 844) no Hoare annotation was computed. [2022-11-25 15:36:56,489 INFO L895 garLoopResultBuilder]: At program point L889(lines 882 892) the Hoare annotation is: (let ((.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse1 (not (< 1 |old(~waterLevel~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse4 (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse1 .cse2 .cse3) (or .cse4 (not (= |old(~waterLevel~0)| 1)) .cse2))) [2022-11-25 15:36:56,489 INFO L899 garLoopResultBuilder]: For program point L84(lines 84 94) no Hoare annotation was computed. [2022-11-25 15:36:56,489 INFO L895 garLoopResultBuilder]: At program point L212(lines 207 214) the Hoare annotation is: (let ((.cse1 (not (< 1 |old(~waterLevel~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse1 .cse2 .cse3) (or .cse0 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse4 (not (= |old(~waterLevel~0)| 1)) .cse2))) [2022-11-25 15:36:56,489 INFO L899 garLoopResultBuilder]: For program point L947(lines 947 951) no Hoare annotation was computed. [2022-11-25 15:36:56,489 INFO L899 garLoopResultBuilder]: For program point L947-2(lines 947 951) no Hoare annotation was computed. [2022-11-25 15:36:56,489 INFO L899 garLoopResultBuilder]: For program point L80(lines 80 97) no Hoare annotation was computed. [2022-11-25 15:36:56,489 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 788 814) the Hoare annotation is: (let ((.cse1 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse8 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse0 (= ~pumpRunning~0 0)) (.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (not (< 1 |old(~waterLevel~0)|))) (.cse6 (not (<= |old(~waterLevel~0)| 2))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (= 0 ~systemActive~0)) (.cse7 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse1 .cse8))) (and (or (and .cse0 .cse1 (= ~waterLevel~0 1)) .cse2 (not (= |old(~waterLevel~0)| 1)) .cse3) (or .cse4 .cse5 .cse3 .cse6 .cse7) (or (and .cse0 .cse1 .cse8) .cse2 .cse5 .cse3 .cse6) (or .cse4 .cse3 .cse7 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-11-25 15:36:56,490 INFO L895 garLoopResultBuilder]: At program point L80-1(lines 72 100) the Hoare annotation is: (let ((.cse0 (not (<= 1 |old(~pumpRunning~0)|))) (.cse2 (<= 1 ~switchedOnBeforeTS~0)) (.cse4 (not (< 1 |old(~waterLevel~0)|))) (.cse1 (<= 1 ~pumpRunning~0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse11 (not (= |old(~pumpRunning~0)| 0))) (.cse7 (= ~pumpRunning~0 0)) (.cse6 (= ~waterLevel~0 1)) (.cse3 (= 0 ~systemActive~0))) (and (or .cse0 (and .cse1 .cse2) .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 .cse4 .cse3 .cse5 (and .cse1 .cse6 .cse2)) (let ((.cse8 (= 2 |timeShift_getWaterLevel_#res#1|)) (.cse9 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse10 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| 2))) (or (and .cse7 .cse8 .cse9 .cse10) .cse11 .cse4 (and .cse1 .cse8 .cse9 .cse10) .cse3 .cse5)) (or .cse11 (not (= |old(~waterLevel~0)| 1)) (and .cse7 .cse6) .cse3))) [2022-11-25 15:36:56,492 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 788 814) no Hoare annotation was computed. [2022-11-25 15:36:56,492 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 211) no Hoare annotation was computed. [2022-11-25 15:36:56,492 INFO L902 garLoopResultBuilder]: At program point L129(lines 104 133) the Hoare annotation is: true [2022-11-25 15:36:56,493 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 104 133) no Hoare annotation was computed. [2022-11-25 15:36:56,493 INFO L899 garLoopResultBuilder]: For program point L125(line 125) no Hoare annotation was computed. [2022-11-25 15:36:56,493 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 104 133) the Hoare annotation is: true [2022-11-25 15:36:56,493 INFO L899 garLoopResultBuilder]: For program point L118(lines 118 122) no Hoare annotation was computed. [2022-11-25 15:36:56,493 INFO L902 garLoopResultBuilder]: At program point L118-1(lines 118 122) the Hoare annotation is: true [2022-11-25 15:36:56,494 INFO L899 garLoopResultBuilder]: For program point L115(line 115) no Hoare annotation was computed. [2022-11-25 15:36:56,494 INFO L902 garLoopResultBuilder]: At program point L114-2(lines 114 128) the Hoare annotation is: true [2022-11-25 15:36:56,494 INFO L902 garLoopResultBuilder]: At program point L110(line 110) the Hoare annotation is: true [2022-11-25 15:36:56,494 INFO L899 garLoopResultBuilder]: For program point L110-1(line 110) no Hoare annotation was computed. [2022-11-25 15:36:56,495 INFO L895 garLoopResultBuilder]: At program point L246(lines 241 249) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_valid_product_#res#1| 1) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-11-25 15:36:56,495 INFO L895 garLoopResultBuilder]: At program point L238(lines 234 240) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-11-25 15:36:56,495 INFO L899 garLoopResultBuilder]: For program point L746(lines 746 752) no Hoare annotation was computed. [2022-11-25 15:36:56,495 INFO L899 garLoopResultBuilder]: For program point L746-1(lines 746 752) no Hoare annotation was computed. [2022-11-25 15:36:56,495 INFO L895 garLoopResultBuilder]: At program point L771(lines 726 773) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse7 (<= 1 ~pumpRunning~0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (< 1 ~waterLevel~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (<= ~waterLevel~0 2)) (.cse5 (= |ULTIMATE.start_main_~tmp~1#1| 1)) (.cse6 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (and .cse0 .cse1 .cse3 .cse5 (= ~waterLevel~0 1) .cse6) (and .cse7 .cse1 .cse3 .cse5 (<= 1 ~switchedOnBeforeTS~0) .cse6) (and .cse7 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6))) [2022-11-25 15:36:56,496 INFO L895 garLoopResultBuilder]: At program point L738(line 738) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse7 (<= 1 ~pumpRunning~0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (< 1 ~waterLevel~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (<= ~waterLevel~0 2)) (.cse5 (= |ULTIMATE.start_main_~tmp~1#1| 1)) (.cse6 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (and .cse0 .cse1 .cse3 .cse5 (= ~waterLevel~0 1) .cse6) (and .cse7 .cse1 .cse3 .cse5 (<= 1 ~switchedOnBeforeTS~0) .cse6) (and .cse7 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6))) [2022-11-25 15:36:56,496 INFO L899 garLoopResultBuilder]: For program point L193(lines 193 200) no Hoare annotation was computed. [2022-11-25 15:36:56,496 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-11-25 15:36:56,496 INFO L899 garLoopResultBuilder]: For program point L193-2(lines 193 200) no Hoare annotation was computed. [2022-11-25 15:36:56,496 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-11-25 15:36:56,496 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-11-25 15:36:56,496 INFO L902 garLoopResultBuilder]: At program point L177(lines 169 179) the Hoare annotation is: true [2022-11-25 15:36:56,497 INFO L902 garLoopResultBuilder]: At program point L202(lines 183 205) the Hoare annotation is: true [2022-11-25 15:36:56,497 INFO L895 garLoopResultBuilder]: At program point L231(lines 227 233) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-11-25 15:36:56,497 INFO L895 garLoopResultBuilder]: At program point L165(lines 161 167) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_valid_product_#res#1| 1) (= |ULTIMATE.start_main_~tmp~1#1| 1) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-11-25 15:36:56,497 INFO L895 garLoopResultBuilder]: At program point L962(lines 957 964) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse7 (<= 1 ~pumpRunning~0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (< 1 ~waterLevel~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (<= ~waterLevel~0 2)) (.cse5 (= |ULTIMATE.start_main_~tmp~1#1| 1)) (.cse6 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (and .cse0 .cse1 .cse3 .cse5 (= ~waterLevel~0 1) .cse6) (and .cse7 .cse1 .cse3 .cse5 (<= 1 ~switchedOnBeforeTS~0) .cse6) (and .cse7 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6))) [2022-11-25 15:36:56,497 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-25 15:36:56,497 INFO L899 garLoopResultBuilder]: For program point L764(lines 764 768) no Hoare annotation was computed. [2022-11-25 15:36:56,498 INFO L895 garLoopResultBuilder]: At program point L764-2(lines 756 769) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse7 (<= 1 ~pumpRunning~0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (< 1 ~waterLevel~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (<= ~waterLevel~0 2)) (.cse5 (= |ULTIMATE.start_main_~tmp~1#1| 1)) (.cse6 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (and .cse0 .cse1 .cse3 .cse5 (= ~waterLevel~0 1) .cse6) (and .cse7 .cse1 .cse3 .cse5 (<= 1 ~switchedOnBeforeTS~0) .cse6) (and .cse7 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6))) [2022-11-25 15:36:56,498 INFO L899 garLoopResultBuilder]: For program point L727(lines 726 773) no Hoare annotation was computed. [2022-11-25 15:36:56,498 INFO L899 garLoopResultBuilder]: For program point L756(lines 756 769) no Hoare annotation was computed. [2022-11-25 15:36:56,499 INFO L895 garLoopResultBuilder]: At program point L748(line 748) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse7 (<= 1 ~pumpRunning~0)) (.cse1 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse2 (< 1 ~waterLevel~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (<= ~waterLevel~0 2)) (.cse5 (= |ULTIMATE.start_main_~tmp~1#1| 1)) (.cse6 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (and .cse0 .cse1 .cse3 .cse5 (= ~waterLevel~0 1) .cse6) (and .cse7 .cse1 .cse3 .cse5 (<= 1 ~switchedOnBeforeTS~0) .cse6) (and .cse7 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6))) [2022-11-25 15:36:56,499 INFO L902 garLoopResultBuilder]: At program point L777(lines 716 781) the Hoare annotation is: true [2022-11-25 15:36:56,499 INFO L899 garLoopResultBuilder]: For program point L736(lines 736 742) no Hoare annotation was computed. [2022-11-25 15:36:56,499 INFO L899 garLoopResultBuilder]: For program point L736-1(lines 736 742) no Hoare annotation was computed. [2022-11-25 15:36:56,499 INFO L895 garLoopResultBuilder]: At program point L59(lines 54 61) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_valid_product_#res#1| 1) (= |ULTIMATE.start_main_~tmp~1#1| 1) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-11-25 15:36:56,499 INFO L899 garLoopResultBuilder]: For program point L728(lines 728 732) no Hoare annotation was computed. [2022-11-25 15:36:56,500 INFO L895 garLoopResultBuilder]: At program point L774(lines 725 775) the Hoare annotation is: false [2022-11-25 15:36:56,501 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 635 646) no Hoare annotation was computed. [2022-11-25 15:36:56,501 INFO L899 garLoopResultBuilder]: For program point L639-1(lines 635 646) no Hoare annotation was computed. [2022-11-25 15:36:56,502 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 635 646) the Hoare annotation is: (let ((.cse4 (not (< 1 |old(~waterLevel~0)|))) (.cse0 (not (<= 1 ~pumpRunning~0))) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse3 (not (= ~pumpRunning~0 0))) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 (not (<= 1 ~switchedOnBeforeTS~0))) (or .cse3 .cse4 .cse1 .cse2 .cse5) (or .cse4 .cse0 .cse1 .cse2 .cse5) (or .cse3 (not (= |old(~waterLevel~0)| 1)) .cse2 (= ~waterLevel~0 1)))) [2022-11-25 15:36:56,502 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 893 901) no Hoare annotation was computed. [2022-11-25 15:36:56,502 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 893 901) the Hoare annotation is: true [2022-11-25 15:36:56,502 INFO L899 garLoopResultBuilder]: For program point isPumpRunningFINAL(lines 893 901) no Hoare annotation was computed. [2022-11-25 15:36:56,505 INFO L445 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 15:36:56,507 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-25 15:36:56,552 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 25.11 03:36:56 BoogieIcfgContainer [2022-11-25 15:36:56,558 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-25 15:36:56,559 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-25 15:36:56,559 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-25 15:36:56,559 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-25 15:36:56,560 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 25.11 03:36:47" (3/4) ... [2022-11-25 15:36:56,565 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-25 15:36:56,572 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-25 15:36:56,572 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-25 15:36:56,573 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-25 15:36:56,573 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-25 15:36:56,573 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-25 15:36:56,574 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-11-25 15:36:56,588 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 23 nodes and edges [2022-11-25 15:36:56,588 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 8 nodes and edges [2022-11-25 15:36:56,589 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 4 nodes and edges [2022-11-25 15:36:56,589 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-25 15:36:56,590 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-25 15:36:56,617 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((pumpRunning == 0 && \result == 1) && waterLevel == 1) && !(0 == systemActive) [2022-11-25 15:36:56,617 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((pumpRunning == 0 && \result == 1) && tmp == 1) && waterLevel == 1) && !(0 == systemActive) [2022-11-25 15:36:56,618 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((pumpRunning == 0 && \result == 1) && tmp == 1) && waterLevel == 1) && !(0 == systemActive) [2022-11-25 15:36:56,618 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((pumpRunning == 0 && \result == 1) && 1 < waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && !(0 == systemActive)) || (((((pumpRunning == 0 && \result == 1) && splverifierCounter == 0) && tmp == 1) && waterLevel == 1) && !(0 == systemActive))) || (((((1 <= pumpRunning && \result == 1) && splverifierCounter == 0) && tmp == 1) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || ((((((1 <= pumpRunning && \result == 1) && 1 < waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && !(0 == systemActive)) [2022-11-25 15:36:56,620 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 <= \old(pumpRunning)) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || 0 == systemActive) [2022-11-25 15:36:56,621 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 <= \old(pumpRunning)) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && (((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) [2022-11-25 15:36:56,621 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((pumpRunning == 0 && \result == 1) && 1 < waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && !(0 == systemActive)) || (((((pumpRunning == 0 && \result == 1) && splverifierCounter == 0) && tmp == 1) && waterLevel == 1) && !(0 == systemActive))) || (((((1 <= pumpRunning && \result == 1) && splverifierCounter == 0) && tmp == 1) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || ((((((1 <= pumpRunning && \result == 1) && 1 < waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && !(0 == systemActive)) [2022-11-25 15:36:56,622 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 <= \old(pumpRunning)) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && ((((((((pumpRunning == 0 && 2 == \result) && \old(waterLevel) == waterLevel) && tmp == 2) || !(\old(pumpRunning) == 0)) || !(1 < \old(waterLevel))) || (((1 <= pumpRunning && 2 == \result) && \old(waterLevel) == waterLevel) && tmp == 2)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || 0 == systemActive) [2022-11-25 15:36:56,622 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 <= \old(pumpRunning)) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && (((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || 0 == systemActive)) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && (((((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && !(0 == systemActive))) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) [2022-11-25 15:36:56,623 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) [2022-11-25 15:36:56,623 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 <= \old(pumpRunning)) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && (((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || 0 == systemActive)) && ((((((((pumpRunning == 0 && 2 == \result) && \old(waterLevel) == waterLevel) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(1 < \old(waterLevel))) || ((1 <= pumpRunning && 2 == \result) && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS)) [2022-11-25 15:36:56,624 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((\result == 1 && pumpRunning == 0) && waterLevel == 1)) || 0 == systemActive) && (((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) [2022-11-25 15:36:56,624 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (((pumpRunning == 0 && tmp___0 == 0) && \result == 0) && waterLevel == 1)) || 0 == systemActive) && (((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) [2022-11-25 15:36:56,624 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) [2022-11-25 15:36:56,625 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) [2022-11-25 15:36:56,625 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) [2022-11-25 15:36:56,625 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) [2022-11-25 15:36:56,662 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a006e1d6-e1a2-49d5-bb48-63139147b41b/bin/uautomizer-ZsLfNo2U6R/witness.graphml [2022-11-25 15:36:56,662 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-25 15:36:56,663 INFO L158 Benchmark]: Toolchain (without parser) took 9910.10ms. Allocated memory was 153.1MB in the beginning and 264.2MB in the end (delta: 111.1MB). Free memory was 111.6MB in the beginning and 164.8MB in the end (delta: -53.2MB). Peak memory consumption was 60.8MB. Max. memory is 16.1GB. [2022-11-25 15:36:56,663 INFO L158 Benchmark]: CDTParser took 0.26ms. Allocated memory is still 153.1MB. Free memory was 96.7MB in the beginning and 96.6MB in the end (delta: 159.4kB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-25 15:36:56,664 INFO L158 Benchmark]: CACSL2BoogieTranslator took 462.78ms. Allocated memory is still 153.1MB. Free memory was 111.4MB in the beginning and 92.8MB in the end (delta: 18.6MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2022-11-25 15:36:56,664 INFO L158 Benchmark]: Boogie Procedure Inliner took 73.69ms. Allocated memory is still 153.1MB. Free memory was 92.5MB in the beginning and 90.4MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-25 15:36:56,664 INFO L158 Benchmark]: Boogie Preprocessor took 32.79ms. Allocated memory is still 153.1MB. Free memory was 90.4MB in the beginning and 88.6MB in the end (delta: 1.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-25 15:36:56,665 INFO L158 Benchmark]: RCFGBuilder took 618.21ms. Allocated memory is still 153.1MB. Free memory was 88.6MB in the beginning and 72.4MB in the end (delta: 16.2MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2022-11-25 15:36:56,666 INFO L158 Benchmark]: TraceAbstraction took 8608.96ms. Allocated memory was 153.1MB in the beginning and 264.2MB in the end (delta: 111.1MB). Free memory was 71.8MB in the beginning and 171.1MB in the end (delta: -99.3MB). Peak memory consumption was 97.0MB. Max. memory is 16.1GB. [2022-11-25 15:36:56,667 INFO L158 Benchmark]: Witness Printer took 103.28ms. Allocated memory is still 264.2MB. Free memory was 171.1MB in the beginning and 164.8MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-25 15:36:56,669 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.26ms. Allocated memory is still 153.1MB. Free memory was 96.7MB in the beginning and 96.6MB in the end (delta: 159.4kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 462.78ms. Allocated memory is still 153.1MB. Free memory was 111.4MB in the beginning and 92.8MB in the end (delta: 18.6MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 73.69ms. Allocated memory is still 153.1MB. Free memory was 92.5MB in the beginning and 90.4MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 32.79ms. Allocated memory is still 153.1MB. Free memory was 90.4MB in the beginning and 88.6MB in the end (delta: 1.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 618.21ms. Allocated memory is still 153.1MB. Free memory was 88.6MB in the beginning and 72.4MB in the end (delta: 16.2MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * TraceAbstraction took 8608.96ms. Allocated memory was 153.1MB in the beginning and 264.2MB in the end (delta: 111.1MB). Free memory was 71.8MB in the beginning and 171.1MB in the end (delta: -99.3MB). Peak memory consumption was 97.0MB. Max. memory is 16.1GB. * Witness Printer took 103.28ms. Allocated memory is still 264.2MB. Free memory was 171.1MB in the beginning and 164.8MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 211]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 85 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 8.5s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 1.9s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 3.5s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 811 SdHoareTripleChecker+Valid, 0.9s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 795 mSDsluCounter, 3348 SdHoareTripleChecker+Invalid, 0.7s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2368 mSDsCounter, 177 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 962 IncrementalHoareTripleChecker+Invalid, 1139 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 177 mSolverCounterUnsat, 980 mSDtfsCounter, 962 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 318 GetRequests, 247 SyntacticMatches, 5 SemanticMatches, 66 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 193 ImplicationChecksByTransitivity, 0.6s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=400occurred in iteration=9, InterpolantAutomatonStates: 70, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 10 MinimizatonAttempts, 77 StatesRemovedByMinimization, 5 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 40 LocationsWithAnnotation, 685 PreInvPairs, 800 NumberOfFragments, 1975 HoareAnnotationTreeSize, 685 FomulaSimplifications, 493 FormulaSimplificationTreeSizeReduction, 0.3s HoareSimplificationTime, 40 FomulaSimplificationsInter, 3520 FormulaSimplificationTreeSizeReductionInter, 3.2s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 2.0s InterpolantComputationTime, 577 NumberOfCodeBlocks, 577 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 652 ConstructedInterpolants, 0 QuantifiedInterpolants, 1381 SizeOfPredicates, 3 NumberOfNonLiveVariables, 316 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 97/117 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 857]: Loop Invariant Derived loop invariant: (((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) - InvariantResult [Line: 54]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && \result == 1) && tmp == 1) && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 114]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 823]: Loop Invariant Derived loop invariant: (((((!(1 <= \old(pumpRunning)) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && (((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || 0 == systemActive)) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && (((((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && !(0 == systemActive))) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 161]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && \result == 1) && tmp == 1) && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 227]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 104]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 183]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 62]: Loop Invariant Derived loop invariant: (((((!(1 <= \old(pumpRunning)) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || 0 == systemActive) - InvariantResult [Line: 725]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 169]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 659]: Loop Invariant Derived loop invariant: (((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) - InvariantResult [Line: 848]: Loop Invariant Derived loop invariant: ((((((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) - InvariantResult [Line: 691]: Loop Invariant Derived loop invariant: (((((!(1 <= \old(pumpRunning)) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && (((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || 0 == systemActive)) && ((((((((pumpRunning == 0 && 2 == \result) && \old(waterLevel) == waterLevel) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(1 < \old(waterLevel))) || ((1 <= pumpRunning && 2 == \result) && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS)) - InvariantResult [Line: 72]: Loop Invariant Derived loop invariant: (((((!(1 <= \old(pumpRunning)) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && ((((((((pumpRunning == 0 && 2 == \result) && \old(waterLevel) == waterLevel) && tmp == 2) || !(\old(pumpRunning) == 0)) || !(1 < \old(waterLevel))) || (((1 <= pumpRunning && 2 == \result) && \old(waterLevel) == waterLevel) && tmp == 2)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || 0 == systemActive) - InvariantResult [Line: 716]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 882]: Loop Invariant Derived loop invariant: (((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) - InvariantResult [Line: 957]: Loop Invariant Derived loop invariant: ((((((((pumpRunning == 0 && \result == 1) && 1 < waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && !(0 == systemActive)) || (((((pumpRunning == 0 && \result == 1) && splverifierCounter == 0) && tmp == 1) && waterLevel == 1) && !(0 == systemActive))) || (((((1 <= pumpRunning && \result == 1) && splverifierCounter == 0) && tmp == 1) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || ((((((1 <= pumpRunning && \result == 1) && 1 < waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && !(0 == systemActive)) - InvariantResult [Line: 234]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 700]: Loop Invariant Derived loop invariant: (((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((\result == 1 && pumpRunning == 0) && waterLevel == 1)) || 0 == systemActive) && (((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 241]: Loop Invariant Derived loop invariant: ((pumpRunning == 0 && \result == 1) && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 726]: Loop Invariant Derived loop invariant: ((((((((pumpRunning == 0 && \result == 1) && 1 < waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && !(0 == systemActive)) || (((((pumpRunning == 0 && \result == 1) && splverifierCounter == 0) && tmp == 1) && waterLevel == 1) && !(0 == systemActive))) || (((((1 <= pumpRunning && \result == 1) && splverifierCounter == 0) && tmp == 1) && 1 <= switchedOnBeforeTS) && !(0 == systemActive))) || ((((((1 <= pumpRunning && \result == 1) && 1 < waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && !(0 == systemActive)) - InvariantResult [Line: 623]: Loop Invariant Derived loop invariant: (((((!(1 <= \old(pumpRunning)) || (1 <= pumpRunning && 1 <= switchedOnBeforeTS)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS))) && (((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) - InvariantResult [Line: 207]: Loop Invariant Derived loop invariant: (((((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((!(\old(pumpRunning) == 0) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) - InvariantResult [Line: 938]: Loop Invariant Derived loop invariant: (((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (((pumpRunning == 0 && tmp___0 == 0) && \result == 0) && waterLevel == 1)) || 0 == systemActive) && (((!(1 <= \old(pumpRunning)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((!(1 <= \old(pumpRunning)) || 0 == systemActive) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 < \old(waterLevel))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) RESULT: Ultimate proved your program to be correct! [2022-11-25 15:36:56,702 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a006e1d6-e1a2-49d5-bb48-63139147b41b/bin/uautomizer-ZsLfNo2U6R/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE