./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product50.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 38b53e6a Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/bin/uautomizer-ZsLfNo2U6R/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/bin/uautomizer-ZsLfNo2U6R/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/bin/uautomizer-ZsLfNo2U6R/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/bin/uautomizer-ZsLfNo2U6R/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product50.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/bin/uautomizer-ZsLfNo2U6R/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/bin/uautomizer-ZsLfNo2U6R --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 9cfe95aaca007f6467395901a9efc89e5ad27f0fc32ae7ae8a1fe4e27a1f35c1 --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-38b53e6 [2022-11-25 18:35:08,423 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-25 18:35:08,426 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-25 18:35:08,451 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-25 18:35:08,451 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-25 18:35:08,453 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-25 18:35:08,454 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-25 18:35:08,457 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-25 18:35:08,459 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-25 18:35:08,460 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-25 18:35:08,462 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-25 18:35:08,463 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-25 18:35:08,464 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-25 18:35:08,465 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-25 18:35:08,467 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-25 18:35:08,468 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-25 18:35:08,469 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-25 18:35:08,471 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-25 18:35:08,473 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-25 18:35:08,475 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-25 18:35:08,477 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-25 18:35:08,479 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-25 18:35:08,481 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-25 18:35:08,482 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-25 18:35:08,487 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-25 18:35:08,488 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-25 18:35:08,488 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-25 18:35:08,490 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-25 18:35:08,490 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-25 18:35:08,492 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-25 18:35:08,493 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-25 18:35:08,494 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-25 18:35:08,495 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-25 18:35:08,496 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-25 18:35:08,497 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-25 18:35:08,498 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-25 18:35:08,499 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-25 18:35:08,499 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-25 18:35:08,500 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-25 18:35:08,501 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-25 18:35:08,502 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-25 18:35:08,503 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/bin/uautomizer-ZsLfNo2U6R/config/svcomp-Reach-32bit-Automizer_Default.epf [2022-11-25 18:35:08,533 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-25 18:35:08,533 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-25 18:35:08,534 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-25 18:35:08,534 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-25 18:35:08,535 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-25 18:35:08,536 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-25 18:35:08,537 INFO L136 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2022-11-25 18:35:08,537 INFO L138 SettingsManager]: * Create parallel compositions if possible=false [2022-11-25 18:35:08,538 INFO L138 SettingsManager]: * Use SBE=true [2022-11-25 18:35:08,538 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-25 18:35:08,539 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-25 18:35:08,539 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-25 18:35:08,540 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-25 18:35:08,540 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-25 18:35:08,540 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-25 18:35:08,541 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-25 18:35:08,541 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-25 18:35:08,542 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-25 18:35:08,542 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-25 18:35:08,542 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-25 18:35:08,543 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-25 18:35:08,543 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-25 18:35:08,544 INFO L138 SettingsManager]: * Size of a code block=SequenceOfStatements [2022-11-25 18:35:08,544 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-25 18:35:08,545 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-25 18:35:08,545 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-25 18:35:08,545 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-25 18:35:08,546 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-25 18:35:08,546 INFO L138 SettingsManager]: * Trace refinement strategy=CAMEL [2022-11-25 18:35:08,547 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-25 18:35:08,547 INFO L138 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2022-11-25 18:35:08,548 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-25 18:35:08,548 INFO L138 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2022-11-25 18:35:08,548 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2022-11-25 18:35:08,549 INFO L138 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/bin/uautomizer-ZsLfNo2U6R/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/bin/uautomizer-ZsLfNo2U6R Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 9cfe95aaca007f6467395901a9efc89e5ad27f0fc32ae7ae8a1fe4e27a1f35c1 [2022-11-25 18:35:08,872 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-25 18:35:08,913 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-25 18:35:08,916 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-25 18:35:08,918 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-25 18:35:08,918 INFO L275 PluginConnector]: CDTParser initialized [2022-11-25 18:35:08,920 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/bin/uautomizer-ZsLfNo2U6R/../../sv-benchmarks/c/product-lines/minepump_spec5_product50.cil.c [2022-11-25 18:35:12,292 INFO L500 CDTParser]: Created temporary CDT project at NULL [2022-11-25 18:35:12,566 INFO L351 CDTParser]: Found 1 translation units. [2022-11-25 18:35:12,567 INFO L172 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/sv-benchmarks/c/product-lines/minepump_spec5_product50.cil.c [2022-11-25 18:35:12,581 INFO L394 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/bin/uautomizer-ZsLfNo2U6R/data/e3a100b6b/912a4d04c68f4473b8a265131b3ced7b/FLAG5f979499b [2022-11-25 18:35:12,600 INFO L402 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/bin/uautomizer-ZsLfNo2U6R/data/e3a100b6b/912a4d04c68f4473b8a265131b3ced7b [2022-11-25 18:35:12,603 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-25 18:35:12,605 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-25 18:35:12,607 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-25 18:35:12,607 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-25 18:35:12,612 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-25 18:35:12,613 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 25.11 06:35:12" (1/1) ... [2022-11-25 18:35:12,614 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@32734764 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 06:35:12, skipping insertion in model container [2022-11-25 18:35:12,615 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 25.11 06:35:12" (1/1) ... [2022-11-25 18:35:12,624 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-25 18:35:12,677 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-25 18:35:12,860 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/sv-benchmarks/c/product-lines/minepump_spec5_product50.cil.c[1605,1618] [2022-11-25 18:35:12,992 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-25 18:35:13,004 INFO L203 MainTranslator]: Completed pre-run [2022-11-25 18:35:13,021 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/sv-benchmarks/c/product-lines/minepump_spec5_product50.cil.c[1605,1618] [2022-11-25 18:35:13,086 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-25 18:35:13,107 INFO L208 MainTranslator]: Completed translation [2022-11-25 18:35:13,108 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 06:35:13 WrapperNode [2022-11-25 18:35:13,108 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-25 18:35:13,110 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-25 18:35:13,110 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-25 18:35:13,110 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-25 18:35:13,119 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 06:35:13" (1/1) ... [2022-11-25 18:35:13,133 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 06:35:13" (1/1) ... [2022-11-25 18:35:13,176 INFO L138 Inliner]: procedures = 58, calls = 102, calls flagged for inlining = 26, calls inlined = 22, statements flattened = 209 [2022-11-25 18:35:13,177 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-25 18:35:13,177 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-25 18:35:13,178 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-25 18:35:13,178 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-25 18:35:13,193 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 06:35:13" (1/1) ... [2022-11-25 18:35:13,193 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 06:35:13" (1/1) ... [2022-11-25 18:35:13,196 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 06:35:13" (1/1) ... [2022-11-25 18:35:13,196 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 06:35:13" (1/1) ... [2022-11-25 18:35:13,201 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 06:35:13" (1/1) ... [2022-11-25 18:35:13,206 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 06:35:13" (1/1) ... [2022-11-25 18:35:13,208 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 06:35:13" (1/1) ... [2022-11-25 18:35:13,209 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 06:35:13" (1/1) ... [2022-11-25 18:35:13,230 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-25 18:35:13,231 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-25 18:35:13,232 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-25 18:35:13,232 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-25 18:35:13,233 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 06:35:13" (1/1) ... [2022-11-25 18:35:13,240 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-25 18:35:13,254 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/bin/uautomizer-ZsLfNo2U6R/z3 [2022-11-25 18:35:13,292 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/bin/uautomizer-ZsLfNo2U6R/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-25 18:35:13,329 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/bin/uautomizer-ZsLfNo2U6R/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-25 18:35:13,357 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-25 18:35:13,357 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-25 18:35:13,358 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-25 18:35:13,358 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-25 18:35:13,358 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-25 18:35:13,358 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-25 18:35:13,360 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-25 18:35:13,361 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-25 18:35:13,361 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-25 18:35:13,361 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-25 18:35:13,362 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-25 18:35:13,362 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-11-25 18:35:13,363 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-11-25 18:35:13,363 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-25 18:35:13,363 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-25 18:35:13,364 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-25 18:35:13,364 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-25 18:35:13,365 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-25 18:35:13,479 INFO L235 CfgBuilder]: Building ICFG [2022-11-25 18:35:13,482 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-25 18:35:13,868 INFO L276 CfgBuilder]: Performing block encoding [2022-11-25 18:35:13,892 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-25 18:35:13,893 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-25 18:35:13,895 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 25.11 06:35:13 BoogieIcfgContainer [2022-11-25 18:35:13,895 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-25 18:35:13,898 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-25 18:35:13,898 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-25 18:35:13,902 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-25 18:35:13,917 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 25.11 06:35:12" (1/3) ... [2022-11-25 18:35:13,918 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@294d14be and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 25.11 06:35:13, skipping insertion in model container [2022-11-25 18:35:13,918 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 25.11 06:35:13" (2/3) ... [2022-11-25 18:35:13,919 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@294d14be and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 25.11 06:35:13, skipping insertion in model container [2022-11-25 18:35:13,919 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 25.11 06:35:13" (3/3) ... [2022-11-25 18:35:13,921 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product50.cil.c [2022-11-25 18:35:13,952 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-25 18:35:13,952 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-25 18:35:14,041 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-25 18:35:14,050 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@761a2571, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-25 18:35:14,050 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-25 18:35:14,056 INFO L276 IsEmpty]: Start isEmpty. Operand has 93 states, 72 states have (on average 1.375) internal successors, (99), 80 states have internal predecessors, (99), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-11-25 18:35:14,070 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2022-11-25 18:35:14,070 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 18:35:14,071 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 18:35:14,072 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-25 18:35:14,079 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 18:35:14,080 INFO L85 PathProgramCache]: Analyzing trace with hash 58300630, now seen corresponding path program 1 times [2022-11-25 18:35:14,093 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-25 18:35:14,093 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1498438520] [2022-11-25 18:35:14,094 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 18:35:14,094 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-25 18:35:14,242 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:14,331 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2022-11-25 18:35:14,335 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:14,341 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2022-11-25 18:35:14,345 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:14,351 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-25 18:35:14,352 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-25 18:35:14,352 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1498438520] [2022-11-25 18:35:14,353 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1498438520] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-25 18:35:14,353 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-25 18:35:14,354 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-25 18:35:14,356 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1573895739] [2022-11-25 18:35:14,357 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-25 18:35:14,362 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-25 18:35:14,363 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-25 18:35:14,417 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-25 18:35:14,418 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-25 18:35:14,425 INFO L87 Difference]: Start difference. First operand has 93 states, 72 states have (on average 1.375) internal successors, (99), 80 states have internal predecessors, (99), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-25 18:35:14,505 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 18:35:14,507 INFO L93 Difference]: Finished difference Result 177 states and 240 transitions. [2022-11-25 18:35:14,509 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-25 18:35:14,510 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2022-11-25 18:35:14,511 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 18:35:14,528 INFO L225 Difference]: With dead ends: 177 [2022-11-25 18:35:14,528 INFO L226 Difference]: Without dead ends: 84 [2022-11-25 18:35:14,536 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-25 18:35:14,544 INFO L413 NwaCegarLoop]: 117 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 117 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-25 18:35:14,545 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 117 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-25 18:35:14,566 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 84 states. [2022-11-25 18:35:14,608 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 84 to 84. [2022-11-25 18:35:14,610 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 84 states, 65 states have (on average 1.3076923076923077) internal successors, (85), 72 states have internal predecessors, (85), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-25 18:35:14,622 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 84 states to 84 states and 108 transitions. [2022-11-25 18:35:14,624 INFO L78 Accepts]: Start accepts. Automaton has 84 states and 108 transitions. Word has length 32 [2022-11-25 18:35:14,624 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 18:35:14,624 INFO L495 AbstractCegarLoop]: Abstraction has 84 states and 108 transitions. [2022-11-25 18:35:14,624 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-25 18:35:14,625 INFO L276 IsEmpty]: Start isEmpty. Operand 84 states and 108 transitions. [2022-11-25 18:35:14,627 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-11-25 18:35:14,627 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 18:35:14,628 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 18:35:14,628 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-25 18:35:14,628 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-25 18:35:14,629 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 18:35:14,630 INFO L85 PathProgramCache]: Analyzing trace with hash 1182453555, now seen corresponding path program 1 times [2022-11-25 18:35:14,630 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-25 18:35:14,630 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [136966365] [2022-11-25 18:35:14,630 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 18:35:14,631 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-25 18:35:14,661 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:14,775 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2022-11-25 18:35:14,778 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:14,782 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2022-11-25 18:35:14,785 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:14,788 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-25 18:35:14,789 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-25 18:35:14,789 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [136966365] [2022-11-25 18:35:14,789 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [136966365] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-25 18:35:14,790 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-25 18:35:14,790 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-25 18:35:14,790 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [254919309] [2022-11-25 18:35:14,790 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-25 18:35:14,792 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-25 18:35:14,792 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-25 18:35:14,793 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-25 18:35:14,793 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-25 18:35:14,794 INFO L87 Difference]: Start difference. First operand 84 states and 108 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-25 18:35:14,815 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 18:35:14,815 INFO L93 Difference]: Finished difference Result 132 states and 170 transitions. [2022-11-25 18:35:14,816 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-25 18:35:14,816 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2022-11-25 18:35:14,817 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 18:35:14,818 INFO L225 Difference]: With dead ends: 132 [2022-11-25 18:35:14,818 INFO L226 Difference]: Without dead ends: 75 [2022-11-25 18:35:14,820 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-25 18:35:14,821 INFO L413 NwaCegarLoop]: 95 mSDtfsCounter, 13 mSDsluCounter, 78 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 173 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-25 18:35:14,822 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [16 Valid, 173 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-25 18:35:14,824 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 75 states. [2022-11-25 18:35:14,833 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 75 to 75. [2022-11-25 18:35:14,834 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 75 states, 59 states have (on average 1.3220338983050848) internal successors, (78), 66 states have internal predecessors, (78), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-25 18:35:14,835 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 75 states to 75 states and 96 transitions. [2022-11-25 18:35:14,835 INFO L78 Accepts]: Start accepts. Automaton has 75 states and 96 transitions. Word has length 33 [2022-11-25 18:35:14,836 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 18:35:14,836 INFO L495 AbstractCegarLoop]: Abstraction has 75 states and 96 transitions. [2022-11-25 18:35:14,836 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-25 18:35:14,836 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 96 transitions. [2022-11-25 18:35:14,838 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-11-25 18:35:14,838 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 18:35:14,838 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 18:35:14,839 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-25 18:35:14,839 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-25 18:35:14,840 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 18:35:14,840 INFO L85 PathProgramCache]: Analyzing trace with hash 1082286122, now seen corresponding path program 1 times [2022-11-25 18:35:14,840 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-25 18:35:14,841 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1770468033] [2022-11-25 18:35:14,841 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 18:35:14,841 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-25 18:35:14,873 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:15,034 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-25 18:35:15,037 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:15,043 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2022-11-25 18:35:15,045 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:15,048 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-25 18:35:15,049 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-25 18:35:15,049 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1770468033] [2022-11-25 18:35:15,049 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1770468033] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-25 18:35:15,050 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-25 18:35:15,050 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-25 18:35:15,050 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [222835011] [2022-11-25 18:35:15,050 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-25 18:35:15,051 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-25 18:35:15,051 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-25 18:35:15,052 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-25 18:35:15,052 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-25 18:35:15,052 INFO L87 Difference]: Start difference. First operand 75 states and 96 transitions. Second operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-25 18:35:15,084 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 18:35:15,084 INFO L93 Difference]: Finished difference Result 142 states and 185 transitions. [2022-11-25 18:35:15,085 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-25 18:35:15,085 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2022-11-25 18:35:15,085 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 18:35:15,086 INFO L225 Difference]: With dead ends: 142 [2022-11-25 18:35:15,087 INFO L226 Difference]: Without dead ends: 75 [2022-11-25 18:35:15,088 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-25 18:35:15,089 INFO L413 NwaCegarLoop]: 94 mSDtfsCounter, 86 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 86 SdHoareTripleChecker+Valid, 94 SdHoareTripleChecker+Invalid, 2 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-25 18:35:15,090 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [86 Valid, 94 Invalid, 2 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-25 18:35:15,091 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 75 states. [2022-11-25 18:35:15,102 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 75 to 75. [2022-11-25 18:35:15,103 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 75 states, 59 states have (on average 1.305084745762712) internal successors, (77), 66 states have internal predecessors, (77), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-25 18:35:15,104 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 75 states to 75 states and 95 transitions. [2022-11-25 18:35:15,104 INFO L78 Accepts]: Start accepts. Automaton has 75 states and 95 transitions. Word has length 38 [2022-11-25 18:35:15,106 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 18:35:15,106 INFO L495 AbstractCegarLoop]: Abstraction has 75 states and 95 transitions. [2022-11-25 18:35:15,106 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-25 18:35:15,107 INFO L276 IsEmpty]: Start isEmpty. Operand 75 states and 95 transitions. [2022-11-25 18:35:15,108 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 49 [2022-11-25 18:35:15,108 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 18:35:15,109 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 18:35:15,109 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-25 18:35:15,109 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-25 18:35:15,110 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 18:35:15,110 INFO L85 PathProgramCache]: Analyzing trace with hash 605778703, now seen corresponding path program 1 times [2022-11-25 18:35:15,111 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-25 18:35:15,111 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [237244499] [2022-11-25 18:35:15,111 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 18:35:15,111 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-25 18:35:15,136 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:15,255 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-25 18:35:15,258 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:15,265 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-25 18:35:15,268 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:15,290 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-11-25 18:35:15,293 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:15,295 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 40 [2022-11-25 18:35:15,298 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:15,300 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-25 18:35:15,300 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-25 18:35:15,301 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [237244499] [2022-11-25 18:35:15,301 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [237244499] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-25 18:35:15,301 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-25 18:35:15,302 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-25 18:35:15,302 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [918396817] [2022-11-25 18:35:15,302 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-25 18:35:15,303 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-25 18:35:15,303 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-25 18:35:15,304 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-25 18:35:15,304 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-25 18:35:15,304 INFO L87 Difference]: Start difference. First operand 75 states and 95 transitions. Second operand has 5 states, 5 states have (on average 7.4) internal successors, (37), 5 states have internal predecessors, (37), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-25 18:35:15,620 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 18:35:15,620 INFO L93 Difference]: Finished difference Result 221 states and 282 transitions. [2022-11-25 18:35:15,621 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-25 18:35:15,621 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.4) internal successors, (37), 5 states have internal predecessors, (37), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) Word has length 48 [2022-11-25 18:35:15,621 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 18:35:15,623 INFO L225 Difference]: With dead ends: 221 [2022-11-25 18:35:15,623 INFO L226 Difference]: Without dead ends: 154 [2022-11-25 18:35:15,624 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=19, Invalid=37, Unknown=0, NotChecked=0, Total=56 [2022-11-25 18:35:15,625 INFO L413 NwaCegarLoop]: 125 mSDtfsCounter, 195 mSDsluCounter, 183 mSDsCounter, 0 mSdLazyCounter, 104 mSolverCounterSat, 46 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 198 SdHoareTripleChecker+Valid, 308 SdHoareTripleChecker+Invalid, 150 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 46 IncrementalHoareTripleChecker+Valid, 104 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-25 18:35:15,626 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [198 Valid, 308 Invalid, 150 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [46 Valid, 104 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-25 18:35:15,627 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 154 states. [2022-11-25 18:35:15,648 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 154 to 148. [2022-11-25 18:35:15,649 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 148 states, 115 states have (on average 1.2695652173913043) internal successors, (146), 122 states have internal predecessors, (146), 16 states have call successors, (16), 13 states have call predecessors, (16), 16 states have return successors, (21), 17 states have call predecessors, (21), 16 states have call successors, (21) [2022-11-25 18:35:15,651 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 148 states to 148 states and 183 transitions. [2022-11-25 18:35:15,651 INFO L78 Accepts]: Start accepts. Automaton has 148 states and 183 transitions. Word has length 48 [2022-11-25 18:35:15,651 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 18:35:15,652 INFO L495 AbstractCegarLoop]: Abstraction has 148 states and 183 transitions. [2022-11-25 18:35:15,652 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.4) internal successors, (37), 5 states have internal predecessors, (37), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-25 18:35:15,652 INFO L276 IsEmpty]: Start isEmpty. Operand 148 states and 183 transitions. [2022-11-25 18:35:15,654 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2022-11-25 18:35:15,654 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 18:35:15,654 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 18:35:15,654 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-25 18:35:15,655 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-25 18:35:15,655 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 18:35:15,656 INFO L85 PathProgramCache]: Analyzing trace with hash 1075912719, now seen corresponding path program 1 times [2022-11-25 18:35:15,656 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-25 18:35:15,656 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1880853795] [2022-11-25 18:35:15,657 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 18:35:15,657 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-25 18:35:15,676 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:15,753 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-25 18:35:15,754 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:15,759 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-25 18:35:15,764 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:15,802 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2022-11-25 18:35:15,804 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:15,806 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-25 18:35:15,807 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-25 18:35:15,807 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1880853795] [2022-11-25 18:35:15,807 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1880853795] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-25 18:35:15,807 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-25 18:35:15,808 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-25 18:35:15,808 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1799483541] [2022-11-25 18:35:15,808 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-25 18:35:15,809 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-25 18:35:15,809 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-25 18:35:15,810 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-25 18:35:15,810 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-25 18:35:15,810 INFO L87 Difference]: Start difference. First operand 148 states and 183 transitions. Second operand has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-25 18:35:16,010 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 18:35:16,010 INFO L93 Difference]: Finished difference Result 296 states and 370 transitions. [2022-11-25 18:35:16,011 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-25 18:35:16,011 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 52 [2022-11-25 18:35:16,012 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 18:35:16,013 INFO L225 Difference]: With dead ends: 296 [2022-11-25 18:35:16,014 INFO L226 Difference]: Without dead ends: 156 [2022-11-25 18:35:16,015 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=32, Invalid=58, Unknown=0, NotChecked=0, Total=90 [2022-11-25 18:35:16,017 INFO L413 NwaCegarLoop]: 89 mSDtfsCounter, 66 mSDsluCounter, 295 mSDsCounter, 0 mSdLazyCounter, 112 mSolverCounterSat, 19 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 69 SdHoareTripleChecker+Valid, 384 SdHoareTripleChecker+Invalid, 131 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 19 IncrementalHoareTripleChecker+Valid, 112 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-25 18:35:16,018 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [69 Valid, 384 Invalid, 131 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [19 Valid, 112 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-25 18:35:16,020 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 156 states. [2022-11-25 18:35:16,042 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 156 to 151. [2022-11-25 18:35:16,042 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 151 states, 118 states have (on average 1.2627118644067796) internal successors, (149), 125 states have internal predecessors, (149), 16 states have call successors, (16), 13 states have call predecessors, (16), 16 states have return successors, (21), 17 states have call predecessors, (21), 16 states have call successors, (21) [2022-11-25 18:35:16,044 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 151 states to 151 states and 186 transitions. [2022-11-25 18:35:16,045 INFO L78 Accepts]: Start accepts. Automaton has 151 states and 186 transitions. Word has length 52 [2022-11-25 18:35:16,045 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 18:35:16,046 INFO L495 AbstractCegarLoop]: Abstraction has 151 states and 186 transitions. [2022-11-25 18:35:16,046 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.166666666666667) internal successors, (43), 5 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-25 18:35:16,046 INFO L276 IsEmpty]: Start isEmpty. Operand 151 states and 186 transitions. [2022-11-25 18:35:16,048 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2022-11-25 18:35:16,048 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 18:35:16,048 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 18:35:16,049 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-25 18:35:16,049 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-25 18:35:16,050 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 18:35:16,050 INFO L85 PathProgramCache]: Analyzing trace with hash -613031023, now seen corresponding path program 1 times [2022-11-25 18:35:16,050 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-25 18:35:16,051 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2076414039] [2022-11-25 18:35:16,051 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 18:35:16,051 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-25 18:35:16,071 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:16,186 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-25 18:35:16,188 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:16,197 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-25 18:35:16,209 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:16,258 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2022-11-25 18:35:16,265 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:16,271 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-25 18:35:16,272 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-25 18:35:16,272 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2076414039] [2022-11-25 18:35:16,272 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2076414039] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-25 18:35:16,272 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-25 18:35:16,273 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-25 18:35:16,273 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [519393394] [2022-11-25 18:35:16,273 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-25 18:35:16,274 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-25 18:35:16,276 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-25 18:35:16,278 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-25 18:35:16,278 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-25 18:35:16,278 INFO L87 Difference]: Start difference. First operand 151 states and 186 transitions. Second operand has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-25 18:35:16,474 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 18:35:16,476 INFO L93 Difference]: Finished difference Result 304 states and 381 transitions. [2022-11-25 18:35:16,476 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-25 18:35:16,476 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 52 [2022-11-25 18:35:16,477 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 18:35:16,484 INFO L225 Difference]: With dead ends: 304 [2022-11-25 18:35:16,485 INFO L226 Difference]: Without dead ends: 161 [2022-11-25 18:35:16,487 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-11-25 18:35:16,490 INFO L413 NwaCegarLoop]: 91 mSDtfsCounter, 67 mSDsluCounter, 210 mSDsCounter, 0 mSdLazyCounter, 88 mSolverCounterSat, 14 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 71 SdHoareTripleChecker+Valid, 301 SdHoareTripleChecker+Invalid, 102 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 14 IncrementalHoareTripleChecker+Valid, 88 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-25 18:35:16,491 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [71 Valid, 301 Invalid, 102 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [14 Valid, 88 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-25 18:35:16,492 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 161 states. [2022-11-25 18:35:16,529 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 161 to 153. [2022-11-25 18:35:16,530 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 153 states, 120 states have (on average 1.2583333333333333) internal successors, (151), 127 states have internal predecessors, (151), 16 states have call successors, (16), 13 states have call predecessors, (16), 16 states have return successors, (21), 17 states have call predecessors, (21), 16 states have call successors, (21) [2022-11-25 18:35:16,531 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 153 states to 153 states and 188 transitions. [2022-11-25 18:35:16,532 INFO L78 Accepts]: Start accepts. Automaton has 153 states and 188 transitions. Word has length 52 [2022-11-25 18:35:16,532 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 18:35:16,532 INFO L495 AbstractCegarLoop]: Abstraction has 153 states and 188 transitions. [2022-11-25 18:35:16,533 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-25 18:35:16,540 INFO L276 IsEmpty]: Start isEmpty. Operand 153 states and 188 transitions. [2022-11-25 18:35:16,546 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2022-11-25 18:35:16,547 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 18:35:16,547 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 18:35:16,547 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-25 18:35:16,548 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-25 18:35:16,549 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 18:35:16,549 INFO L85 PathProgramCache]: Analyzing trace with hash -190329197, now seen corresponding path program 1 times [2022-11-25 18:35:16,549 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-25 18:35:16,550 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [84618279] [2022-11-25 18:35:16,550 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 18:35:16,550 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-25 18:35:16,576 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:16,656 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-25 18:35:16,657 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:16,664 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-25 18:35:16,667 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:16,683 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2022-11-25 18:35:16,684 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:16,686 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-25 18:35:16,686 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-25 18:35:16,686 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [84618279] [2022-11-25 18:35:16,687 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [84618279] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-25 18:35:16,687 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-25 18:35:16,687 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-25 18:35:16,687 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1116207459] [2022-11-25 18:35:16,687 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-25 18:35:16,688 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-25 18:35:16,688 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-25 18:35:16,689 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-25 18:35:16,689 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-25 18:35:16,689 INFO L87 Difference]: Start difference. First operand 153 states and 188 transitions. Second operand has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-25 18:35:16,979 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 18:35:16,979 INFO L93 Difference]: Finished difference Result 438 states and 558 transitions. [2022-11-25 18:35:16,980 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-25 18:35:16,981 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 52 [2022-11-25 18:35:16,982 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 18:35:16,987 INFO L225 Difference]: With dead ends: 438 [2022-11-25 18:35:16,988 INFO L226 Difference]: Without dead ends: 293 [2022-11-25 18:35:16,989 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2022-11-25 18:35:16,992 INFO L413 NwaCegarLoop]: 139 mSDtfsCounter, 213 mSDsluCounter, 174 mSDsCounter, 0 mSdLazyCounter, 158 mSolverCounterSat, 58 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 220 SdHoareTripleChecker+Valid, 313 SdHoareTripleChecker+Invalid, 216 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 58 IncrementalHoareTripleChecker+Valid, 158 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-25 18:35:16,992 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [220 Valid, 313 Invalid, 216 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [58 Valid, 158 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-25 18:35:16,997 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 293 states. [2022-11-25 18:35:17,057 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 293 to 285. [2022-11-25 18:35:17,061 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 285 states, 220 states have (on average 1.240909090909091) internal successors, (273), 231 states have internal predecessors, (273), 34 states have call successors, (34), 29 states have call predecessors, (34), 30 states have return successors, (49), 34 states have call predecessors, (49), 34 states have call successors, (49) [2022-11-25 18:35:17,063 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 285 states to 285 states and 356 transitions. [2022-11-25 18:35:17,070 INFO L78 Accepts]: Start accepts. Automaton has 285 states and 356 transitions. Word has length 52 [2022-11-25 18:35:17,072 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 18:35:17,073 INFO L495 AbstractCegarLoop]: Abstraction has 285 states and 356 transitions. [2022-11-25 18:35:17,073 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.6) internal successors, (43), 4 states have internal predecessors, (43), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-25 18:35:17,073 INFO L276 IsEmpty]: Start isEmpty. Operand 285 states and 356 transitions. [2022-11-25 18:35:17,075 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2022-11-25 18:35:17,075 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 18:35:17,076 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 18:35:17,076 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-25 18:35:17,077 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-25 18:35:17,078 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 18:35:17,078 INFO L85 PathProgramCache]: Analyzing trace with hash 2088078071, now seen corresponding path program 1 times [2022-11-25 18:35:17,078 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-25 18:35:17,081 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [394907894] [2022-11-25 18:35:17,081 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 18:35:17,081 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-25 18:35:17,113 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:17,243 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2022-11-25 18:35:17,245 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:17,253 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2022-11-25 18:35:17,261 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:17,282 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2022-11-25 18:35:17,285 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:17,289 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 46 [2022-11-25 18:35:17,290 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:17,316 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-25 18:35:17,317 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-25 18:35:17,317 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [394907894] [2022-11-25 18:35:17,317 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [394907894] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-25 18:35:17,317 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-25 18:35:17,317 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-11-25 18:35:17,318 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [544147314] [2022-11-25 18:35:17,318 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-25 18:35:17,318 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-11-25 18:35:17,319 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-25 18:35:17,319 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-11-25 18:35:17,319 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-11-25 18:35:17,320 INFO L87 Difference]: Start difference. First operand 285 states and 356 transitions. Second operand has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-25 18:35:17,668 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 18:35:17,668 INFO L93 Difference]: Finished difference Result 578 states and 733 transitions. [2022-11-25 18:35:17,673 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2022-11-25 18:35:17,674 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 54 [2022-11-25 18:35:17,674 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 18:35:17,677 INFO L225 Difference]: With dead ends: 578 [2022-11-25 18:35:17,677 INFO L226 Difference]: Without dead ends: 301 [2022-11-25 18:35:17,679 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 24 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 25 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=53, Invalid=157, Unknown=0, NotChecked=0, Total=210 [2022-11-25 18:35:17,684 INFO L413 NwaCegarLoop]: 89 mSDtfsCounter, 129 mSDsluCounter, 346 mSDsCounter, 0 mSdLazyCounter, 198 mSolverCounterSat, 28 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 135 SdHoareTripleChecker+Valid, 435 SdHoareTripleChecker+Invalid, 226 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 28 IncrementalHoareTripleChecker+Valid, 198 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-25 18:35:17,688 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [135 Valid, 435 Invalid, 226 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [28 Valid, 198 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-25 18:35:17,690 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 301 states. [2022-11-25 18:35:17,736 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 301 to 281. [2022-11-25 18:35:17,737 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 281 states, 216 states have (on average 1.2083333333333333) internal successors, (261), 227 states have internal predecessors, (261), 34 states have call successors, (34), 29 states have call predecessors, (34), 30 states have return successors, (49), 34 states have call predecessors, (49), 34 states have call successors, (49) [2022-11-25 18:35:17,739 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 281 states to 281 states and 344 transitions. [2022-11-25 18:35:17,740 INFO L78 Accepts]: Start accepts. Automaton has 281 states and 344 transitions. Word has length 54 [2022-11-25 18:35:17,740 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 18:35:17,745 INFO L495 AbstractCegarLoop]: Abstraction has 281 states and 344 transitions. [2022-11-25 18:35:17,745 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-25 18:35:17,746 INFO L276 IsEmpty]: Start isEmpty. Operand 281 states and 344 transitions. [2022-11-25 18:35:17,749 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2022-11-25 18:35:17,749 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 18:35:17,749 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 18:35:17,750 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-11-25 18:35:17,750 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-25 18:35:17,750 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 18:35:17,751 INFO L85 PathProgramCache]: Analyzing trace with hash -312737299, now seen corresponding path program 1 times [2022-11-25 18:35:17,751 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-25 18:35:17,751 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1280618347] [2022-11-25 18:35:17,751 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 18:35:17,752 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-25 18:35:17,788 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:18,017 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-25 18:35:18,019 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:18,085 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2022-11-25 18:35:18,087 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:18,116 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2022-11-25 18:35:18,119 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:18,141 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2022-11-25 18:35:18,142 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:18,145 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-25 18:35:18,146 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-25 18:35:18,146 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1280618347] [2022-11-25 18:35:18,146 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1280618347] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-25 18:35:18,147 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-25 18:35:18,147 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2022-11-25 18:35:18,147 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1461542066] [2022-11-25 18:35:18,147 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-25 18:35:18,149 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-11-25 18:35:18,150 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-25 18:35:18,150 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-11-25 18:35:18,151 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=72, Unknown=0, NotChecked=0, Total=90 [2022-11-25 18:35:18,151 INFO L87 Difference]: Start difference. First operand 281 states and 344 transitions. Second operand has 10 states, 10 states have (on average 4.5) internal successors, (45), 8 states have internal predecessors, (45), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-25 18:35:19,230 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 18:35:19,231 INFO L93 Difference]: Finished difference Result 833 states and 1056 transitions. [2022-11-25 18:35:19,231 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 29 states. [2022-11-25 18:35:19,232 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.5) internal successors, (45), 8 states have internal predecessors, (45), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) Word has length 56 [2022-11-25 18:35:19,233 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 18:35:19,238 INFO L225 Difference]: With dead ends: 833 [2022-11-25 18:35:19,238 INFO L226 Difference]: Without dead ends: 611 [2022-11-25 18:35:19,240 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 40 GetRequests, 10 SyntacticMatches, 1 SemanticMatches, 29 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 199 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=187, Invalid=743, Unknown=0, NotChecked=0, Total=930 [2022-11-25 18:35:19,243 INFO L413 NwaCegarLoop]: 122 mSDtfsCounter, 493 mSDsluCounter, 637 mSDsCounter, 0 mSdLazyCounter, 693 mSolverCounterSat, 157 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 499 SdHoareTripleChecker+Valid, 759 SdHoareTripleChecker+Invalid, 850 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 157 IncrementalHoareTripleChecker+Valid, 693 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2022-11-25 18:35:19,244 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [499 Valid, 759 Invalid, 850 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [157 Valid, 693 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2022-11-25 18:35:19,245 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 611 states. [2022-11-25 18:35:19,341 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 611 to 522. [2022-11-25 18:35:19,342 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 522 states, 403 states have (on average 1.2034739454094292) internal successors, (485), 425 states have internal predecessors, (485), 61 states have call successors, (61), 51 states have call predecessors, (61), 57 states have return successors, (85), 61 states have call predecessors, (85), 61 states have call successors, (85) [2022-11-25 18:35:19,347 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 522 states to 522 states and 631 transitions. [2022-11-25 18:35:19,347 INFO L78 Accepts]: Start accepts. Automaton has 522 states and 631 transitions. Word has length 56 [2022-11-25 18:35:19,347 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 18:35:19,348 INFO L495 AbstractCegarLoop]: Abstraction has 522 states and 631 transitions. [2022-11-25 18:35:19,348 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 4.5) internal successors, (45), 8 states have internal predecessors, (45), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-25 18:35:19,348 INFO L276 IsEmpty]: Start isEmpty. Operand 522 states and 631 transitions. [2022-11-25 18:35:19,349 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 99 [2022-11-25 18:35:19,350 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 18:35:19,350 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 18:35:19,350 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2022-11-25 18:35:19,350 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-25 18:35:19,351 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 18:35:19,351 INFO L85 PathProgramCache]: Analyzing trace with hash -514851068, now seen corresponding path program 1 times [2022-11-25 18:35:19,351 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-25 18:35:19,352 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [238776286] [2022-11-25 18:35:19,357 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 18:35:19,357 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-25 18:35:19,407 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:19,572 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-25 18:35:19,574 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:19,590 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2022-11-25 18:35:19,593 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:19,598 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-25 18:35:19,600 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:19,611 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2022-11-25 18:35:19,613 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:19,616 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 62 [2022-11-25 18:35:19,617 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:19,619 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 78 [2022-11-25 18:35:19,621 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:19,622 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-11-25 18:35:19,623 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:19,624 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 90 [2022-11-25 18:35:19,626 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:19,627 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 4 proven. 3 refuted. 0 times theorem prover too weak. 27 trivial. 0 not checked. [2022-11-25 18:35:19,628 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-25 18:35:19,628 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [238776286] [2022-11-25 18:35:19,628 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [238776286] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-25 18:35:19,629 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [407438284] [2022-11-25 18:35:19,629 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 18:35:19,629 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-25 18:35:19,629 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/bin/uautomizer-ZsLfNo2U6R/z3 [2022-11-25 18:35:19,634 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/bin/uautomizer-ZsLfNo2U6R/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-25 18:35:19,673 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/bin/uautomizer-ZsLfNo2U6R/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-25 18:35:19,784 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:19,802 INFO L263 TraceCheckSpWp]: Trace formula consists of 340 conjuncts, 8 conjunts are in the unsatisfiable core [2022-11-25 18:35:19,810 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 18:35:20,104 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 25 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-25 18:35:20,104 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-25 18:35:20,446 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 19 proven. 8 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2022-11-25 18:35:20,447 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [407438284] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-25 18:35:20,447 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-25 18:35:20,447 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 6, 6] total 14 [2022-11-25 18:35:20,448 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1885414106] [2022-11-25 18:35:20,448 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-25 18:35:20,449 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2022-11-25 18:35:20,449 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-25 18:35:20,450 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2022-11-25 18:35:20,450 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=29, Invalid=153, Unknown=0, NotChecked=0, Total=182 [2022-11-25 18:35:20,450 INFO L87 Difference]: Start difference. First operand 522 states and 631 transitions. Second operand has 14 states, 14 states have (on average 8.285714285714286) internal successors, (116), 10 states have internal predecessors, (116), 5 states have call successors, (18), 6 states have call predecessors, (18), 5 states have return successors, (16), 5 states have call predecessors, (16), 5 states have call successors, (16) [2022-11-25 18:35:22,253 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 18:35:22,253 INFO L93 Difference]: Finished difference Result 1195 states and 1490 transitions. [2022-11-25 18:35:22,253 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 38 states. [2022-11-25 18:35:22,254 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 14 states have (on average 8.285714285714286) internal successors, (116), 10 states have internal predecessors, (116), 5 states have call successors, (18), 6 states have call predecessors, (18), 5 states have return successors, (16), 5 states have call predecessors, (16), 5 states have call successors, (16) Word has length 98 [2022-11-25 18:35:22,254 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 18:35:22,258 INFO L225 Difference]: With dead ends: 1195 [2022-11-25 18:35:22,258 INFO L226 Difference]: Without dead ends: 730 [2022-11-25 18:35:22,261 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 274 GetRequests, 223 SyntacticMatches, 4 SemanticMatches, 47 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 573 ImplicationChecksByTransitivity, 0.8s TimeCoverageRelationStatistics Valid=471, Invalid=1881, Unknown=0, NotChecked=0, Total=2352 [2022-11-25 18:35:22,262 INFO L413 NwaCegarLoop]: 172 mSDtfsCounter, 487 mSDsluCounter, 1351 mSDsCounter, 0 mSdLazyCounter, 1122 mSolverCounterSat, 155 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 493 SdHoareTripleChecker+Valid, 1523 SdHoareTripleChecker+Invalid, 1277 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 155 IncrementalHoareTripleChecker+Valid, 1122 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.9s IncrementalHoareTripleChecker+Time [2022-11-25 18:35:22,264 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [493 Valid, 1523 Invalid, 1277 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [155 Valid, 1122 Invalid, 0 Unknown, 0 Unchecked, 0.9s Time] [2022-11-25 18:35:22,266 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 730 states. [2022-11-25 18:35:22,359 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 730 to 592. [2022-11-25 18:35:22,361 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 592 states, 454 states have (on average 1.198237885462555) internal successors, (544), 483 states have internal predecessors, (544), 71 states have call successors, (71), 61 states have call predecessors, (71), 66 states have return successors, (91), 68 states have call predecessors, (91), 71 states have call successors, (91) [2022-11-25 18:35:22,365 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 592 states to 592 states and 706 transitions. [2022-11-25 18:35:22,367 INFO L78 Accepts]: Start accepts. Automaton has 592 states and 706 transitions. Word has length 98 [2022-11-25 18:35:22,368 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 18:35:22,368 INFO L495 AbstractCegarLoop]: Abstraction has 592 states and 706 transitions. [2022-11-25 18:35:22,369 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 14 states have (on average 8.285714285714286) internal successors, (116), 10 states have internal predecessors, (116), 5 states have call successors, (18), 6 states have call predecessors, (18), 5 states have return successors, (16), 5 states have call predecessors, (16), 5 states have call successors, (16) [2022-11-25 18:35:22,369 INFO L276 IsEmpty]: Start isEmpty. Operand 592 states and 706 transitions. [2022-11-25 18:35:22,381 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 177 [2022-11-25 18:35:22,381 INFO L187 NwaCegarLoop]: Found error trace [2022-11-25 18:35:22,382 INFO L195 NwaCegarLoop]: trace histogram [5, 5, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 18:35:22,400 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/bin/uautomizer-ZsLfNo2U6R/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-25 18:35:22,589 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/bin/uautomizer-ZsLfNo2U6R/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-25 18:35:22,590 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-25 18:35:22,590 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-25 18:35:22,591 INFO L85 PathProgramCache]: Analyzing trace with hash 2133918754, now seen corresponding path program 1 times [2022-11-25 18:35:22,591 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2022-11-25 18:35:22,591 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1155570579] [2022-11-25 18:35:22,591 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 18:35:22,591 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-25 18:35:22,636 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:22,941 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2022-11-25 18:35:22,943 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:22,955 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2022-11-25 18:35:22,958 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:22,963 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-25 18:35:22,964 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:22,972 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2022-11-25 18:35:22,975 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:22,978 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 60 [2022-11-25 18:35:22,984 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:22,990 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-25 18:35:22,991 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:22,997 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2022-11-25 18:35:22,998 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:23,001 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2022-11-25 18:35:23,002 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:23,003 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 102 [2022-11-25 18:35:23,008 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:23,100 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2022-11-25 18:35:23,101 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:23,102 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 132 [2022-11-25 18:35:23,104 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:23,110 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 143 [2022-11-25 18:35:23,111 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:23,113 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 152 [2022-11-25 18:35:23,118 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:23,122 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 168 [2022-11-25 18:35:23,124 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:23,126 INFO L134 CoverageAnalysis]: Checked inductivity of 196 backedges. 72 proven. 5 refuted. 0 times theorem prover too weak. 119 trivial. 0 not checked. [2022-11-25 18:35:23,126 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2022-11-25 18:35:23,126 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1155570579] [2022-11-25 18:35:23,127 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1155570579] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-25 18:35:23,127 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1706189191] [2022-11-25 18:35:23,127 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-25 18:35:23,127 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-25 18:35:23,128 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/bin/uautomizer-ZsLfNo2U6R/z3 [2022-11-25 18:35:23,130 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/bin/uautomizer-ZsLfNo2U6R/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-25 18:35:23,137 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/bin/uautomizer-ZsLfNo2U6R/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-25 18:35:23,308 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-25 18:35:23,312 INFO L263 TraceCheckSpWp]: Trace formula consists of 547 conjuncts, 13 conjunts are in the unsatisfiable core [2022-11-25 18:35:23,322 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-25 18:35:23,676 INFO L134 CoverageAnalysis]: Checked inductivity of 196 backedges. 144 proven. 4 refuted. 0 times theorem prover too weak. 48 trivial. 0 not checked. [2022-11-25 18:35:23,676 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-25 18:35:24,307 INFO L134 CoverageAnalysis]: Checked inductivity of 196 backedges. 82 proven. 44 refuted. 0 times theorem prover too weak. 70 trivial. 0 not checked. [2022-11-25 18:35:24,308 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1706189191] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-25 18:35:24,308 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-25 18:35:24,308 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 10, 11] total 25 [2022-11-25 18:35:24,309 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [585477807] [2022-11-25 18:35:24,309 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-25 18:35:24,310 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 25 states [2022-11-25 18:35:24,310 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2022-11-25 18:35:24,311 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 25 interpolants. [2022-11-25 18:35:24,311 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=118, Invalid=482, Unknown=0, NotChecked=0, Total=600 [2022-11-25 18:35:24,312 INFO L87 Difference]: Start difference. First operand 592 states and 706 transitions. Second operand has 25 states, 25 states have (on average 8.76) internal successors, (219), 22 states have internal predecessors, (219), 9 states have call successors, (30), 9 states have call predecessors, (30), 10 states have return successors, (32), 8 states have call predecessors, (32), 9 states have call successors, (32) [2022-11-25 18:35:25,962 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-25 18:35:25,963 INFO L93 Difference]: Finished difference Result 1257 states and 1548 transitions. [2022-11-25 18:35:25,963 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2022-11-25 18:35:25,964 INFO L78 Accepts]: Start accepts. Automaton has has 25 states, 25 states have (on average 8.76) internal successors, (219), 22 states have internal predecessors, (219), 9 states have call successors, (30), 9 states have call predecessors, (30), 10 states have return successors, (32), 8 states have call predecessors, (32), 9 states have call successors, (32) Word has length 176 [2022-11-25 18:35:25,964 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-25 18:35:25,965 INFO L225 Difference]: With dead ends: 1257 [2022-11-25 18:35:25,965 INFO L226 Difference]: Without dead ends: 0 [2022-11-25 18:35:25,969 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 419 GetRequests, 368 SyntacticMatches, 5 SemanticMatches, 46 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 435 ImplicationChecksByTransitivity, 0.9s TimeCoverageRelationStatistics Valid=483, Invalid=1773, Unknown=0, NotChecked=0, Total=2256 [2022-11-25 18:35:25,970 INFO L413 NwaCegarLoop]: 103 mSDtfsCounter, 474 mSDsluCounter, 922 mSDsCounter, 0 mSdLazyCounter, 1207 mSolverCounterSat, 145 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 477 SdHoareTripleChecker+Valid, 1025 SdHoareTripleChecker+Invalid, 1352 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 145 IncrementalHoareTripleChecker+Valid, 1207 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.9s IncrementalHoareTripleChecker+Time [2022-11-25 18:35:25,970 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [477 Valid, 1025 Invalid, 1352 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [145 Valid, 1207 Invalid, 0 Unknown, 0 Unchecked, 0.9s Time] [2022-11-25 18:35:25,971 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-25 18:35:25,971 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-25 18:35:25,972 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-25 18:35:25,972 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-25 18:35:25,972 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 176 [2022-11-25 18:35:25,972 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-25 18:35:25,973 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-25 18:35:25,973 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 25 states, 25 states have (on average 8.76) internal successors, (219), 22 states have internal predecessors, (219), 9 states have call successors, (30), 9 states have call predecessors, (30), 10 states have return successors, (32), 8 states have call predecessors, (32), 9 states have call successors, (32) [2022-11-25 18:35:25,973 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-25 18:35:25,974 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-25 18:35:25,977 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-25 18:35:25,991 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/bin/uautomizer-ZsLfNo2U6R/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-25 18:35:26,185 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/bin/uautomizer-ZsLfNo2U6R/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-25 18:35:26,188 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-25 18:35:35,286 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 102 108) no Hoare annotation was computed. [2022-11-25 18:35:35,287 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 102 108) the Hoare annotation is: true [2022-11-25 18:35:35,287 INFO L899 garLoopResultBuilder]: For program point L381-1(lines 377 388) no Hoare annotation was computed. [2022-11-25 18:35:35,287 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 377 388) the Hoare annotation is: true [2022-11-25 18:35:35,287 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 377 388) no Hoare annotation was computed. [2022-11-25 18:35:35,287 INFO L899 garLoopResultBuilder]: For program point L929(line 929) no Hoare annotation was computed. [2022-11-25 18:35:35,288 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 908 937) no Hoare annotation was computed. [2022-11-25 18:35:35,288 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 908 937) the Hoare annotation is: true [2022-11-25 18:35:35,288 INFO L899 garLoopResultBuilder]: For program point L922(lines 922 926) no Hoare annotation was computed. [2022-11-25 18:35:35,288 INFO L902 garLoopResultBuilder]: At program point L922-1(lines 922 926) the Hoare annotation is: true [2022-11-25 18:35:35,288 INFO L899 garLoopResultBuilder]: For program point L919(line 919) no Hoare annotation was computed. [2022-11-25 18:35:35,288 INFO L902 garLoopResultBuilder]: At program point L918-2(lines 918 932) the Hoare annotation is: true [2022-11-25 18:35:35,288 INFO L902 garLoopResultBuilder]: At program point L914(line 914) the Hoare annotation is: true [2022-11-25 18:35:35,288 INFO L899 garLoopResultBuilder]: For program point L914-1(line 914) no Hoare annotation was computed. [2022-11-25 18:35:35,289 INFO L902 garLoopResultBuilder]: At program point L933(lines 908 937) the Hoare annotation is: true [2022-11-25 18:35:35,289 INFO L895 garLoopResultBuilder]: At program point L155(line 155) the Hoare annotation is: (let ((.cse1 (not (<= |old(~waterLevel~0)| 2))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= 1 |old(~pumpRunning~0)|)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse0 .cse1) (or .cse0 .cse2 (not (< 1 |old(~waterLevel~0)|)) .cse1) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) [2022-11-25 18:35:35,289 INFO L895 garLoopResultBuilder]: At program point L155-1(lines 136 160) the Hoare annotation is: (let ((.cse13 (<= 1 ~pumpRunning~0)) (.cse6 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse11 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= |timeShift_processEnvironment_~tmp~1#1| 0))) (.cse15 (<= ~waterLevel~0 1)) (.cse14 (= 1 ~systemActive~0)) (.cse16 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse8 (and .cse11 .cse1 .cse2 .cse15 .cse14 .cse16 .cse4)) (.cse0 (not .cse14)) (.cse5 (not (<= 1 |old(~pumpRunning~0)|))) (.cse12 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse9 (and .cse13 .cse6 .cse15 .cse14 .cse16 .cse4)) (.cse7 (not (<= |old(~waterLevel~0)| 2))) (.cse10 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))) (and (let ((.cse3 (= ~waterLevel~0 1))) (or .cse0 (and .cse1 .cse2 .cse3 .cse4) .cse5 (not (< 1 |old(~waterLevel~0)|)) (and .cse6 .cse3 .cse4) .cse7)) (or (not (= |old(~waterLevel~0)| 1)) .cse8 .cse0 .cse5 .cse9 .cse10) (or .cse11 (and .cse1 .cse12) .cse0 .cse7 (and .cse13 (= 2 ~waterLevel~0) .cse12)) (or (and .cse6 .cse12 .cse4) .cse8 .cse0 .cse5 (and .cse11 .cse1 .cse2 .cse14 .cse12 .cse4) .cse9 .cse7 .cse10)))) [2022-11-25 18:35:35,290 INFO L899 garLoopResultBuilder]: For program point L89-1(lines 89 95) no Hoare annotation was computed. [2022-11-25 18:35:35,290 INFO L895 garLoopResultBuilder]: At program point L849(line 849) the Hoare annotation is: (let ((.cse9 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse5 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (= ~pumpRunning~0 0)) (.cse7 (= ~waterLevel~0 |timeShift_getWaterLevel_#res#1|)) (.cse13 (not (= |timeShift_processEnvironment_~tmp~1#1| 0))) (.cse17 (<= ~waterLevel~0 1)) (.cse16 (= 1 ~systemActive~0)) (.cse18 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse14 (<= |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1| ~waterLevel~0)) (.cse11 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse2 (and .cse5 .cse6 .cse7 .cse13 .cse17 .cse16 .cse18 .cse14 .cse11)) (.cse3 (and (<= 1 ~pumpRunning~0) .cse9 .cse7 .cse17 .cse16 .cse18 .cse14 .cse11)) (.cse8 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse0 (not .cse16)) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse12 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse2 .cse3 .cse4) (or (not (<= |old(~waterLevel~0)| 1)) .cse5 .cse0 (and .cse6 .cse7 (< |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1| 2) .cse8)) (let ((.cse10 (not (<= 2 |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1|)))) (or .cse0 .cse1 .cse2 (and .cse9 .cse7 .cse8 .cse10 .cse11) .cse3 .cse12 (and .cse6 .cse7 .cse13 .cse8 .cse10 .cse11) .cse4)) (or .cse5 .cse0 .cse12 (not (<= 2 |old(~waterLevel~0)|))) (let ((.cse15 (= ~waterLevel~0 1))) (or .cse0 .cse1 (not (< 1 |old(~waterLevel~0)|)) (and .cse6 .cse7 .cse13 .cse14 .cse15 .cse11) .cse12 (and .cse9 .cse7 .cse14 .cse15 .cse11)))))) [2022-11-25 18:35:35,290 INFO L899 garLoopResultBuilder]: For program point L849-1(line 849) no Hoare annotation was computed. [2022-11-25 18:35:35,290 INFO L895 garLoopResultBuilder]: At program point L267(lines 252 270) the Hoare annotation is: (let ((.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= 1 ~systemActive~0)) (.cse3 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (and (<= 1 ~pumpRunning~0) .cse2 (<= ~waterLevel~0 1) .cse7 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse3)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse0 (not .cse7)) (.cse4 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (not (< 1 |old(~waterLevel~0)|)) (and .cse2 (= ~waterLevel~0 1) .cse3) .cse4) (or (not (<= |old(~waterLevel~0)| 1)) (and .cse2 (= |old(~waterLevel~0)| ~waterLevel~0) .cse3) .cse0 .cse1 .cse5 .cse6) (or (not (= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse5 .cse6) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse4)))) [2022-11-25 18:35:35,291 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 75 101) no Hoare annotation was computed. [2022-11-25 18:35:35,291 INFO L895 garLoopResultBuilder]: At program point L449(lines 444 452) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= 1 ~systemActive~0)) (.cse1 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (and (<= 1 ~pumpRunning~0) .cse0 (<= ~waterLevel~0 1) .cse7 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse1)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (not .cse7)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) (and .cse0 (= ~waterLevel~0 1) .cse1) .cse5) (or (not (= |old(~waterLevel~0)| 1)) .cse2 .cse3 .cse4 .cse6) (or (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse5)))) [2022-11-25 18:35:35,291 INFO L899 garLoopResultBuilder]: For program point L82(lines 82 88) no Hoare annotation was computed. [2022-11-25 18:35:35,291 INFO L899 garLoopResultBuilder]: For program point L82-2(lines 78 100) no Hoare annotation was computed. [2022-11-25 18:35:35,291 INFO L899 garLoopResultBuilder]: For program point L144(lines 144 152) no Hoare annotation was computed. [2022-11-25 18:35:35,291 INFO L899 garLoopResultBuilder]: For program point L140(lines 140 157) no Hoare annotation was computed. [2022-11-25 18:35:35,292 INFO L895 garLoopResultBuilder]: At program point L834(line 834) the Hoare annotation is: (let ((.cse0 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1))) (and (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse3) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse4 .cse5 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 .cse4 (not (< 1 |old(~waterLevel~0)|)) .cse3 .cse5)))) [2022-11-25 18:35:35,292 INFO L899 garLoopResultBuilder]: For program point L834-1(line 834) no Hoare annotation was computed. [2022-11-25 18:35:35,292 INFO L899 garLoopResultBuilder]: For program point L54(line 54) no Hoare annotation was computed. [2022-11-25 18:35:35,292 INFO L899 garLoopResultBuilder]: For program point L851(lines 851 861) no Hoare annotation was computed. [2022-11-25 18:35:35,292 INFO L899 garLoopResultBuilder]: For program point L847(lines 847 864) no Hoare annotation was computed. [2022-11-25 18:35:35,294 INFO L895 garLoopResultBuilder]: At program point L174(lines 169 176) the Hoare annotation is: (let ((.cse8 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= |timeShift_processEnvironment_~tmp~1#1| 0))) (.cse9 (= 1 ~systemActive~0)) (.cse3 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse6 (and .cse8 .cse1 .cse2 (<= ~waterLevel~0 1) .cse9 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse3)) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse7 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse0 (not .cse9)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 (and .cse1 .cse2 (= ~waterLevel~0 1) .cse3) .cse4 (not (< 1 |old(~waterLevel~0)|)) .cse5) (or (not (= |old(~waterLevel~0)| 1)) .cse6 .cse0 .cse4 .cse7) (or (and .cse1 .cse2 (= |old(~waterLevel~0)| ~waterLevel~0) .cse3) .cse6 .cse0 .cse4 .cse5 .cse7) (or .cse8 .cse0 .cse5)))) [2022-11-25 18:35:35,299 INFO L895 garLoopResultBuilder]: At program point L847-1(lines 839 867) the Hoare annotation is: (let ((.cse1 (= ~pumpRunning~0 0)) (.cse3 (not (= |timeShift_processEnvironment_~tmp~1#1| 0))) (.cse14 (<= 1 ~pumpRunning~0)) (.cse12 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= ~waterLevel~0 |timeShift_getWaterLevel_#res#1|)) (.cse20 (<= ~waterLevel~0 1)) (.cse4 (= 1 ~systemActive~0)) (.cse21 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse18 (<= |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1| ~waterLevel~0)) (.cse7 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse8 (and .cse14 .cse12 .cse0 .cse2 .cse20 .cse4 .cse21 .cse18 .cse7)) (.cse10 (not (<= 1 |old(~pumpRunning~0)|))) (.cse11 (and .cse0 .cse1 .cse2 .cse3 .cse20 .cse4 .cse21 .cse18 .cse7)) (.cse13 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse9 (not .cse4)) (.cse6 (not (<= 2 |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1|))) (.cse5 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse17 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6 .cse7) (not (<= |old(~waterLevel~0)| 1)) .cse8 .cse9 .cse10 .cse11 (and .cse12 .cse0 .cse2 .cse4 .cse5 .cse6 .cse7) .cse13) (let ((.cse15 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1| 2)) (.cse16 (= 2 |timeShift_getWaterLevel_#res#1|))) (or .cse0 .cse9 (and .cse14 .cse15 .cse16) (and .cse1 .cse15 .cse16) .cse17 (not (<= 2 |old(~waterLevel~0)|)))) (let ((.cse19 (= ~waterLevel~0 1))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse18 .cse19 .cse7) .cse9 .cse10 (not (< 1 |old(~waterLevel~0)|)) (and .cse12 .cse0 .cse2 .cse4 .cse18 .cse19 .cse7) .cse17)) (or .cse8 (not (= |old(~waterLevel~0)| 1)) .cse9 .cse10 .cse11 .cse13) (or .cse0 .cse9 (and .cse1 .cse2 .cse5 .cse6) (and (<= 2 ~waterLevel~0) .cse5) .cse17)))) [2022-11-25 18:35:35,300 INFO L895 garLoopResultBuilder]: At program point L426(lines 421 429) the Hoare annotation is: (let ((.cse6 (<= 1 ~pumpRunning~0)) (.cse13 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= ~pumpRunning~0 0)) (.cse3 (= ~waterLevel~0 |timeShift_getWaterLevel_#res#1|)) (.cse10 (not (= |timeShift_processEnvironment_~tmp~1#1| 0))) (.cse15 (<= ~waterLevel~0 1)) (.cse11 (= 1 ~systemActive~0)) (.cse16 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|)) (.cse12 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse4 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse8 (and .cse0 .cse2 .cse3 .cse10 .cse15 .cse11 .cse16 .cse12)) (.cse9 (and .cse6 .cse13 .cse3 .cse15 .cse11 .cse16 .cse12)) (.cse14 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse1 (not .cse11)) (.cse7 (not (<= 1 |old(~pumpRunning~0)|))) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (and .cse2 .cse3 .cse4) .cse5 (and .cse6 (= 2 ~waterLevel~0) (= 2 |timeShift_getWaterLevel_#res#1|) .cse4)) (or .cse1 .cse7 .cse8 (not (= |old(~waterLevel~0)| 2)) .cse9) (or (not (<= |old(~waterLevel~0)| 1)) .cse1 .cse7 .cse8 (and .cse0 .cse2 .cse3 .cse10 .cse11 .cse4 .cse12) (and .cse13 .cse3 .cse4 .cse12) .cse9 .cse14) (or (not (= |old(~waterLevel~0)| 1)) .cse1 .cse7 .cse8 .cse9 .cse14) (or .cse1 .cse7 (not (< 1 |old(~waterLevel~0)|)) (= ~waterLevel~0 1) .cse5)))) [2022-11-25 18:35:35,300 INFO L899 garLoopResultBuilder]: For program point L261(lines 261 265) no Hoare annotation was computed. [2022-11-25 18:35:35,300 INFO L899 garLoopResultBuilder]: For program point L261-2(lines 261 265) no Hoare annotation was computed. [2022-11-25 18:35:35,300 INFO L895 garLoopResultBuilder]: At program point L55(lines 50 57) the Hoare annotation is: (let ((.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (not (< 1 |old(~waterLevel~0)|)) .cse2) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse1 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2))) [2022-11-25 18:35:35,301 INFO L895 garLoopResultBuilder]: At program point L150(line 150) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= 1 ~systemActive~0)) (.cse1 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (and (<= 1 ~pumpRunning~0) .cse0 (<= ~waterLevel~0 1) .cse7 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse1)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (not .cse7)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) (and .cse0 (= ~waterLevel~0 1) .cse1) .cse5) (or (not (= |old(~waterLevel~0)| 1)) .cse2 .cse3 .cse4 .cse6) (or (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse5)))) [2022-11-25 18:35:35,301 INFO L899 garLoopResultBuilder]: For program point L852(lines 852 858) no Hoare annotation was computed. [2022-11-25 18:35:35,301 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 75 101) the Hoare annotation is: (let ((.cse0 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1))) (and (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse3) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse4 .cse5 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse2 .cse4 (not (< 1 |old(~waterLevel~0)|)) .cse3 .cse5)))) [2022-11-25 18:35:35,302 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 75 101) no Hoare annotation was computed. [2022-11-25 18:35:35,302 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 54) no Hoare annotation was computed. [2022-11-25 18:35:35,302 INFO L899 garLoopResultBuilder]: For program point L357(lines 357 361) no Hoare annotation was computed. [2022-11-25 18:35:35,302 INFO L895 garLoopResultBuilder]: At program point L836(lines 829 838) the Hoare annotation is: (let ((.cse0 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse3 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (<= 1 ~switchedOnBeforeTS~0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse2 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) .cse0) .cse1 .cse2) (or .cse3 .cse1 .cse4 (not (= |old(~waterLevel~0)| 2))) (or .cse3 .cse1 .cse4 .cse2 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))))) [2022-11-25 18:35:35,303 INFO L895 garLoopResultBuilder]: At program point L357-2(lines 353 364) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= 1 ~systemActive~0)) (.cse1 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse3 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (and (<= 1 ~pumpRunning~0) .cse0 (<= ~waterLevel~0 1) .cse7 (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) .cse1)) (.cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse2 (not .cse7)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse2 .cse3 (not (< 1 |old(~waterLevel~0)|)) (and .cse0 (= ~waterLevel~0 1) .cse1) .cse5) (or (not (= |old(~waterLevel~0)| 1)) .cse2 .cse3 .cse4 .cse6) (or (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse5)))) [2022-11-25 18:35:35,303 INFO L895 garLoopResultBuilder]: At program point L894(lines 890 896) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-25 18:35:35,303 INFO L895 garLoopResultBuilder]: At program point L341(lines 292 342) the Hoare annotation is: false [2022-11-25 18:35:35,303 INFO L902 garLoopResultBuilder]: At program point L977(lines 969 979) the Hoare annotation is: true [2022-11-25 18:35:35,303 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2022-11-25 18:35:35,304 INFO L899 garLoopResultBuilder]: For program point L990(lines 990 997) no Hoare annotation was computed. [2022-11-25 18:35:35,304 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startENTRY(line -1) no Hoare annotation was computed. [2022-11-25 18:35:35,304 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2022-11-25 18:35:35,306 INFO L899 garLoopResultBuilder]: For program point L990-2(lines 990 997) no Hoare annotation was computed. [2022-11-25 18:35:35,307 INFO L899 garLoopResultBuilder]: For program point L313(lines 313 319) no Hoare annotation was computed. [2022-11-25 18:35:35,307 INFO L899 garLoopResultBuilder]: For program point L313-1(lines 313 319) no Hoare annotation was computed. [2022-11-25 18:35:35,307 INFO L895 garLoopResultBuilder]: At program point L887(lines 883 889) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-25 18:35:35,307 INFO L895 garLoopResultBuilder]: At program point L276(lines 271 278) the Hoare annotation is: (let ((.cse3 (<= 1 ~pumpRunning~0)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1 .cse2) (and .cse3 (= 2 ~waterLevel~0) .cse0 .cse1) (and .cse3 .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2022-11-25 18:35:35,308 INFO L895 garLoopResultBuilder]: At program point L338(lines 293 340) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse5 (= 2 ~waterLevel~0)) (.cse4 (= ~pumpRunning~0 0)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)) (and .cse4 .cse5 .cse2 .cse3) (and .cse0 .cse5 .cse2 .cse3) (and .cse4 .cse1 .cse2 .cse3))) [2022-11-25 18:35:35,308 INFO L895 garLoopResultBuilder]: At program point L305(line 305) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse5 (= 2 ~waterLevel~0)) (.cse4 (= ~pumpRunning~0 0)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0)) (and .cse4 .cse5 .cse2 .cse3) (and .cse0 .cse5 .cse2 .cse3) (and .cse4 .cse1 .cse2 .cse3))) [2022-11-25 18:35:35,309 INFO L902 garLoopResultBuilder]: At program point L999(lines 980 1002) the Hoare annotation is: true [2022-11-25 18:35:35,309 INFO L895 garLoopResultBuilder]: At program point L966(lines 962 968) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-25 18:35:35,309 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-25 18:35:35,310 INFO L895 garLoopResultBuilder]: At program point L826(lines 821 828) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-25 18:35:35,310 INFO L899 garLoopResultBuilder]: For program point L331(lines 331 335) no Hoare annotation was computed. [2022-11-25 18:35:35,310 INFO L895 garLoopResultBuilder]: At program point L331-2(lines 323 336) the Hoare annotation is: (let ((.cse3 (<= 1 ~pumpRunning~0)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1 .cse2) (and .cse3 (= 2 ~waterLevel~0) .cse0 .cse1) (and .cse3 .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2022-11-25 18:35:35,310 INFO L899 garLoopResultBuilder]: For program point L294(lines 293 340) no Hoare annotation was computed. [2022-11-25 18:35:35,310 INFO L899 garLoopResultBuilder]: For program point L323(lines 323 336) no Hoare annotation was computed. [2022-11-25 18:35:35,311 INFO L895 garLoopResultBuilder]: At program point L315(line 315) the Hoare annotation is: (let ((.cse3 (<= 1 ~pumpRunning~0)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1 .cse2) (and .cse3 (= 2 ~waterLevel~0) .cse0 .cse1) (and .cse3 .cse0 .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0)))) [2022-11-25 18:35:35,311 INFO L902 garLoopResultBuilder]: At program point L344(lines 283 348) the Hoare annotation is: true [2022-11-25 18:35:35,311 INFO L899 garLoopResultBuilder]: For program point L303(lines 303 309) no Hoare annotation was computed. [2022-11-25 18:35:35,312 INFO L899 garLoopResultBuilder]: For program point L303-1(lines 303 309) no Hoare annotation was computed. [2022-11-25 18:35:35,314 INFO L899 garLoopResultBuilder]: For program point L295(lines 295 299) no Hoare annotation was computed. [2022-11-25 18:35:35,314 INFO L895 garLoopResultBuilder]: At program point L902(lines 897 905) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-25 18:35:35,314 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 110 134) the Hoare annotation is: (let ((.cse1 (not (<= ~waterLevel~0 1))) (.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (= ~pumpRunning~0 0)) (.cse0 (not (= 1 ~systemActive~0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse1 (not (<= 1 ~switchedOnBeforeTS~0))) (or .cse2 .cse3 .cse0 .cse1) (or .cse2 .cse3 .cse0 (not (= 2 ~waterLevel~0))))) [2022-11-25 18:35:35,314 INFO L895 garLoopResultBuilder]: At program point L124(line 124) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~0#1| 0)) (not (<= ~waterLevel~0 2))) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-25 18:35:35,317 INFO L895 garLoopResultBuilder]: At program point L248(lines 233 251) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (<= ~waterLevel~0 1)))) (and (or (and (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1| 0) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp___0~0#1| 0)) .cse0 .cse1 .cse2) (or .cse0 (= ~pumpRunning~0 0) .cse1 (not (<= ~waterLevel~0 2))) (or .cse1 (not (<= 1 |old(~pumpRunning~0)|)) .cse2 (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-25 18:35:35,317 INFO L899 garLoopResultBuilder]: For program point L118(lines 118 126) no Hoare annotation was computed. [2022-11-25 18:35:35,318 INFO L899 garLoopResultBuilder]: For program point L114(lines 114 131) no Hoare annotation was computed. [2022-11-25 18:35:35,318 INFO L899 garLoopResultBuilder]: For program point L434(lines 434 440) no Hoare annotation was computed. [2022-11-25 18:35:35,318 INFO L899 garLoopResultBuilder]: For program point L242(lines 242 246) no Hoare annotation was computed. [2022-11-25 18:35:35,318 INFO L899 garLoopResultBuilder]: For program point L242-2(lines 242 246) no Hoare annotation was computed. [2022-11-25 18:35:35,319 INFO L895 garLoopResultBuilder]: At program point L166(lines 161 168) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and (<= 1 ~pumpRunning~0) (= 2 ~waterLevel~0)) (not (<= ~waterLevel~0 2))) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-25 18:35:35,319 INFO L895 garLoopResultBuilder]: At program point L129(line 129) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (not (<= ~waterLevel~0 2))))) [2022-11-25 18:35:35,319 INFO L899 garLoopResultBuilder]: For program point L129-1(lines 110 134) no Hoare annotation was computed. [2022-11-25 18:35:35,319 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 110 134) no Hoare annotation was computed. [2022-11-25 18:35:35,320 INFO L895 garLoopResultBuilder]: At program point L439(lines 430 443) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (let ((.cse1 (= ~pumpRunning~0 0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and .cse1 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1| 1)) (and .cse1 (= 2 ~waterLevel~0)) (not (<= ~waterLevel~0 2)))) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) (not (<= ~waterLevel~0 1)) (not (<= 1 ~switchedOnBeforeTS~0))))) [2022-11-25 18:35:35,320 INFO L899 garLoopResultBuilder]: For program point L369-1(lines 365 376) no Hoare annotation was computed. [2022-11-25 18:35:35,320 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 365 376) no Hoare annotation was computed. [2022-11-25 18:35:35,320 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 365 376) the Hoare annotation is: (let ((.cse1 (not (<= 1 ~pumpRunning~0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 .cse1 (not (= |old(~waterLevel~0)| 2)) .cse2) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse2 (not (<= 1 ~switchedOnBeforeTS~0))) (or (not (= ~pumpRunning~0 0)) .cse0 .cse2 (not (<= |old(~waterLevel~0)| 2))))) [2022-11-25 18:35:35,321 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 188 196) no Hoare annotation was computed. [2022-11-25 18:35:35,321 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 188 196) the Hoare annotation is: true [2022-11-25 18:35:35,321 INFO L899 garLoopResultBuilder]: For program point isPumpRunningFINAL(lines 188 196) no Hoare annotation was computed. [2022-11-25 18:35:35,325 INFO L445 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-25 18:35:35,329 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-25 18:35:35,428 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 25.11 06:35:35 BoogieIcfgContainer [2022-11-25 18:35:35,428 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-25 18:35:35,429 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-25 18:35:35,429 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-25 18:35:35,431 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-25 18:35:35,432 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 25.11 06:35:13" (3/4) ... [2022-11-25 18:35:35,449 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-25 18:35:35,456 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-25 18:35:35,457 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-25 18:35:35,457 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-25 18:35:35,457 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-25 18:35:35,458 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-25 18:35:35,464 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-25 18:35:35,464 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-11-25 18:35:35,472 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 23 nodes and edges [2022-11-25 18:35:35,478 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 8 nodes and edges [2022-11-25 18:35:35,479 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 4 nodes and edges [2022-11-25 18:35:35,479 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-25 18:35:35,480 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-25 18:35:35,516 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && (((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2))) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-25 18:35:35,516 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-25 18:35:35,518 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && !(2 <= tmp)) && 1 <= switchedOnBeforeTS) || !(\old(waterLevel) <= 1)) || ((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((pumpRunning == \old(pumpRunning) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && 1 == systemActive) && \old(waterLevel) == waterLevel) && !(2 <= tmp)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((1 <= pumpRunning && tmp == 2) && 2 == \result)) || ((pumpRunning == 0 && tmp == 2) && 2 == \result)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && 1 == systemActive) && tmp <= waterLevel) && waterLevel == 1) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((((((pumpRunning == \old(pumpRunning) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && 1 == systemActive) && tmp <= waterLevel) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && (((((((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((pumpRunning == 0 && waterLevel == \result) && \old(waterLevel) == waterLevel) && !(2 <= tmp))) || (2 <= waterLevel && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) [2022-11-25 18:35:35,519 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(1 == systemActive) || (((pumpRunning == 0 && !(tmp == 0)) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) == 1) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && 2 == waterLevel) && \old(waterLevel) == waterLevel))) && (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-25 18:35:35,519 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-25 18:35:35,520 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && waterLevel == \result) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || (((1 <= pumpRunning && 2 == waterLevel) && 2 == \result) && \old(waterLevel) == waterLevel)) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) == 2)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && (((((((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || (((pumpRunning == \old(pumpRunning) && waterLevel == \result) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) [2022-11-25 18:35:35,521 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-25 18:35:35,521 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && \result == 1)) || (pumpRunning == 0 && 2 == waterLevel)) || !(waterLevel <= 2)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) [2022-11-25 18:35:35,521 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) <= 1) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-25 18:35:35,522 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((\result == 0 && tmp___0 == 0) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || !(waterLevel <= 1)) && (((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(waterLevel <= 2))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) [2022-11-25 18:35:35,522 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(1 == systemActive) || (((pumpRunning == 0 && !(tmp == 0)) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) && ((((!(\old(waterLevel) == 1) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((((((((pumpRunning == 0 && !(tmp == 0)) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-25 18:35:35,522 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (1 <= pumpRunning && 2 == waterLevel)) || !(waterLevel <= 2)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) [2022-11-25 18:35:35,590 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/bin/uautomizer-ZsLfNo2U6R/witness.graphml [2022-11-25 18:35:35,590 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-25 18:35:35,591 INFO L158 Benchmark]: Toolchain (without parser) took 22985.72ms. Allocated memory was 125.8MB in the beginning and 272.6MB in the end (delta: 146.8MB). Free memory was 82.3MB in the beginning and 121.7MB in the end (delta: -39.4MB). Peak memory consumption was 109.4MB. Max. memory is 16.1GB. [2022-11-25 18:35:35,591 INFO L158 Benchmark]: CDTParser took 0.32ms. Allocated memory is still 125.8MB. Free memory is still 73.7MB. There was no memory consumed. Max. memory is 16.1GB. [2022-11-25 18:35:35,592 INFO L158 Benchmark]: CACSL2BoogieTranslator took 501.69ms. Allocated memory is still 125.8MB. Free memory was 82.3MB in the beginning and 63.4MB in the end (delta: 18.9MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2022-11-25 18:35:35,593 INFO L158 Benchmark]: Boogie Procedure Inliner took 67.24ms. Allocated memory is still 125.8MB. Free memory was 63.4MB in the beginning and 60.9MB in the end (delta: 2.5MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-11-25 18:35:35,593 INFO L158 Benchmark]: Boogie Preprocessor took 53.18ms. Allocated memory is still 125.8MB. Free memory was 60.9MB in the beginning and 59.3MB in the end (delta: 1.6MB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-25 18:35:35,594 INFO L158 Benchmark]: RCFGBuilder took 664.16ms. Allocated memory was 125.8MB in the beginning and 157.3MB in the end (delta: 31.5MB). Free memory was 59.3MB in the beginning and 124.8MB in the end (delta: -65.5MB). Peak memory consumption was 23.0MB. Max. memory is 16.1GB. [2022-11-25 18:35:35,595 INFO L158 Benchmark]: TraceAbstraction took 21530.65ms. Allocated memory was 157.3MB in the beginning and 272.6MB in the end (delta: 115.3MB). Free memory was 123.5MB in the beginning and 128.0MB in the end (delta: -4.5MB). Peak memory consumption was 131.0MB. Max. memory is 16.1GB. [2022-11-25 18:35:35,595 INFO L158 Benchmark]: Witness Printer took 160.80ms. Allocated memory is still 272.6MB. Free memory was 128.0MB in the beginning and 121.7MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-25 18:35:35,599 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.32ms. Allocated memory is still 125.8MB. Free memory is still 73.7MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 501.69ms. Allocated memory is still 125.8MB. Free memory was 82.3MB in the beginning and 63.4MB in the end (delta: 18.9MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 67.24ms. Allocated memory is still 125.8MB. Free memory was 63.4MB in the beginning and 60.9MB in the end (delta: 2.5MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 53.18ms. Allocated memory is still 125.8MB. Free memory was 60.9MB in the beginning and 59.3MB in the end (delta: 1.6MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 664.16ms. Allocated memory was 125.8MB in the beginning and 157.3MB in the end (delta: 31.5MB). Free memory was 59.3MB in the beginning and 124.8MB in the end (delta: -65.5MB). Peak memory consumption was 23.0MB. Max. memory is 16.1GB. * TraceAbstraction took 21530.65ms. Allocated memory was 157.3MB in the beginning and 272.6MB in the end (delta: 115.3MB). Free memory was 123.5MB in the beginning and 128.0MB in the end (delta: -4.5MB). Peak memory consumption was 131.0MB. Max. memory is 16.1GB. * Witness Printer took 160.80ms. Allocated memory is still 272.6MB. Free memory was 128.0MB in the beginning and 121.7MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 54]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 93 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 21.3s, OverallIterations: 11, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 6.3s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 9.1s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2264 SdHoareTripleChecker+Valid, 3.4s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2223 mSDsluCounter, 5432 SdHoareTripleChecker+Invalid, 2.8s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 4196 mSDsCounter, 623 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 3684 IncrementalHoareTripleChecker+Invalid, 4307 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 623 mSolverCounterUnsat, 1236 mSDtfsCounter, 3684 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 838 GetRequests, 667 SyntacticMatches, 10 SemanticMatches, 161 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1239 ImplicationChecksByTransitivity, 2.4s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=592occurred in iteration=10, InterpolantAutomatonStates: 142, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.5s AutomataMinimizationTime, 11 MinimizatonAttempts, 274 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 43 LocationsWithAnnotation, 1363 PreInvPairs, 1644 NumberOfFragments, 2770 HoareAnnotationTreeSize, 1363 FomulaSimplifications, 2367 FormulaSimplificationTreeSizeReduction, 0.8s HoareSimplificationTime, 43 FomulaSimplificationsInter, 25091 FormulaSimplificationTreeSizeReductionInter, 8.1s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.4s SatisfiabilityAnalysisTime, 3.9s InterpolantComputationTime, 965 NumberOfCodeBlocks, 965 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 1224 ConstructedInterpolants, 0 QuantifiedInterpolants, 2388 SizeOfPredicates, 6 NumberOfNonLiveVariables, 887 ConjunctsInSsa, 21 ConjunctsInUnsatCore, 15 InterpolantComputations, 9 PerfectInterpolantSequences, 644/717 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 969]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 271]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0 && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) || (((1 <= pumpRunning && 2 == waterLevel) && 1 == systemActive) && splverifierCounter == 0)) || ((((1 <= pumpRunning && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) && 1 <= switchedOnBeforeTS) - InvariantResult [Line: 136]: Loop Invariant Derived loop invariant: (((((((!(1 == systemActive) || (((pumpRunning == 0 && !(tmp == 0)) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) == 1) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || ((1 <= pumpRunning && 2 == waterLevel) && \old(waterLevel) == waterLevel))) && (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 962]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 161]: Loop Invariant Derived loop invariant: (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (1 <= pumpRunning && 2 == waterLevel)) || !(waterLevel <= 2)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 829]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) && (((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) == 2))) && ((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 908]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 444]: Loop Invariant Derived loop invariant: (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 918]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 821]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 980]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 293]: Loop Invariant Derived loop invariant: ((((((1 <= pumpRunning && waterLevel <= 1) && 1 == systemActive) && splverifierCounter == 0) && 1 <= switchedOnBeforeTS) || (((pumpRunning == 0 && 2 == waterLevel) && 1 == systemActive) && splverifierCounter == 0)) || (((1 <= pumpRunning && 2 == waterLevel) && 1 == systemActive) && splverifierCounter == 0)) || (((pumpRunning == 0 && waterLevel <= 1) && 1 == systemActive) && splverifierCounter == 0) - InvariantResult [Line: 353]: Loop Invariant Derived loop invariant: (((((((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 883]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 292]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 252]: Loop Invariant Derived loop invariant: ((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) <= 1) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 897]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 169]: Loop Invariant Derived loop invariant: ((((((!(1 == systemActive) || (((pumpRunning == 0 && !(tmp == 0)) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) && ((((!(\old(waterLevel) == 1) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((((((((pumpRunning == 0 && !(tmp == 0)) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(\old(waterLevel) <= 2)) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 50]: Loop Invariant Derived loop invariant: ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) && (((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 <= \old(switchedOnBeforeTS)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 283]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 421]: Loop Invariant Derived loop invariant: (((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && waterLevel == \result) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || (((1 <= pumpRunning && 2 == waterLevel) && 2 == \result) && \old(waterLevel) == waterLevel)) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) == 2)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS))) && (((((((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || (((pumpRunning == \old(pumpRunning) && waterLevel == \result) && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || (((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || ((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 890]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 233]: Loop Invariant Derived loop invariant: (((((\result == 0 && tmp___0 == 0) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || !(waterLevel <= 1)) && (((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(waterLevel <= 2))) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 839]: Loop Invariant Derived loop invariant: (((((((((((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && 1 == systemActive) && \old(waterLevel) == waterLevel) && !(2 <= tmp)) && 1 <= switchedOnBeforeTS) || !(\old(waterLevel) <= 1)) || ((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS)) || ((((((pumpRunning == \old(pumpRunning) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && 1 == systemActive) && \old(waterLevel) == waterLevel) && !(2 <= tmp)) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((1 <= pumpRunning && tmp == 2) && 2 == \result)) || ((pumpRunning == 0 && tmp == 2) && 2 == \result)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && 1 == systemActive) && tmp <= waterLevel) && waterLevel == 1) && 1 <= switchedOnBeforeTS) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || !(1 < \old(waterLevel))) || ((((((pumpRunning == \old(pumpRunning) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && 1 == systemActive) && tmp <= waterLevel) && waterLevel == 1) && 1 <= switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && (((((((((((((1 <= pumpRunning && pumpRunning == \old(pumpRunning)) && !(\old(pumpRunning) == 0)) && waterLevel == \result) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(1 <= \old(pumpRunning))) || ((((((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && waterLevel == \result) && !(tmp == 0)) && waterLevel <= 1) && 1 == systemActive) && waterLevel + 1 <= \old(waterLevel)) && tmp <= waterLevel) && 1 <= switchedOnBeforeTS)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((pumpRunning == 0 && waterLevel == \result) && \old(waterLevel) == waterLevel) && !(2 <= tmp))) || (2 <= waterLevel && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 430]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && \result == 1)) || (pumpRunning == 0 && 2 == waterLevel)) || !(waterLevel <= 2)) && (((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(waterLevel <= 1)) || !(1 <= switchedOnBeforeTS)) RESULT: Ultimate proved your program to be correct! [2022-11-25 18:35:35,682 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_6efecfe8-f997-496a-a264-82acb3837f0c/bin/uautomizer-ZsLfNo2U6R/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE