./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec1_product60.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version e7bb482b Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec1_product60.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 0fa225959be52b1defd5d055d32ae3a8dd944c37a01adb589e2f547028e60f67 --- Real Ultimate output --- This is Ultimate 0.2.3-dev-e7bb482 [2023-11-06 22:18:06,967 INFO L188 SettingsManager]: Resetting all preferences to default values... [2023-11-06 22:18:07,039 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/config/svcomp-Reach-32bit-Automizer_Default.epf [2023-11-06 22:18:07,050 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2023-11-06 22:18:07,054 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2023-11-06 22:18:07,092 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2023-11-06 22:18:07,093 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2023-11-06 22:18:07,094 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2023-11-06 22:18:07,095 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2023-11-06 22:18:07,100 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2023-11-06 22:18:07,102 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2023-11-06 22:18:07,102 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2023-11-06 22:18:07,103 INFO L153 SettingsManager]: * Use SBE=true [2023-11-06 22:18:07,104 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2023-11-06 22:18:07,105 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2023-11-06 22:18:07,105 INFO L153 SettingsManager]: * sizeof long=4 [2023-11-06 22:18:07,106 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2023-11-06 22:18:07,106 INFO L153 SettingsManager]: * sizeof POINTER=4 [2023-11-06 22:18:07,107 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2023-11-06 22:18:07,107 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2023-11-06 22:18:07,108 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2023-11-06 22:18:07,109 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2023-11-06 22:18:07,109 INFO L153 SettingsManager]: * sizeof long double=12 [2023-11-06 22:18:07,110 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2023-11-06 22:18:07,110 INFO L153 SettingsManager]: * Use constant arrays=true [2023-11-06 22:18:07,111 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2023-11-06 22:18:07,112 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2023-11-06 22:18:07,112 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2023-11-06 22:18:07,113 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2023-11-06 22:18:07,113 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2023-11-06 22:18:07,114 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2023-11-06 22:18:07,115 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2023-11-06 22:18:07,115 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2023-11-06 22:18:07,116 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2023-11-06 22:18:07,116 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2023-11-06 22:18:07,116 INFO L153 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2023-11-06 22:18:07,117 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2023-11-06 22:18:07,117 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2023-11-06 22:18:07,117 INFO L153 SettingsManager]: * Independence relation used for large block encoding in concurrent analysis=SYNTACTIC [2023-11-06 22:18:07,118 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 0fa225959be52b1defd5d055d32ae3a8dd944c37a01adb589e2f547028e60f67 [2023-11-06 22:18:07,431 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2023-11-06 22:18:07,462 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2023-11-06 22:18:07,465 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2023-11-06 22:18:07,467 INFO L270 PluginConnector]: Initializing CDTParser... [2023-11-06 22:18:07,468 INFO L274 PluginConnector]: CDTParser initialized [2023-11-06 22:18:07,469 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/../../sv-benchmarks/c/product-lines/minepump_spec1_product60.cil.c [2023-11-06 22:18:10,633 INFO L533 CDTParser]: Created temporary CDT project at NULL [2023-11-06 22:18:10,981 INFO L384 CDTParser]: Found 1 translation units. [2023-11-06 22:18:10,982 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/sv-benchmarks/c/product-lines/minepump_spec1_product60.cil.c [2023-11-06 22:18:10,996 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/data/a0633fd04/a51017beef7c47f499a694ca56f89991/FLAG903558a44 [2023-11-06 22:18:11,012 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/data/a0633fd04/a51017beef7c47f499a694ca56f89991 [2023-11-06 22:18:11,015 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2023-11-06 22:18:11,017 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2023-11-06 22:18:11,018 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2023-11-06 22:18:11,018 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2023-11-06 22:18:11,024 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2023-11-06 22:18:11,025 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 06.11 10:18:11" (1/1) ... [2023-11-06 22:18:11,027 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6d17b5a6 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:11, skipping insertion in model container [2023-11-06 22:18:11,027 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 06.11 10:18:11" (1/1) ... [2023-11-06 22:18:11,079 INFO L177 MainTranslator]: Built tables and reachable declarations [2023-11-06 22:18:11,453 WARN L240 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/sv-benchmarks/c/product-lines/minepump_spec1_product60.cil.c[14569,14582] [2023-11-06 22:18:11,498 INFO L209 PostProcessor]: Analyzing one entry point: main [2023-11-06 22:18:11,515 INFO L202 MainTranslator]: Completed pre-run [2023-11-06 22:18:11,525 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] [2023-11-06 22:18:11,527 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [153] [2023-11-06 22:18:11,528 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [262] [2023-11-06 22:18:11,528 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [290] [2023-11-06 22:18:11,529 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [656] [2023-11-06 22:18:11,529 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [665] [2023-11-06 22:18:11,534 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [736] [2023-11-06 22:18:11,534 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [976] [2023-11-06 22:18:11,575 WARN L240 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/sv-benchmarks/c/product-lines/minepump_spec1_product60.cil.c[14569,14582] [2023-11-06 22:18:11,602 INFO L209 PostProcessor]: Analyzing one entry point: main [2023-11-06 22:18:11,632 INFO L206 MainTranslator]: Completed translation [2023-11-06 22:18:11,632 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:11 WrapperNode [2023-11-06 22:18:11,633 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2023-11-06 22:18:11,634 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2023-11-06 22:18:11,634 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2023-11-06 22:18:11,635 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2023-11-06 22:18:11,643 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:11" (1/1) ... [2023-11-06 22:18:11,673 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:11" (1/1) ... [2023-11-06 22:18:11,720 INFO L138 Inliner]: procedures = 58, calls = 103, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 221 [2023-11-06 22:18:11,721 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2023-11-06 22:18:11,721 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2023-11-06 22:18:11,722 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2023-11-06 22:18:11,722 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2023-11-06 22:18:11,732 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:11" (1/1) ... [2023-11-06 22:18:11,732 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:11" (1/1) ... [2023-11-06 22:18:11,735 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:11" (1/1) ... [2023-11-06 22:18:11,735 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:11" (1/1) ... [2023-11-06 22:18:11,742 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:11" (1/1) ... [2023-11-06 22:18:11,746 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:11" (1/1) ... [2023-11-06 22:18:11,748 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:11" (1/1) ... [2023-11-06 22:18:11,761 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:11" (1/1) ... [2023-11-06 22:18:11,764 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2023-11-06 22:18:11,766 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2023-11-06 22:18:11,766 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2023-11-06 22:18:11,766 INFO L274 PluginConnector]: RCFGBuilder initialized [2023-11-06 22:18:11,767 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:11" (1/1) ... [2023-11-06 22:18:11,788 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2023-11-06 22:18:11,803 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/z3 [2023-11-06 22:18:11,815 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2023-11-06 22:18:11,836 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2023-11-06 22:18:11,868 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2023-11-06 22:18:11,868 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2023-11-06 22:18:11,868 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2023-11-06 22:18:11,869 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2023-11-06 22:18:11,871 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2023-11-06 22:18:11,871 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2023-11-06 22:18:11,872 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2023-11-06 22:18:11,872 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2023-11-06 22:18:11,872 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2023-11-06 22:18:11,872 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2023-11-06 22:18:11,873 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2023-11-06 22:18:11,873 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2023-11-06 22:18:11,873 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2023-11-06 22:18:11,873 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2023-11-06 22:18:11,873 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2023-11-06 22:18:11,874 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2023-11-06 22:18:11,875 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2023-11-06 22:18:11,875 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2023-11-06 22:18:11,875 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2023-11-06 22:18:11,876 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2023-11-06 22:18:11,996 INFO L236 CfgBuilder]: Building ICFG [2023-11-06 22:18:11,998 INFO L262 CfgBuilder]: Building CFG for each procedure with an implementation [2023-11-06 22:18:12,432 INFO L277 CfgBuilder]: Performing block encoding [2023-11-06 22:18:12,440 INFO L297 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2023-11-06 22:18:12,440 INFO L302 CfgBuilder]: Removed 2 assume(true) statements. [2023-11-06 22:18:12,442 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 06.11 10:18:12 BoogieIcfgContainer [2023-11-06 22:18:12,443 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2023-11-06 22:18:12,446 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2023-11-06 22:18:12,446 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2023-11-06 22:18:12,450 INFO L274 PluginConnector]: TraceAbstraction initialized [2023-11-06 22:18:12,450 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 06.11 10:18:11" (1/3) ... [2023-11-06 22:18:12,451 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@367750c8 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 06.11 10:18:12, skipping insertion in model container [2023-11-06 22:18:12,451 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:11" (2/3) ... [2023-11-06 22:18:12,452 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@367750c8 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 06.11 10:18:12, skipping insertion in model container [2023-11-06 22:18:12,452 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 06.11 10:18:12" (3/3) ... [2023-11-06 22:18:12,453 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product60.cil.c [2023-11-06 22:18:12,475 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2023-11-06 22:18:12,476 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2023-11-06 22:18:12,532 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2023-11-06 22:18:12,540 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@48c871f7, mLbeIndependenceSettings=[IndependenceType=SYNTACTIC, AbstractionType=NONE, UseConditional=, UseSemiCommutativity=, Solver=, SolverTimeout=] [2023-11-06 22:18:12,540 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2023-11-06 22:18:12,545 INFO L276 IsEmpty]: Start isEmpty. Operand has 99 states, 75 states have (on average 1.3733333333333333) internal successors, (103), 84 states have internal predecessors, (103), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) [2023-11-06 22:18:12,555 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2023-11-06 22:18:12,556 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:18:12,557 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:18:12,557 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:18:12,563 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:18:12,563 INFO L85 PathProgramCache]: Analyzing trace with hash 47908020, now seen corresponding path program 1 times [2023-11-06 22:18:12,573 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:18:12,574 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [122416958] [2023-11-06 22:18:12,574 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:18:12,575 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:18:12,695 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:12,795 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2023-11-06 22:18:12,798 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:12,804 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2023-11-06 22:18:12,804 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:18:12,805 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [122416958] [2023-11-06 22:18:12,806 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [122416958] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:18:12,806 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:18:12,806 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2023-11-06 22:18:12,808 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1482310679] [2023-11-06 22:18:12,809 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:18:12,813 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2023-11-06 22:18:12,814 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:18:12,844 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2023-11-06 22:18:12,845 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2023-11-06 22:18:12,848 INFO L87 Difference]: Start difference. First operand has 99 states, 75 states have (on average 1.3733333333333333) internal successors, (103), 84 states have internal predecessors, (103), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2023-11-06 22:18:12,885 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:18:12,886 INFO L93 Difference]: Finished difference Result 190 states and 257 transitions. [2023-11-06 22:18:12,887 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2023-11-06 22:18:12,888 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2023-11-06 22:18:12,889 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:18:12,898 INFO L225 Difference]: With dead ends: 190 [2023-11-06 22:18:12,898 INFO L226 Difference]: Without dead ends: 90 [2023-11-06 22:18:12,902 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2023-11-06 22:18:12,909 INFO L413 NwaCegarLoop]: 125 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 125 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-11-06 22:18:12,911 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 125 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-11-06 22:18:12,937 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 90 states. [2023-11-06 22:18:12,964 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 90 to 90. [2023-11-06 22:18:12,966 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 90 states, 68 states have (on average 1.3088235294117647) internal successors, (89), 76 states have internal predecessors, (89), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2023-11-06 22:18:12,970 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 90 states to 90 states and 116 transitions. [2023-11-06 22:18:12,971 INFO L78 Accepts]: Start accepts. Automaton has 90 states and 116 transitions. Word has length 23 [2023-11-06 22:18:12,972 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:18:12,972 INFO L495 AbstractCegarLoop]: Abstraction has 90 states and 116 transitions. [2023-11-06 22:18:12,973 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2023-11-06 22:18:12,973 INFO L276 IsEmpty]: Start isEmpty. Operand 90 states and 116 transitions. [2023-11-06 22:18:12,976 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2023-11-06 22:18:12,976 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:18:12,977 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:18:12,977 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2023-11-06 22:18:12,977 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:18:12,978 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:18:12,978 INFO L85 PathProgramCache]: Analyzing trace with hash 776313737, now seen corresponding path program 1 times [2023-11-06 22:18:12,979 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:18:12,979 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1951805980] [2023-11-06 22:18:12,979 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:18:12,980 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:18:13,000 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:13,105 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2023-11-06 22:18:13,107 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:13,111 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2023-11-06 22:18:13,111 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:18:13,111 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1951805980] [2023-11-06 22:18:13,112 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1951805980] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:18:13,112 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:18:13,112 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2023-11-06 22:18:13,113 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1867795848] [2023-11-06 22:18:13,113 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:18:13,114 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2023-11-06 22:18:13,115 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:18:13,116 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2023-11-06 22:18:13,116 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-11-06 22:18:13,116 INFO L87 Difference]: Start difference. First operand 90 states and 116 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2023-11-06 22:18:13,152 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:18:13,152 INFO L93 Difference]: Finished difference Result 141 states and 181 transitions. [2023-11-06 22:18:13,153 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2023-11-06 22:18:13,153 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2023-11-06 22:18:13,153 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:18:13,155 INFO L225 Difference]: With dead ends: 141 [2023-11-06 22:18:13,156 INFO L226 Difference]: Without dead ends: 81 [2023-11-06 22:18:13,157 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-11-06 22:18:13,159 INFO L413 NwaCegarLoop]: 103 mSDtfsCounter, 17 mSDsluCounter, 81 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 184 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-11-06 22:18:13,159 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 184 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-11-06 22:18:13,161 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 81 states. [2023-11-06 22:18:13,174 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 81 to 81. [2023-11-06 22:18:13,174 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 81 states, 62 states have (on average 1.3225806451612903) internal successors, (82), 70 states have internal predecessors, (82), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 8 states have call predecessors, (11), 11 states have call successors, (11) [2023-11-06 22:18:13,178 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 81 states to 81 states and 104 transitions. [2023-11-06 22:18:13,179 INFO L78 Accepts]: Start accepts. Automaton has 81 states and 104 transitions. Word has length 24 [2023-11-06 22:18:13,179 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:18:13,179 INFO L495 AbstractCegarLoop]: Abstraction has 81 states and 104 transitions. [2023-11-06 22:18:13,180 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2023-11-06 22:18:13,180 INFO L276 IsEmpty]: Start isEmpty. Operand 81 states and 104 transitions. [2023-11-06 22:18:13,182 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2023-11-06 22:18:13,182 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:18:13,182 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:18:13,184 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2023-11-06 22:18:13,185 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:18:13,185 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:18:13,185 INFO L85 PathProgramCache]: Analyzing trace with hash -6644295, now seen corresponding path program 1 times [2023-11-06 22:18:13,186 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:18:13,186 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1796212882] [2023-11-06 22:18:13,186 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:18:13,187 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:18:13,213 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:13,341 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2023-11-06 22:18:13,345 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:13,349 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2023-11-06 22:18:13,352 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:18:13,352 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1796212882] [2023-11-06 22:18:13,353 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1796212882] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:18:13,355 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:18:13,356 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2023-11-06 22:18:13,356 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1852934194] [2023-11-06 22:18:13,358 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:18:13,358 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2023-11-06 22:18:13,359 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:18:13,360 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2023-11-06 22:18:13,360 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-11-06 22:18:13,361 INFO L87 Difference]: Start difference. First operand 81 states and 104 transitions. Second operand has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2023-11-06 22:18:13,440 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:18:13,440 INFO L93 Difference]: Finished difference Result 227 states and 297 transitions. [2023-11-06 22:18:13,443 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2023-11-06 22:18:13,444 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 29 [2023-11-06 22:18:13,444 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:18:13,447 INFO L225 Difference]: With dead ends: 227 [2023-11-06 22:18:13,447 INFO L226 Difference]: Without dead ends: 153 [2023-11-06 22:18:13,448 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-11-06 22:18:13,449 INFO L413 NwaCegarLoop]: 119 mSDtfsCounter, 96 mSDsluCounter, 92 mSDsCounter, 0 mSdLazyCounter, 4 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 96 SdHoareTripleChecker+Valid, 211 SdHoareTripleChecker+Invalid, 5 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 4 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-11-06 22:18:13,450 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [96 Valid, 211 Invalid, 5 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 4 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-11-06 22:18:13,451 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 153 states. [2023-11-06 22:18:13,481 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 153 to 150. [2023-11-06 22:18:13,488 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 150 states, 113 states have (on average 1.345132743362832) internal successors, (152), 128 states have internal predecessors, (152), 22 states have call successors, (22), 14 states have call predecessors, (22), 14 states have return successors, (22), 15 states have call predecessors, (22), 22 states have call successors, (22) [2023-11-06 22:18:13,492 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 150 states to 150 states and 196 transitions. [2023-11-06 22:18:13,493 INFO L78 Accepts]: Start accepts. Automaton has 150 states and 196 transitions. Word has length 29 [2023-11-06 22:18:13,493 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:18:13,493 INFO L495 AbstractCegarLoop]: Abstraction has 150 states and 196 transitions. [2023-11-06 22:18:13,494 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.666666666666666) internal successors, (26), 3 states have internal predecessors, (26), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2023-11-06 22:18:13,494 INFO L276 IsEmpty]: Start isEmpty. Operand 150 states and 196 transitions. [2023-11-06 22:18:13,496 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2023-11-06 22:18:13,496 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:18:13,496 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:18:13,496 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2023-11-06 22:18:13,497 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:18:13,497 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:18:13,497 INFO L85 PathProgramCache]: Analyzing trace with hash -999312607, now seen corresponding path program 1 times [2023-11-06 22:18:13,498 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:18:13,498 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [473239064] [2023-11-06 22:18:13,498 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:18:13,498 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:18:13,539 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:13,701 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2023-11-06 22:18:13,703 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:13,709 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2023-11-06 22:18:13,715 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:18:13,715 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [473239064] [2023-11-06 22:18:13,716 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [473239064] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:18:13,716 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:18:13,716 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2023-11-06 22:18:13,716 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [136436040] [2023-11-06 22:18:13,717 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:18:13,717 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2023-11-06 22:18:13,719 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:18:13,720 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2023-11-06 22:18:13,721 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2023-11-06 22:18:13,721 INFO L87 Difference]: Start difference. First operand 150 states and 196 transitions. Second operand has 5 states, 5 states have (on average 5.8) internal successors, (29), 5 states have internal predecessors, (29), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2023-11-06 22:18:13,859 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:18:13,860 INFO L93 Difference]: Finished difference Result 386 states and 515 transitions. [2023-11-06 22:18:13,860 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2023-11-06 22:18:13,860 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.8) internal successors, (29), 5 states have internal predecessors, (29), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 32 [2023-11-06 22:18:13,862 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:18:13,868 INFO L225 Difference]: With dead ends: 386 [2023-11-06 22:18:13,868 INFO L226 Difference]: Without dead ends: 243 [2023-11-06 22:18:13,870 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2023-11-06 22:18:13,877 INFO L413 NwaCegarLoop]: 101 mSDtfsCounter, 61 mSDsluCounter, 263 mSDsCounter, 0 mSdLazyCounter, 29 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 61 SdHoareTripleChecker+Valid, 364 SdHoareTripleChecker+Invalid, 39 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 29 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2023-11-06 22:18:13,877 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [61 Valid, 364 Invalid, 39 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 29 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2023-11-06 22:18:13,881 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 243 states. [2023-11-06 22:18:13,944 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 243 to 234. [2023-11-06 22:18:13,945 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 234 states, 177 states have (on average 1.305084745762712) internal successors, (231), 194 states have internal predecessors, (231), 30 states have call successors, (30), 26 states have call predecessors, (30), 26 states have return successors, (38), 27 states have call predecessors, (38), 30 states have call successors, (38) [2023-11-06 22:18:13,953 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 234 states to 234 states and 299 transitions. [2023-11-06 22:18:13,953 INFO L78 Accepts]: Start accepts. Automaton has 234 states and 299 transitions. Word has length 32 [2023-11-06 22:18:13,953 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:18:13,954 INFO L495 AbstractCegarLoop]: Abstraction has 234 states and 299 transitions. [2023-11-06 22:18:13,954 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.8) internal successors, (29), 5 states have internal predecessors, (29), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2023-11-06 22:18:13,954 INFO L276 IsEmpty]: Start isEmpty. Operand 234 states and 299 transitions. [2023-11-06 22:18:13,960 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2023-11-06 22:18:13,963 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:18:13,964 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:18:13,965 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2023-11-06 22:18:13,965 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:18:13,965 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:18:13,966 INFO L85 PathProgramCache]: Analyzing trace with hash -482422855, now seen corresponding path program 1 times [2023-11-06 22:18:13,966 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:18:13,967 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1510793284] [2023-11-06 22:18:13,967 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:18:13,967 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:18:14,000 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:14,090 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2023-11-06 22:18:14,096 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:14,138 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-06 22:18:14,139 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:14,141 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 42 [2023-11-06 22:18:14,143 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:14,145 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2023-11-06 22:18:14,145 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:18:14,146 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1510793284] [2023-11-06 22:18:14,146 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1510793284] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:18:14,146 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:18:14,146 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2023-11-06 22:18:14,147 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1254928081] [2023-11-06 22:18:14,147 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:18:14,147 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2023-11-06 22:18:14,147 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:18:14,148 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2023-11-06 22:18:14,148 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2023-11-06 22:18:14,149 INFO L87 Difference]: Start difference. First operand 234 states and 299 transitions. Second operand has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2023-11-06 22:18:14,385 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:18:14,385 INFO L93 Difference]: Finished difference Result 523 states and 686 transitions. [2023-11-06 22:18:14,386 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2023-11-06 22:18:14,387 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 51 [2023-11-06 22:18:14,388 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:18:14,395 INFO L225 Difference]: With dead ends: 523 [2023-11-06 22:18:14,395 INFO L226 Difference]: Without dead ends: 296 [2023-11-06 22:18:14,397 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=29, Invalid=61, Unknown=0, NotChecked=0, Total=90 [2023-11-06 22:18:14,404 INFO L413 NwaCegarLoop]: 82 mSDtfsCounter, 63 mSDsluCounter, 272 mSDsCounter, 0 mSdLazyCounter, 129 mSolverCounterSat, 19 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 66 SdHoareTripleChecker+Valid, 354 SdHoareTripleChecker+Invalid, 148 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 19 IncrementalHoareTripleChecker+Valid, 129 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2023-11-06 22:18:14,405 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [66 Valid, 354 Invalid, 148 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [19 Valid, 129 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2023-11-06 22:18:14,407 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 296 states. [2023-11-06 22:18:14,464 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 296 to 284. [2023-11-06 22:18:14,465 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 284 states, 217 states have (on average 1.2764976958525345) internal successors, (277), 234 states have internal predecessors, (277), 34 states have call successors, (34), 26 states have call predecessors, (34), 32 states have return successors, (48), 35 states have call predecessors, (48), 34 states have call successors, (48) [2023-11-06 22:18:14,469 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 284 states to 284 states and 359 transitions. [2023-11-06 22:18:14,469 INFO L78 Accepts]: Start accepts. Automaton has 284 states and 359 transitions. Word has length 51 [2023-11-06 22:18:14,470 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:18:14,470 INFO L495 AbstractCegarLoop]: Abstraction has 284 states and 359 transitions. [2023-11-06 22:18:14,473 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2023-11-06 22:18:14,474 INFO L276 IsEmpty]: Start isEmpty. Operand 284 states and 359 transitions. [2023-11-06 22:18:14,478 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2023-11-06 22:18:14,478 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:18:14,479 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:18:14,479 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2023-11-06 22:18:14,479 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:18:14,489 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:18:14,490 INFO L85 PathProgramCache]: Analyzing trace with hash -420383241, now seen corresponding path program 1 times [2023-11-06 22:18:14,496 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:18:14,497 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [661073249] [2023-11-06 22:18:14,497 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:18:14,497 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:18:14,515 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:14,570 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2023-11-06 22:18:14,575 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:14,607 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-06 22:18:14,609 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:14,610 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 42 [2023-11-06 22:18:14,612 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:14,614 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2023-11-06 22:18:14,614 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:18:14,614 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [661073249] [2023-11-06 22:18:14,614 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [661073249] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:18:14,614 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:18:14,615 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2023-11-06 22:18:14,615 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2004345949] [2023-11-06 22:18:14,615 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:18:14,616 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2023-11-06 22:18:14,616 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:18:14,616 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2023-11-06 22:18:14,617 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2023-11-06 22:18:14,617 INFO L87 Difference]: Start difference. First operand 284 states and 359 transitions. Second operand has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2023-11-06 22:18:14,768 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:18:14,768 INFO L93 Difference]: Finished difference Result 579 states and 750 transitions. [2023-11-06 22:18:14,769 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2023-11-06 22:18:14,769 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) Word has length 51 [2023-11-06 22:18:14,769 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:18:14,772 INFO L225 Difference]: With dead ends: 579 [2023-11-06 22:18:14,772 INFO L226 Difference]: Without dead ends: 302 [2023-11-06 22:18:14,773 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2023-11-06 22:18:14,781 INFO L413 NwaCegarLoop]: 83 mSDtfsCounter, 66 mSDsluCounter, 195 mSDsCounter, 0 mSdLazyCounter, 99 mSolverCounterSat, 15 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 70 SdHoareTripleChecker+Valid, 278 SdHoareTripleChecker+Invalid, 114 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 15 IncrementalHoareTripleChecker+Valid, 99 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2023-11-06 22:18:14,783 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [70 Valid, 278 Invalid, 114 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [15 Valid, 99 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2023-11-06 22:18:14,785 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 302 states. [2023-11-06 22:18:14,821 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 302 to 288. [2023-11-06 22:18:14,822 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 288 states, 221 states have (on average 1.2714932126696832) internal successors, (281), 238 states have internal predecessors, (281), 34 states have call successors, (34), 26 states have call predecessors, (34), 32 states have return successors, (48), 35 states have call predecessors, (48), 34 states have call successors, (48) [2023-11-06 22:18:14,824 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 288 states to 288 states and 363 transitions. [2023-11-06 22:18:14,825 INFO L78 Accepts]: Start accepts. Automaton has 288 states and 363 transitions. Word has length 51 [2023-11-06 22:18:14,825 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:18:14,825 INFO L495 AbstractCegarLoop]: Abstraction has 288 states and 363 transitions. [2023-11-06 22:18:14,825 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 1 states have call predecessors, (3), 2 states have call successors, (3) [2023-11-06 22:18:14,826 INFO L276 IsEmpty]: Start isEmpty. Operand 288 states and 363 transitions. [2023-11-06 22:18:14,826 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2023-11-06 22:18:14,827 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:18:14,827 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:18:14,827 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2023-11-06 22:18:14,827 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:18:14,828 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:18:14,828 INFO L85 PathProgramCache]: Analyzing trace with hash -929856331, now seen corresponding path program 1 times [2023-11-06 22:18:14,828 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:18:14,828 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [80116920] [2023-11-06 22:18:14,828 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:18:14,828 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:18:14,842 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:14,926 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2023-11-06 22:18:14,931 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:14,977 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-06 22:18:14,978 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:14,981 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 42 [2023-11-06 22:18:14,982 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:14,983 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2023-11-06 22:18:14,983 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:18:14,984 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [80116920] [2023-11-06 22:18:14,984 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [80116920] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:18:14,984 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:18:14,984 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2023-11-06 22:18:14,984 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [247748359] [2023-11-06 22:18:14,984 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:18:14,985 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2023-11-06 22:18:14,985 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:18:14,985 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2023-11-06 22:18:14,986 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2023-11-06 22:18:14,986 INFO L87 Difference]: Start difference. First operand 288 states and 363 transitions. Second operand has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2023-11-06 22:18:15,275 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:18:15,276 INFO L93 Difference]: Finished difference Result 820 states and 1073 transitions. [2023-11-06 22:18:15,276 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2023-11-06 22:18:15,277 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 51 [2023-11-06 22:18:15,277 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:18:15,282 INFO L225 Difference]: With dead ends: 820 [2023-11-06 22:18:15,283 INFO L226 Difference]: Without dead ends: 539 [2023-11-06 22:18:15,284 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 9 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2023-11-06 22:18:15,288 INFO L413 NwaCegarLoop]: 124 mSDtfsCounter, 218 mSDsluCounter, 175 mSDsCounter, 0 mSdLazyCounter, 129 mSolverCounterSat, 61 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 224 SdHoareTripleChecker+Valid, 299 SdHoareTripleChecker+Invalid, 190 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 61 IncrementalHoareTripleChecker+Valid, 129 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2023-11-06 22:18:15,288 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [224 Valid, 299 Invalid, 190 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [61 Valid, 129 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2023-11-06 22:18:15,290 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 539 states. [2023-11-06 22:18:15,355 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 539 to 532. [2023-11-06 22:18:15,357 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 532 states, 405 states have (on average 1.2444444444444445) internal successors, (504), 431 states have internal predecessors, (504), 65 states have call successors, (65), 59 states have call predecessors, (65), 61 states have return successors, (103), 64 states have call predecessors, (103), 65 states have call successors, (103) [2023-11-06 22:18:15,363 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 532 states to 532 states and 672 transitions. [2023-11-06 22:18:15,364 INFO L78 Accepts]: Start accepts. Automaton has 532 states and 672 transitions. Word has length 51 [2023-11-06 22:18:15,364 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:18:15,364 INFO L495 AbstractCegarLoop]: Abstraction has 532 states and 672 transitions. [2023-11-06 22:18:15,365 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.4) internal successors, (42), 4 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2023-11-06 22:18:15,365 INFO L276 IsEmpty]: Start isEmpty. Operand 532 states and 672 transitions. [2023-11-06 22:18:15,367 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2023-11-06 22:18:15,367 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:18:15,367 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:18:15,367 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2023-11-06 22:18:15,368 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:18:15,368 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:18:15,368 INFO L85 PathProgramCache]: Analyzing trace with hash -1982280369, now seen corresponding path program 1 times [2023-11-06 22:18:15,368 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:18:15,369 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2004447049] [2023-11-06 22:18:15,369 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:18:15,369 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:18:15,406 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:15,490 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2023-11-06 22:18:15,492 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:15,502 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2023-11-06 22:18:15,507 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:15,515 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-06 22:18:15,516 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:15,518 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 46 [2023-11-06 22:18:15,519 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:15,540 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2023-11-06 22:18:15,541 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:18:15,541 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2004447049] [2023-11-06 22:18:15,541 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2004447049] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:18:15,542 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:18:15,546 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2023-11-06 22:18:15,546 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1360506916] [2023-11-06 22:18:15,547 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:18:15,547 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2023-11-06 22:18:15,548 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:18:15,548 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2023-11-06 22:18:15,549 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2023-11-06 22:18:15,549 INFO L87 Difference]: Start difference. First operand 532 states and 672 transitions. Second operand has 8 states, 8 states have (on average 5.75) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (5), 4 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2023-11-06 22:18:16,271 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:18:16,271 INFO L93 Difference]: Finished difference Result 1816 states and 2376 transitions. [2023-11-06 22:18:16,273 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 23 states. [2023-11-06 22:18:16,273 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 5.75) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (5), 4 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 55 [2023-11-06 22:18:16,274 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:18:16,284 INFO L225 Difference]: With dead ends: 1816 [2023-11-06 22:18:16,284 INFO L226 Difference]: Without dead ends: 1291 [2023-11-06 22:18:16,287 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 33 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 23 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 128 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=133, Invalid=467, Unknown=0, NotChecked=0, Total=600 [2023-11-06 22:18:16,288 INFO L413 NwaCegarLoop]: 71 mSDtfsCounter, 319 mSDsluCounter, 322 mSDsCounter, 0 mSdLazyCounter, 344 mSolverCounterSat, 110 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 325 SdHoareTripleChecker+Valid, 393 SdHoareTripleChecker+Invalid, 454 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 110 IncrementalHoareTripleChecker+Valid, 344 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2023-11-06 22:18:16,289 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [325 Valid, 393 Invalid, 454 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [110 Valid, 344 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2023-11-06 22:18:16,291 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1291 states. [2023-11-06 22:18:16,459 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1291 to 1227. [2023-11-06 22:18:16,462 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1227 states, 926 states have (on average 1.2138228941684666) internal successors, (1124), 993 states have internal predecessors, (1124), 158 states have call successors, (158), 118 states have call predecessors, (158), 142 states have return successors, (284), 160 states have call predecessors, (284), 158 states have call successors, (284) [2023-11-06 22:18:16,472 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1227 states to 1227 states and 1566 transitions. [2023-11-06 22:18:16,473 INFO L78 Accepts]: Start accepts. Automaton has 1227 states and 1566 transitions. Word has length 55 [2023-11-06 22:18:16,473 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:18:16,473 INFO L495 AbstractCegarLoop]: Abstraction has 1227 states and 1566 transitions. [2023-11-06 22:18:16,474 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 5.75) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (5), 4 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2023-11-06 22:18:16,474 INFO L276 IsEmpty]: Start isEmpty. Operand 1227 states and 1566 transitions. [2023-11-06 22:18:16,476 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 60 [2023-11-06 22:18:16,476 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:18:16,477 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:18:16,477 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2023-11-06 22:18:16,477 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:18:16,477 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:18:16,478 INFO L85 PathProgramCache]: Analyzing trace with hash 625238315, now seen corresponding path program 1 times [2023-11-06 22:18:16,478 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:18:16,478 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [600081644] [2023-11-06 22:18:16,478 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:18:16,478 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:18:16,492 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:16,559 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2023-11-06 22:18:16,561 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:16,566 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2023-11-06 22:18:16,568 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:16,577 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2023-11-06 22:18:16,581 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:16,682 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-06 22:18:16,683 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:16,700 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 50 [2023-11-06 22:18:16,701 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:16,702 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2023-11-06 22:18:16,703 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:18:16,703 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [600081644] [2023-11-06 22:18:16,703 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [600081644] provided 0 perfect and 1 imperfect interpolant sequences [2023-11-06 22:18:16,703 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [972610099] [2023-11-06 22:18:16,703 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:18:16,704 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-11-06 22:18:16,704 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/z3 [2023-11-06 22:18:16,711 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-11-06 22:18:16,725 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2023-11-06 22:18:16,815 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:16,818 INFO L262 TraceCheckSpWp]: Trace formula consists of 236 conjuncts, 8 conjunts are in the unsatisfiable core [2023-11-06 22:18:16,824 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-11-06 22:18:17,015 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 3 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2023-11-06 22:18:17,016 INFO L323 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2023-11-06 22:18:17,016 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [972610099] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:18:17,016 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2023-11-06 22:18:17,017 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [11] total 16 [2023-11-06 22:18:17,017 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [581472050] [2023-11-06 22:18:17,017 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:18:17,017 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2023-11-06 22:18:17,018 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:18:17,018 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2023-11-06 22:18:17,018 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=38, Invalid=202, Unknown=0, NotChecked=0, Total=240 [2023-11-06 22:18:17,019 INFO L87 Difference]: Start difference. First operand 1227 states and 1566 transitions. Second operand has 7 states, 7 states have (on average 6.857142857142857) internal successors, (48), 6 states have internal predecessors, (48), 3 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) [2023-11-06 22:18:17,327 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:18:17,327 INFO L93 Difference]: Finished difference Result 2385 states and 3063 transitions. [2023-11-06 22:18:17,328 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2023-11-06 22:18:17,328 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.857142857142857) internal successors, (48), 6 states have internal predecessors, (48), 3 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) Word has length 59 [2023-11-06 22:18:17,329 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:18:17,339 INFO L225 Difference]: With dead ends: 2385 [2023-11-06 22:18:17,339 INFO L226 Difference]: Without dead ends: 1165 [2023-11-06 22:18:17,345 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 76 GetRequests, 61 SyntacticMatches, 0 SemanticMatches, 15 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 11 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=45, Invalid=227, Unknown=0, NotChecked=0, Total=272 [2023-11-06 22:18:17,345 INFO L413 NwaCegarLoop]: 189 mSDtfsCounter, 73 mSDsluCounter, 454 mSDsCounter, 0 mSdLazyCounter, 124 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 74 SdHoareTripleChecker+Valid, 643 SdHoareTripleChecker+Invalid, 125 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 124 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2023-11-06 22:18:17,346 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [74 Valid, 643 Invalid, 125 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 124 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2023-11-06 22:18:17,348 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1165 states. [2023-11-06 22:18:17,467 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1165 to 1161. [2023-11-06 22:18:17,470 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1161 states, 874 states have (on average 1.2013729977116705) internal successors, (1050), 939 states have internal predecessors, (1050), 152 states have call successors, (152), 114 states have call predecessors, (152), 134 states have return successors, (246), 150 states have call predecessors, (246), 152 states have call successors, (246) [2023-11-06 22:18:17,479 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1161 states to 1161 states and 1448 transitions. [2023-11-06 22:18:17,480 INFO L78 Accepts]: Start accepts. Automaton has 1161 states and 1448 transitions. Word has length 59 [2023-11-06 22:18:17,480 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:18:17,480 INFO L495 AbstractCegarLoop]: Abstraction has 1161 states and 1448 transitions. [2023-11-06 22:18:17,480 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.857142857142857) internal successors, (48), 6 states have internal predecessors, (48), 3 states have call successors, (6), 3 states have call predecessors, (6), 4 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) [2023-11-06 22:18:17,481 INFO L276 IsEmpty]: Start isEmpty. Operand 1161 states and 1448 transitions. [2023-11-06 22:18:17,484 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 87 [2023-11-06 22:18:17,484 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:18:17,484 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:18:17,496 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2023-11-06 22:18:17,690 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-11-06 22:18:17,690 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:18:17,690 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:18:17,691 INFO L85 PathProgramCache]: Analyzing trace with hash 1921806068, now seen corresponding path program 1 times [2023-11-06 22:18:17,691 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:18:17,691 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [285405098] [2023-11-06 22:18:17,691 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:18:17,691 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:18:17,705 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:17,740 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2023-11-06 22:18:17,741 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:17,750 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2023-11-06 22:18:17,755 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:17,776 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2023-11-06 22:18:17,780 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:17,785 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-06 22:18:17,787 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:17,788 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2023-11-06 22:18:17,789 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:17,797 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 64 [2023-11-06 22:18:17,798 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:17,799 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 77 [2023-11-06 22:18:17,800 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:17,802 INFO L134 CoverageAnalysis]: Checked inductivity of 25 backedges. 16 proven. 0 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2023-11-06 22:18:17,802 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:18:17,802 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [285405098] [2023-11-06 22:18:17,802 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [285405098] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:18:17,803 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:18:17,803 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2023-11-06 22:18:17,803 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [25644649] [2023-11-06 22:18:17,803 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:18:17,803 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2023-11-06 22:18:17,804 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:18:17,804 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2023-11-06 22:18:17,804 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2023-11-06 22:18:17,805 INFO L87 Difference]: Start difference. First operand 1161 states and 1448 transitions. Second operand has 8 states, 8 states have (on average 8.375) internal successors, (67), 4 states have internal predecessors, (67), 4 states have call successors, (8), 6 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) [2023-11-06 22:18:18,447 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:18:18,447 INFO L93 Difference]: Finished difference Result 1976 states and 2453 transitions. [2023-11-06 22:18:18,448 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2023-11-06 22:18:18,448 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 8.375) internal successors, (67), 4 states have internal predecessors, (67), 4 states have call successors, (8), 6 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) Word has length 86 [2023-11-06 22:18:18,450 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:18:18,456 INFO L225 Difference]: With dead ends: 1976 [2023-11-06 22:18:18,456 INFO L226 Difference]: Without dead ends: 822 [2023-11-06 22:18:18,461 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 32 GetRequests, 18 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 35 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=68, Invalid=172, Unknown=0, NotChecked=0, Total=240 [2023-11-06 22:18:18,462 INFO L413 NwaCegarLoop]: 56 mSDtfsCounter, 429 mSDsluCounter, 149 mSDsCounter, 0 mSdLazyCounter, 339 mSolverCounterSat, 128 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 438 SdHoareTripleChecker+Valid, 205 SdHoareTripleChecker+Invalid, 467 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 128 IncrementalHoareTripleChecker+Valid, 339 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2023-11-06 22:18:18,463 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [438 Valid, 205 Invalid, 467 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [128 Valid, 339 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2023-11-06 22:18:18,465 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 822 states. [2023-11-06 22:18:18,559 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 822 to 790. [2023-11-06 22:18:18,561 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 790 states, 596 states have (on average 1.1895973154362416) internal successors, (709), 642 states have internal predecessors, (709), 101 states have call successors, (101), 82 states have call predecessors, (101), 92 states have return successors, (150), 99 states have call predecessors, (150), 101 states have call successors, (150) [2023-11-06 22:18:18,568 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 790 states to 790 states and 960 transitions. [2023-11-06 22:18:18,569 INFO L78 Accepts]: Start accepts. Automaton has 790 states and 960 transitions. Word has length 86 [2023-11-06 22:18:18,569 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:18:18,569 INFO L495 AbstractCegarLoop]: Abstraction has 790 states and 960 transitions. [2023-11-06 22:18:18,569 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 8.375) internal successors, (67), 4 states have internal predecessors, (67), 4 states have call successors, (8), 6 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) [2023-11-06 22:18:18,570 INFO L276 IsEmpty]: Start isEmpty. Operand 790 states and 960 transitions. [2023-11-06 22:18:18,578 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 99 [2023-11-06 22:18:18,578 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:18:18,578 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:18:18,578 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2023-11-06 22:18:18,578 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:18:18,579 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:18:18,579 INFO L85 PathProgramCache]: Analyzing trace with hash 1670948605, now seen corresponding path program 1 times [2023-11-06 22:18:18,579 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:18:18,579 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [418057777] [2023-11-06 22:18:18,579 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:18:18,579 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:18:18,618 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:18,808 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2023-11-06 22:18:18,809 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:18,820 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2023-11-06 22:18:18,826 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:18,850 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2023-11-06 22:18:18,855 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:18,896 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-06 22:18:18,898 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:18,900 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2023-11-06 22:18:18,901 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:18,910 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 61 [2023-11-06 22:18:18,912 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:18,914 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 79 [2023-11-06 22:18:18,915 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:18,916 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-06 22:18:18,917 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:18,918 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 89 [2023-11-06 22:18:18,919 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:18,920 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 17 proven. 3 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2023-11-06 22:18:18,921 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:18:18,921 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [418057777] [2023-11-06 22:18:18,921 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [418057777] provided 0 perfect and 1 imperfect interpolant sequences [2023-11-06 22:18:18,921 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [240483396] [2023-11-06 22:18:18,921 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:18:18,922 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-11-06 22:18:18,922 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/z3 [2023-11-06 22:18:18,923 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-11-06 22:18:18,956 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2023-11-06 22:18:19,043 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:19,046 INFO L262 TraceCheckSpWp]: Trace formula consists of 330 conjuncts, 11 conjunts are in the unsatisfiable core [2023-11-06 22:18:19,050 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-11-06 22:18:19,158 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 28 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2023-11-06 22:18:19,158 INFO L323 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2023-11-06 22:18:19,158 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [240483396] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:18:19,158 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2023-11-06 22:18:19,158 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [10] total 10 [2023-11-06 22:18:19,159 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [482718205] [2023-11-06 22:18:19,159 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:18:19,159 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2023-11-06 22:18:19,159 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:18:19,160 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2023-11-06 22:18:19,160 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=70, Unknown=0, NotChecked=0, Total=90 [2023-11-06 22:18:19,160 INFO L87 Difference]: Start difference. First operand 790 states and 960 transitions. Second operand has 6 states, 6 states have (on average 12.833333333333334) internal successors, (77), 6 states have internal predecessors, (77), 3 states have call successors, (10), 3 states have call predecessors, (10), 3 states have return successors, (9), 3 states have call predecessors, (9), 3 states have call successors, (9) [2023-11-06 22:18:19,433 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:18:19,433 INFO L93 Difference]: Finished difference Result 1893 states and 2398 transitions. [2023-11-06 22:18:19,433 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2023-11-06 22:18:19,434 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 12.833333333333334) internal successors, (77), 6 states have internal predecessors, (77), 3 states have call successors, (10), 3 states have call predecessors, (10), 3 states have return successors, (9), 3 states have call predecessors, (9), 3 states have call successors, (9) Word has length 98 [2023-11-06 22:18:19,434 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:18:19,443 INFO L225 Difference]: With dead ends: 1893 [2023-11-06 22:18:19,443 INFO L226 Difference]: Without dead ends: 1274 [2023-11-06 22:18:19,447 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 127 GetRequests, 114 SyntacticMatches, 2 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=36, Invalid=120, Unknown=0, NotChecked=0, Total=156 [2023-11-06 22:18:19,447 INFO L413 NwaCegarLoop]: 173 mSDtfsCounter, 137 mSDsluCounter, 487 mSDsCounter, 0 mSdLazyCounter, 69 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 137 SdHoareTripleChecker+Valid, 660 SdHoareTripleChecker+Invalid, 82 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 69 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2023-11-06 22:18:19,448 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [137 Valid, 660 Invalid, 82 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 69 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2023-11-06 22:18:19,450 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1274 states. [2023-11-06 22:18:19,605 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1274 to 1110. [2023-11-06 22:18:19,608 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1110 states, 834 states have (on average 1.1930455635491606) internal successors, (995), 898 states have internal predecessors, (995), 144 states have call successors, (144), 116 states have call predecessors, (144), 131 states have return successors, (226), 137 states have call predecessors, (226), 144 states have call successors, (226) [2023-11-06 22:18:19,616 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1110 states to 1110 states and 1365 transitions. [2023-11-06 22:18:19,616 INFO L78 Accepts]: Start accepts. Automaton has 1110 states and 1365 transitions. Word has length 98 [2023-11-06 22:18:19,617 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:18:19,617 INFO L495 AbstractCegarLoop]: Abstraction has 1110 states and 1365 transitions. [2023-11-06 22:18:19,617 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 12.833333333333334) internal successors, (77), 6 states have internal predecessors, (77), 3 states have call successors, (10), 3 states have call predecessors, (10), 3 states have return successors, (9), 3 states have call predecessors, (9), 3 states have call successors, (9) [2023-11-06 22:18:19,617 INFO L276 IsEmpty]: Start isEmpty. Operand 1110 states and 1365 transitions. [2023-11-06 22:18:19,620 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 99 [2023-11-06 22:18:19,620 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:18:19,620 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:18:19,631 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2023-11-06 22:18:19,826 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-11-06 22:18:19,826 INFO L420 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:18:19,826 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:18:19,826 INFO L85 PathProgramCache]: Analyzing trace with hash -134489729, now seen corresponding path program 1 times [2023-11-06 22:18:19,827 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:18:19,827 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1913754157] [2023-11-06 22:18:19,827 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:18:19,827 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:18:19,848 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:19,947 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2023-11-06 22:18:19,948 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:19,961 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2023-11-06 22:18:19,965 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:19,977 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2023-11-06 22:18:19,980 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:19,984 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-06 22:18:19,985 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:19,987 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2023-11-06 22:18:19,988 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:19,997 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 61 [2023-11-06 22:18:19,998 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:19,999 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 79 [2023-11-06 22:18:20,000 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:20,002 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-06 22:18:20,002 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:20,003 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 89 [2023-11-06 22:18:20,004 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:20,006 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 5 proven. 3 refuted. 0 times theorem prover too weak. 23 trivial. 0 not checked. [2023-11-06 22:18:20,006 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:18:20,006 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1913754157] [2023-11-06 22:18:20,006 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1913754157] provided 0 perfect and 1 imperfect interpolant sequences [2023-11-06 22:18:20,006 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1614941305] [2023-11-06 22:18:20,007 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:18:20,007 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-11-06 22:18:20,007 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/z3 [2023-11-06 22:18:20,009 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-11-06 22:18:20,040 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2023-11-06 22:18:20,133 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:20,135 INFO L262 TraceCheckSpWp]: Trace formula consists of 331 conjuncts, 5 conjunts are in the unsatisfiable core [2023-11-06 22:18:20,138 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-11-06 22:18:20,180 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 15 proven. 0 refuted. 0 times theorem prover too weak. 16 trivial. 0 not checked. [2023-11-06 22:18:20,180 INFO L323 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2023-11-06 22:18:20,180 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1614941305] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:18:20,180 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2023-11-06 22:18:20,180 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [10] total 13 [2023-11-06 22:18:20,180 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [368713095] [2023-11-06 22:18:20,181 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:18:20,181 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2023-11-06 22:18:20,181 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:18:20,182 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2023-11-06 22:18:20,182 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=28, Invalid=128, Unknown=0, NotChecked=0, Total=156 [2023-11-06 22:18:20,182 INFO L87 Difference]: Start difference. First operand 1110 states and 1365 transitions. Second operand has 5 states, 5 states have (on average 13.8) internal successors, (69), 5 states have internal predecessors, (69), 2 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) [2023-11-06 22:18:20,298 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:18:20,299 INFO L93 Difference]: Finished difference Result 1595 states and 1948 transitions. [2023-11-06 22:18:20,299 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2023-11-06 22:18:20,299 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 13.8) internal successors, (69), 5 states have internal predecessors, (69), 2 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) Word has length 98 [2023-11-06 22:18:20,300 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:18:20,300 INFO L225 Difference]: With dead ends: 1595 [2023-11-06 22:18:20,300 INFO L226 Difference]: Without dead ends: 0 [2023-11-06 22:18:20,305 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 124 GetRequests, 111 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 17 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=40, Invalid=170, Unknown=0, NotChecked=0, Total=210 [2023-11-06 22:18:20,305 INFO L413 NwaCegarLoop]: 103 mSDtfsCounter, 13 mSDsluCounter, 291 mSDsCounter, 0 mSdLazyCounter, 11 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 14 SdHoareTripleChecker+Valid, 394 SdHoareTripleChecker+Invalid, 13 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 11 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-11-06 22:18:20,306 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [14 Valid, 394 Invalid, 13 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 11 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-11-06 22:18:20,306 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2023-11-06 22:18:20,306 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2023-11-06 22:18:20,306 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2023-11-06 22:18:20,307 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2023-11-06 22:18:20,307 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 98 [2023-11-06 22:18:20,307 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:18:20,307 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2023-11-06 22:18:20,307 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 13.8) internal successors, (69), 5 states have internal predecessors, (69), 2 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) [2023-11-06 22:18:20,307 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2023-11-06 22:18:20,308 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2023-11-06 22:18:20,310 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2023-11-06 22:18:20,321 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2023-11-06 22:18:20,516 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable11 [2023-11-06 22:18:20,518 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2023-11-06 22:18:27,009 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 851 858) no Hoare annotation was computed. [2023-11-06 22:18:27,009 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 851 858) the Hoare annotation is: (let ((.cse2 (< ~waterLevel~0 2)) (.cse3 (= 0 ~systemActive~0)) (.cse4 (< ~methaneLevelCritical~0 1)) (.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse5 (< ~waterLevel~0 1)) (.cse6 (not (= 1 ~systemActive~0))) (.cse1 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse2 .cse3 .cse4) (or .cse0 .cse5 .cse6 .cse4) (or .cse0 .cse5 .cse6 .cse1))) [2023-11-06 22:18:27,009 INFO L899 garLoopResultBuilder]: For program point deactivatePumpFINAL(lines 851 858) no Hoare annotation was computed. [2023-11-06 22:18:27,010 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 766 772) no Hoare annotation was computed. [2023-11-06 22:18:27,010 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 766 772) the Hoare annotation is: true [2023-11-06 22:18:27,010 INFO L899 garLoopResultBuilder]: For program point L190-1(lines 186 197) no Hoare annotation was computed. [2023-11-06 22:18:27,010 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 186 197) the Hoare annotation is: (let ((.cse2 (< ~waterLevel~0 1)) (.cse6 (= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)) (.cse7 (< |old(~methaneLevelCritical~0)| 1)) (.cse4 (not (= 0 ~systemActive~0))) (.cse0 (not (= |old(~methaneLevelCritical~0)| 0))) (.cse1 (not (= ~pumpRunning~0 0))) (.cse3 (= ~methaneLevelCritical~0 0)) (.cse5 (not (= 1 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse1 .cse2 .cse5 .cse6 .cse7) (or .cse1 .cse2 .cse6 .cse7 .cse4) (or .cse0 .cse3 .cse5 (< ~waterLevel~0 2)) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse3 .cse5))) [2023-11-06 22:18:27,010 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 186 197) no Hoare annotation was computed. [2023-11-06 22:18:27,011 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(lines 198 206) the Hoare annotation is: true [2023-11-06 22:18:27,011 INFO L899 garLoopResultBuilder]: For program point isMethaneLevelCriticalFINAL(lines 198 206) no Hoare annotation was computed. [2023-11-06 22:18:27,011 INFO L899 garLoopResultBuilder]: For program point isMethaneLevelCriticalEXIT(lines 198 206) no Hoare annotation was computed. [2023-11-06 22:18:27,011 INFO L895 garLoopResultBuilder]: At program point L271(line 271) the Hoare annotation is: (let ((.cse10 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse12 (= ~pumpRunning~0 0))) (let ((.cse5 (not (= |old(~waterLevel~0)| 1))) (.cse6 (and .cse12 (= ~waterLevel~0 1))) (.cse4 (< ~methaneLevelCritical~0 1)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (< |old(~waterLevel~0)| 1)) (.cse2 (and .cse12 .cse10)) (.cse7 (not (= 0 ~systemActive~0))) (.cse3 (not (= 1 ~systemActive~0))) (.cse8 (< |old(~waterLevel~0)| 2)) (.cse9 (not (= ~methaneLevelCritical~0 0))) (.cse11 (and .cse12 (<= 1 ~waterLevel~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse0 .cse5 .cse6 .cse4 .cse7) (or .cse0 .cse3 .cse8 .cse9 .cse10) (or .cse0 .cse5 .cse3 .cse9 .cse6) (or .cse3 .cse8 .cse4 .cse11) (or .cse0 .cse2 .cse8 .cse4 .cse7) (or .cse0 .cse1 .cse2 .cse9 .cse7) (or .cse3 (<= 2 ~waterLevel~0) .cse8 .cse9 .cse11)))) [2023-11-06 22:18:27,012 INFO L899 garLoopResultBuilder]: For program point L271-1(line 271) no Hoare annotation was computed. [2023-11-06 22:18:27,012 INFO L895 garLoopResultBuilder]: At program point isLowWaterSensorDry_returnLabel#1(lines 253 261) the Hoare annotation is: (let ((.cse2 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= |timeShift_isLowWaterSensorDry_#res#1| 0) (<= 1 ~waterLevel~0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (< |old(~waterLevel~0)| 2)) (.cse3 (< ~methaneLevelCritical~0 1)) (.cse5 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (< |old(~waterLevel~0)| 1)) (.cse4 (not (= ~methaneLevelCritical~0 0))) (.cse7 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse1 .cse4 .cse2) (or .cse5 (not (= |old(~waterLevel~0)| 1)) .cse0 .cse3) (or .cse5 .cse6 .cse0 .cse4) (or .cse5 .cse6 .cse3 .cse7) (or .cse5 .cse0 .cse1 .cse3) (or .cse5 .cse6 .cse4 .cse7))) [2023-11-06 22:18:27,012 INFO L899 garLoopResultBuilder]: For program point L746-1(lines 745 764) no Hoare annotation was computed. [2023-11-06 22:18:27,013 INFO L899 garLoopResultBuilder]: For program point L808(lines 808 816) no Hoare annotation was computed. [2023-11-06 22:18:27,013 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 742 765) no Hoare annotation was computed. [2023-11-06 22:18:27,013 INFO L899 garLoopResultBuilder]: For program point L804(lines 804 821) no Hoare annotation was computed. [2023-11-06 22:18:27,013 INFO L899 garLoopResultBuilder]: For program point L277(lines 277 283) no Hoare annotation was computed. [2023-11-06 22:18:27,013 INFO L899 garLoopResultBuilder]: For program point L661(line 661) no Hoare annotation was computed. [2023-11-06 22:18:27,013 INFO L899 garLoopResultBuilder]: For program point L273(lines 273 286) no Hoare annotation was computed. [2023-11-06 22:18:27,013 INFO L895 garLoopResultBuilder]: At program point L273-1(lines 265 289) the Hoare annotation is: (let ((.cse6 (= 1 ~systemActive~0))) (let ((.cse11 (<= 1 ~waterLevel~0)) (.cse10 (< ~methaneLevelCritical~0 1)) (.cse8 (< |old(~waterLevel~0)| 1)) (.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse9 (not .cse6)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse12 (< |old(~waterLevel~0)| 2)) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse3 (= |timeShift___utac_acc__Specification1_spec__1_~tmp~1#1| 0)) (.cse4 (= ~pumpRunning~0 0)) (.cse7 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse5 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 (and .cse3 .cse4 (= ~waterLevel~0 1)) .cse5) (or (and .cse4 .cse6 .cse7) .cse0 .cse8 .cse9 .cse10) (or (and .cse3 .cse4 .cse6 .cse11) (and .cse3 (<= 2 ~waterLevel~0)) .cse9 .cse12 .cse2) (or (and .cse4 .cse6 .cse11) .cse9 .cse12 .cse10) (or .cse0 .cse8 (and .cse4 .cse7) .cse10 .cse5) (or .cse0 .cse8 .cse9 .cse2 .cse7) (or .cse0 .cse1 .cse9 .cse2 (and .cse3 .cse4 .cse6)) (or .cse0 .cse12 .cse2 (and .cse3 .cse4 .cse7) .cse5)))) [2023-11-06 22:18:27,014 INFO L895 garLoopResultBuilder]: At program point L814(line 814) the Hoare annotation is: (let ((.cse2 (< ~methaneLevelCritical~0 1)) (.cse1 (not (= 1 ~systemActive~0))) (.cse6 (< |old(~waterLevel~0)| 2)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (< |old(~waterLevel~0)| 1)) (.cse4 (not (= ~methaneLevelCritical~0 0))) (.cse5 (not (= 0 ~systemActive~0)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1 .cse2) (or .cse0 .cse3 .cse1 .cse4) (or .cse0 .cse3 .cse2 .cse5) (or .cse1 .cse6 .cse2) (or .cse1 .cse6 .cse4) (or .cse0 .cse3 .cse4 .cse5))) [2023-11-06 22:18:27,014 INFO L895 garLoopResultBuilder]: At program point L810(line 810) the Hoare annotation is: (let ((.cse3 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= |timeShift_isLowWaterSensorDry_#res#1| 0) (<= 1 |timeShift_isLowWaterLevel_#res#1|) (<= 1 ~waterLevel~0) (<= 1 |timeShift_processEnvironment_~tmp~7#1|))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (< |old(~waterLevel~0)| 2)) (.cse4 (< ~methaneLevelCritical~0 1)) (.cse5 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (< |old(~waterLevel~0)| 1)) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse7 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse1 .cse3 .cse4) (or .cse5 (not (= |old(~waterLevel~0)| 1)) .cse0 .cse4) (or .cse5 .cse6 .cse0 .cse2) (or .cse5 .cse6 .cse4 .cse7) (or .cse5 .cse0 .cse1 .cse4) (or .cse5 .cse6 .cse2 .cse7))) [2023-11-06 22:18:27,014 INFO L895 garLoopResultBuilder]: At program point __automaton_fail_returnLabel#1(lines 657 664) the Hoare annotation is: (let ((.cse2 (< ~methaneLevelCritical~0 1)) (.cse1 (not (= 1 ~systemActive~0))) (.cse6 (< |old(~waterLevel~0)| 2)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (< |old(~waterLevel~0)| 1)) (.cse4 (not (= ~methaneLevelCritical~0 0))) (.cse5 (not (= 0 ~systemActive~0)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1 .cse2) (or .cse0 .cse3 .cse1 .cse4) (or .cse0 .cse3 .cse2 .cse5) (or .cse1 .cse6 .cse2) (or .cse1 .cse6 .cse4) (or .cse0 .cse3 .cse4 .cse5))) [2023-11-06 22:18:27,015 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 742 765) the Hoare annotation is: (let ((.cse10 (= ~pumpRunning~0 0)) (.cse11 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse9 (and .cse10 .cse11)) (.cse7 (not (= ~methaneLevelCritical~0 0))) (.cse4 (not (= 0 ~systemActive~0))) (.cse6 (< |old(~waterLevel~0)| 2)) (.cse8 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse11)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse5 (not (= 1 ~systemActive~0))) (.cse2 (and .cse10 (= ~waterLevel~0 1))) (.cse3 (< ~methaneLevelCritical~0 1))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse6 .cse7 .cse8) (or .cse0 .cse1 .cse5 .cse7 .cse2) (or .cse0 .cse9 .cse6 .cse3 .cse4) (or .cse0 (< |old(~waterLevel~0)| 1) .cse9 .cse7 .cse4) (or .cse5 .cse6 .cse8 .cse3) (or .cse0 .cse1 .cse5 .cse2 .cse3)))) [2023-11-06 22:18:27,015 INFO L899 garLoopResultBuilder]: For program point L166(lines 166 170) no Hoare annotation was computed. [2023-11-06 22:18:27,015 INFO L895 garLoopResultBuilder]: At program point L166-2(lines 162 173) the Hoare annotation is: (let ((.cse1 (not (= 1 ~systemActive~0))) (.cse3 (< |old(~waterLevel~0)| 2)) (.cse5 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (<= 1 ~waterLevel~0))) (.cse2 (< ~methaneLevelCritical~0 1)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (< |old(~waterLevel~0)| 1)) (.cse4 (not (= ~methaneLevelCritical~0 0))) (.cse7 (not (= 0 ~systemActive~0)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1 .cse2) (or .cse1 .cse3 .cse4 .cse5) (or .cse0 .cse6 .cse1 .cse4) (or .cse0 .cse6 .cse2 .cse7) (or .cse0 .cse1 .cse3 .cse2) (or .cse1 .cse3 .cse5 .cse2) (or .cse0 .cse6 .cse4 .cse7))) [2023-11-06 22:18:27,015 INFO L895 garLoopResultBuilder]: At program point isLowWaterLevel_returnLabel#1(lines 934 952) the Hoare annotation is: (let ((.cse0 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= |timeShift_isLowWaterSensorDry_#res#1| 0) (<= 1 |timeShift_isLowWaterLevel_#res#1|) (<= 1 |timeShift_isLowWaterLevel_~tmp___0~3#1|) (<= 1 ~waterLevel~0) (= |timeShift_isLowWaterLevel_~tmp~10#1| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (< |old(~waterLevel~0)| 2)) (.cse3 (< ~methaneLevelCritical~0 1)) (.cse5 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (< |old(~waterLevel~0)| 1)) (.cse4 (not (= ~methaneLevelCritical~0 0))) (.cse7 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse1 .cse2 .cse4) (or .cse5 (not (= |old(~waterLevel~0)| 1)) .cse1 .cse3) (or .cse5 .cse6 .cse1 .cse4) (or .cse5 .cse6 .cse3 .cse7) (or .cse5 .cse1 .cse2 .cse3) (or .cse5 .cse6 .cse4 .cse7))) [2023-11-06 22:18:27,016 INFO L895 garLoopResultBuilder]: At program point L819(line 819) the Hoare annotation is: (let ((.cse9 (= |old(~pumpRunning~0)| 0))) (let ((.cse10 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse8 (< |old(~waterLevel~0)| 2)) (.cse5 (< |old(~waterLevel~0)| 1)) (.cse3 (not (= ~methaneLevelCritical~0 0))) (.cse7 (not (= 0 ~systemActive~0))) (.cse0 (not .cse9)) (.cse4 (= ~pumpRunning~0 0)) (.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse2 (not (= 1 ~systemActive~0))) (.cse6 (< ~methaneLevelCritical~0 1))) (and (or .cse0 .cse1 .cse2 .cse3 (and .cse4 (= ~waterLevel~0 1))) (or .cse0 .cse5 .cse6 .cse7) (or .cse2 .cse8 (and .cse4 .cse9 .cse10) .cse3) (or .cse0 .cse5 .cse2 .cse10 .cse6) (or .cse2 .cse8 .cse6 (and .cse4 .cse9)) (or .cse0 .cse5 .cse3 .cse7) (or .cse0 .cse4 .cse1 .cse2 .cse6)))) [2023-11-06 22:18:27,016 INFO L895 garLoopResultBuilder]: At program point L819-1(lines 800 824) the Hoare annotation is: (let ((.cse2 (= ~pumpRunning~0 0))) (let ((.cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse5 (< ~methaneLevelCritical~0 1)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (< |old(~waterLevel~0)| 1)) (.cse9 (not (= 0 ~systemActive~0))) (.cse4 (not (= 1 ~systemActive~0))) (.cse6 (< |old(~waterLevel~0)| 2)) (.cse7 (not (= ~methaneLevelCritical~0 0))) (.cse8 (and .cse2 (<= 1 ~waterLevel~0)))) (and (or .cse0 .cse1 (and .cse2 .cse3) .cse4 .cse5) (or .cse0 .cse4 .cse6 .cse7 .cse3) (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse4 .cse7 (and .cse2 (= ~waterLevel~0 1))) (or .cse4 .cse6 .cse5 .cse8) (or .cse0 .cse1 .cse5 .cse9) (or .cse0 .cse1 .cse7 .cse9) (or .cse4 (<= 2 ~waterLevel~0) .cse6 .cse7 .cse8)))) [2023-11-06 22:18:27,016 INFO L899 garLoopResultBuilder]: For program point L753-1(lines 753 759) no Hoare annotation was computed. [2023-11-06 22:18:27,016 INFO L899 garLoopResultBuilder]: For program point L943(lines 943 947) no Hoare annotation was computed. [2023-11-06 22:18:27,017 INFO L899 garLoopResultBuilder]: For program point L943-2(lines 943 947) no Hoare annotation was computed. [2023-11-06 22:18:27,017 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 742 765) no Hoare annotation was computed. [2023-11-06 22:18:27,017 INFO L895 garLoopResultBuilder]: At program point isPumpRunning_returnLabel#1(lines 870 878) the Hoare annotation is: (let ((.cse2 (= ~pumpRunning~0 0)) (.cse3 (= |timeShift_isPumpRunning_#res#1| 0))) (let ((.cse1 (< |old(~waterLevel~0)| 2)) (.cse7 (not (= ~methaneLevelCritical~0 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse5 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (< |old(~waterLevel~0)| 1)) (.cse9 (and .cse2 .cse3 (= |old(~waterLevel~0)| ~waterLevel~0))) (.cse4 (< ~methaneLevelCritical~0 1)) (.cse8 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 (and .cse2 .cse3 (<= 1 ~waterLevel~0)) .cse4) (or .cse5 .cse6 .cse0 .cse7) (or .cse0 .cse1 .cse7) (or .cse5 .cse6 .cse7 .cse8) (or .cse5 .cse6 .cse0 .cse9 .cse4) (or .cse5 .cse6 .cse9 .cse4 .cse8)))) [2023-11-06 22:18:27,017 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 661) no Hoare annotation was computed. [2023-11-06 22:18:27,018 INFO L902 garLoopResultBuilder]: At program point L66-1(lines 66 70) the Hoare annotation is: true [2023-11-06 22:18:27,018 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 52 81) no Hoare annotation was computed. [2023-11-06 22:18:27,018 INFO L899 garLoopResultBuilder]: For program point L63(line 63) no Hoare annotation was computed. [2023-11-06 22:18:27,019 INFO L902 garLoopResultBuilder]: At program point L62-2(lines 62 76) the Hoare annotation is: true [2023-11-06 22:18:27,019 INFO L902 garLoopResultBuilder]: At program point L58(line 58) the Hoare annotation is: true [2023-11-06 22:18:27,019 INFO L899 garLoopResultBuilder]: For program point L58-1(line 58) no Hoare annotation was computed. [2023-11-06 22:18:27,019 INFO L902 garLoopResultBuilder]: At program point L77(lines 52 81) the Hoare annotation is: true [2023-11-06 22:18:27,019 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(lines 52 81) the Hoare annotation is: true [2023-11-06 22:18:27,020 INFO L899 garLoopResultBuilder]: For program point L73(line 73) no Hoare annotation was computed. [2023-11-06 22:18:27,020 INFO L899 garLoopResultBuilder]: For program point L66(lines 66 70) no Hoare annotation was computed. [2023-11-06 22:18:27,020 INFO L895 garLoopResultBuilder]: At program point L700(line 700) the Hoare annotation is: (let ((.cse5 (<= 1 ~methaneLevelCritical~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse4 (<= 1 ~waterLevel~0)) (.cse6 (= 0 ~systemActive~0)) (.cse1 (= ~methaneLevelCritical~0 0)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse0 .cse5 .cse3 .cse4 .cse6) (and .cse0 .cse5 .cse2 .cse3 .cse4) (and .cse0 .cse1 .cse3 .cse4 .cse6) (and .cse1 (<= 2 ~waterLevel~0) .cse2 .cse3))) [2023-11-06 22:18:27,020 INFO L895 garLoopResultBuilder]: At program point startSystem_returnLabel#1(lines 968 975) the Hoare annotation is: (let ((.cse4 (= ~pumpRunning~0 0)) (.cse0 (<= 1 ~methaneLevelCritical~0)) (.cse6 (<= 1 ~waterLevel~0)) (.cse5 (= ~methaneLevelCritical~0 0)) (.cse1 (<= 2 ~waterLevel~0)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse5 .cse2 .cse3 .cse6) (and .cse4 .cse0 .cse2 .cse3 .cse6) (and .cse5 .cse1 .cse2 .cse3))) [2023-11-06 22:18:27,021 INFO L895 garLoopResultBuilder]: At program point L725(lines 678 727) the Hoare annotation is: (let ((.cse5 (<= 1 ~methaneLevelCritical~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse4 (<= 1 ~waterLevel~0)) (.cse6 (= 0 ~systemActive~0)) (.cse1 (= ~methaneLevelCritical~0 0)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse0 .cse5 .cse3 .cse4 .cse6) (and .cse0 .cse5 .cse2 .cse3 .cse4) (and .cse0 .cse1 .cse3 .cse4 .cse6) (and .cse1 (<= 2 ~waterLevel~0) .cse2 .cse3))) [2023-11-06 22:18:27,021 INFO L899 garLoopResultBuilder]: For program point L688(lines 688 694) no Hoare annotation was computed. [2023-11-06 22:18:27,021 INFO L899 garLoopResultBuilder]: For program point L688-1(lines 688 694) no Hoare annotation was computed. [2023-11-06 22:18:27,021 INFO L902 garLoopResultBuilder]: At program point runTest_returnLabel#1(lines 117 126) the Hoare annotation is: true [2023-11-06 22:18:27,021 INFO L895 garLoopResultBuilder]: At program point select_features_returnLabel#1(lines 988 994) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2023-11-06 22:18:27,022 INFO L902 garLoopResultBuilder]: At program point main_returnLabel#1(lines 130 152) the Hoare annotation is: true [2023-11-06 22:18:27,022 INFO L899 garLoopResultBuilder]: For program point L680(lines 680 684) no Hoare annotation was computed. [2023-11-06 22:18:27,022 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2023-11-06 22:18:27,022 INFO L899 garLoopResultBuilder]: For program point L957(lines 957 963) no Hoare annotation was computed. [2023-11-06 22:18:27,022 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2023-11-06 22:18:27,022 INFO L899 garLoopResultBuilder]: For program point L957-1(lines 957 963) no Hoare annotation was computed. [2023-11-06 22:18:27,022 INFO L899 garLoopResultBuilder]: For program point L140(lines 140 147) no Hoare annotation was computed. [2023-11-06 22:18:27,023 INFO L899 garLoopResultBuilder]: For program point L140-2(lines 140 147) no Hoare annotation was computed. [2023-11-06 22:18:27,023 INFO L895 garLoopResultBuilder]: At program point setup_returnLabel#1(lines 109 115) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2023-11-06 22:18:27,023 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2023-11-06 22:18:27,023 INFO L902 garLoopResultBuilder]: At program point L731(lines 668 735) the Hoare annotation is: true [2023-11-06 22:18:27,023 INFO L899 garLoopResultBuilder]: For program point L698(lines 698 704) no Hoare annotation was computed. [2023-11-06 22:18:27,024 INFO L899 garLoopResultBuilder]: For program point L698-1(lines 698 704) no Hoare annotation was computed. [2023-11-06 22:18:27,024 INFO L895 garLoopResultBuilder]: At program point L690(line 690) the Hoare annotation is: (let ((.cse5 (<= 1 ~methaneLevelCritical~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse4 (<= 1 ~waterLevel~0)) (.cse6 (= 0 ~systemActive~0)) (.cse1 (= ~methaneLevelCritical~0 0)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse0 .cse5 .cse3 .cse4 .cse6) (and .cse0 .cse5 .cse2 .cse3 .cse4) (and .cse0 .cse1 .cse3 .cse4 .cse6) (and .cse1 (<= 2 ~waterLevel~0) .cse2 .cse3))) [2023-11-06 22:18:27,024 INFO L899 garLoopResultBuilder]: For program point $Ultimate##0(line -1) no Hoare annotation was computed. [2023-11-06 22:18:27,025 INFO L895 garLoopResultBuilder]: At program point select_helpers_returnLabel#1(lines 995 1001) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2023-11-06 22:18:27,026 INFO L895 garLoopResultBuilder]: At program point L959(line 959) the Hoare annotation is: (let ((.cse0 (<= 2 ~waterLevel~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (not (= 0 ~systemActive~0)))) (or (and (= ~methaneLevelCritical~0 0) .cse0 .cse1 .cse2) (and (<= 1 ~methaneLevelCritical~0) .cse0 .cse1 .cse2))) [2023-11-06 22:18:27,027 INFO L895 garLoopResultBuilder]: At program point L728(lines 677 729) the Hoare annotation is: false [2023-11-06 22:18:27,027 INFO L895 garLoopResultBuilder]: At program point stopSystem_returnLabel#1(lines 953 967) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= 1 ~waterLevel~0)) (.cse3 (= 0 ~systemActive~0))) (or (and .cse0 (<= 1 ~methaneLevelCritical~0) .cse1 .cse2 .cse3) (and .cse0 (= ~methaneLevelCritical~0 0) .cse1 .cse2 .cse3))) [2023-11-06 22:18:27,027 INFO L899 garLoopResultBuilder]: For program point L716(lines 716 722) no Hoare annotation was computed. [2023-11-06 22:18:27,028 INFO L895 garLoopResultBuilder]: At program point valid_product_returnLabel#1(lines 1002 1010) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2023-11-06 22:18:27,028 INFO L895 garLoopResultBuilder]: At program point L716-2(lines 708 723) the Hoare annotation is: (let ((.cse0 (<= 1 ~methaneLevelCritical~0)) (.cse4 (= ~pumpRunning~0 0)) (.cse6 (<= 1 ~waterLevel~0)) (.cse7 (= 0 ~systemActive~0)) (.cse5 (= ~methaneLevelCritical~0 0)) (.cse1 (<= 2 ~waterLevel~0)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse5 .cse2 .cse3 .cse6) (and .cse4 .cse0 .cse3 .cse6 .cse7) (and .cse4 .cse0 .cse2 .cse3 .cse6) (and .cse4 .cse5 .cse3 .cse6 .cse7) (and .cse5 .cse1 .cse2 .cse3))) [2023-11-06 22:18:27,028 INFO L899 garLoopResultBuilder]: For program point L679(lines 678 727) no Hoare annotation was computed. [2023-11-06 22:18:27,029 INFO L899 garLoopResultBuilder]: For program point L708(lines 708 723) no Hoare annotation was computed. [2023-11-06 22:18:27,030 INFO L895 garLoopResultBuilder]: At program point L793(line 793) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (< ~waterLevel~0 1)) (.cse2 (not (= 1 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 (not (= ~methaneLevelCritical~0 0))) (or .cse0 .cse1 .cse2 (< ~methaneLevelCritical~0 1)))) [2023-11-06 22:18:27,030 INFO L899 garLoopResultBuilder]: For program point L793-1(lines 774 798) no Hoare annotation was computed. [2023-11-06 22:18:27,030 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 774 798) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (< ~waterLevel~0 1)) (.cse3 (not (= 1 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= ~methaneLevelCritical~0 0))) (or .cse0 .cse1 .cse2 .cse3 (< ~methaneLevelCritical~0 1)))) [2023-11-06 22:18:27,030 INFO L899 garLoopResultBuilder]: For program point L841(lines 841 847) no Hoare annotation was computed. [2023-11-06 22:18:27,031 INFO L895 garLoopResultBuilder]: At program point L841-2(lines 834 850) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (< ~methaneLevelCritical~0 1))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2) (or .cse0 (< ~waterLevel~0 1) .cse1 (<= 2 ~waterLevel~0) (not (= ~methaneLevelCritical~0 0))) (or .cse0 .cse1 (and (<= ~methaneLevelCritical~0 |processEnvironment__wrappee__highWaterSensor_activatePump_~tmp~8#1|) (= ~pumpRunning~0 0) (<= ~methaneLevelCritical~0 |processEnvironment__wrappee__highWaterSensor_isMethaneAlarm_#res#1|)) (< ~waterLevel~0 2) .cse2))) [2023-11-06 22:18:27,031 INFO L895 garLoopResultBuilder]: At program point isHighWaterSensorDry_returnLabel#1(lines 239 252) the Hoare annotation is: (let ((.cse8 (= 1 ~systemActive~0)) (.cse9 (= |old(~pumpRunning~0)| 0)) (.cse10 (= ~pumpRunning~0 0))) (let ((.cse0 (not (= ~waterLevel~0 1))) (.cse4 (and (<= 1 |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1|) .cse10)) (.cse5 (not (= ~methaneLevelCritical~0 0))) (.cse6 (and .cse10 .cse8 .cse9)) (.cse1 (not .cse9)) (.cse2 (not .cse8)) (.cse7 (< ~waterLevel~0 2)) (.cse3 (< ~methaneLevelCritical~0 1))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse0 .cse1 .cse2 .cse5 .cse4) (or .cse6 .cse1 .cse2 .cse5 .cse7) (or .cse6 .cse1 .cse2 .cse7 .cse3)))) [2023-11-06 22:18:27,031 INFO L895 garLoopResultBuilder]: At program point L864(line 864) the Hoare annotation is: (let ((.cse4 (= 1 ~systemActive~0)) (.cse5 (= |old(~pumpRunning~0)| 0))) (let ((.cse2 (< ~methaneLevelCritical~0 1)) (.cse0 (not .cse5)) (.cse1 (not .cse4)) (.cse3 (and (= ~pumpRunning~0 0) (<= 2 ~waterLevel~0) .cse4 .cse5))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2) (or .cse0 .cse1 (< ~waterLevel~0 2) .cse3 .cse2) (or .cse0 (< ~waterLevel~0 1) .cse1 (not (= ~methaneLevelCritical~0 0)) .cse3)))) [2023-11-06 22:18:27,032 INFO L899 garLoopResultBuilder]: For program point L864-1(line 864) no Hoare annotation was computed. [2023-11-06 22:18:27,032 INFO L895 garLoopResultBuilder]: At program point isHighWaterLevel_returnLabel#1(lines 915 933) the Hoare annotation is: (let ((.cse5 (= ~pumpRunning~0 0)) (.cse6 (= 1 ~systemActive~0)) (.cse7 (= |old(~pumpRunning~0)| 0))) (let ((.cse0 (not .cse7)) (.cse1 (< ~waterLevel~0 1)) (.cse2 (not .cse6)) (.cse3 (and .cse5 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp___0~2#1| 0) .cse6 .cse7 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1| 0))) (.cse4 (and .cse5 (<= 2 ~waterLevel~0) .cse6 .cse7))) (and (or .cse0 .cse1 .cse2 (not (= ~methaneLevelCritical~0 0)) .cse3 .cse4) (or .cse0 .cse1 .cse2 .cse3 .cse4 (< ~methaneLevelCritical~0 1))))) [2023-11-06 22:18:27,032 INFO L899 garLoopResultBuilder]: For program point L924(lines 924 928) no Hoare annotation was computed. [2023-11-06 22:18:27,033 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 774 798) no Hoare annotation was computed. [2023-11-06 22:18:27,033 INFO L899 garLoopResultBuilder]: For program point L924-2(lines 924 928) no Hoare annotation was computed. [2023-11-06 22:18:27,033 INFO L895 garLoopResultBuilder]: At program point L788(line 788) the Hoare annotation is: (let ((.cse4 (= 1 ~systemActive~0)) (.cse5 (= |old(~pumpRunning~0)| 0))) (let ((.cse0 (not .cse5)) (.cse1 (< ~waterLevel~0 1)) (.cse2 (not .cse4)) (.cse3 (and (= ~pumpRunning~0 0) .cse4 .cse5 (= |processEnvironment__wrappee__highWaterSensor_~tmp~6#1| 0)))) (and (or .cse0 .cse1 .cse2 (< ~methaneLevelCritical~0 1) .cse3) (or .cse0 .cse1 .cse2 (not (= ~methaneLevelCritical~0 0)) .cse3)))) [2023-11-06 22:18:27,033 INFO L899 garLoopResultBuilder]: For program point L243(lines 243 249) no Hoare annotation was computed. [2023-11-06 22:18:27,033 INFO L899 garLoopResultBuilder]: For program point L782(lines 782 790) no Hoare annotation was computed. [2023-11-06 22:18:27,033 INFO L899 garLoopResultBuilder]: For program point L778(lines 778 795) no Hoare annotation was computed. [2023-11-06 22:18:27,034 INFO L895 garLoopResultBuilder]: At program point isMethaneAlarm_returnLabel#1(lines 859 869) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (< ~waterLevel~0 1)) (.cse2 (not (= 1 ~systemActive~0))) (.cse3 (= ~pumpRunning~0 0)) (.cse4 (<= 2 ~waterLevel~0))) (and (or .cse0 .cse1 .cse2 (and .cse3 .cse4 (<= ~methaneLevelCritical~0 |processEnvironment__wrappee__highWaterSensor_isMethaneAlarm_#res#1|)) (< ~methaneLevelCritical~0 1)) (or .cse0 .cse1 .cse2 (not (= ~methaneLevelCritical~0 0)) (and .cse3 .cse4)))) [2023-11-06 22:18:27,034 INFO L895 garLoopResultBuilder]: At program point activatePump__wrappee__lowWaterSensor_returnLabel#1(lines 825 832) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (< ~waterLevel~0 1)) (.cse2 (not (= 1 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 (<= 2 ~waterLevel~0) (not (= ~methaneLevelCritical~0 0))) (or .cse0 .cse1 .cse2 (< ~methaneLevelCritical~0 1)))) [2023-11-06 22:18:27,034 INFO L899 garLoopResultBuilder]: For program point L178-1(lines 174 185) no Hoare annotation was computed. [2023-11-06 22:18:27,034 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 174 185) no Hoare annotation was computed. [2023-11-06 22:18:27,035 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 174 185) the Hoare annotation is: (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse8 (< |old(~waterLevel~0)| 2)) (.cse5 (not (= |old(~waterLevel~0)| 1))) (.cse6 (= ~waterLevel~0 1)) (.cse7 (< ~methaneLevelCritical~0 1)) (.cse0 (< |old(~waterLevel~0)| 1)) (.cse1 (not (= ~pumpRunning~0 0))) (.cse3 (not (= ~methaneLevelCritical~0 0))) (.cse4 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse9 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse1 .cse5 .cse2 .cse6 .cse7) (or .cse1 .cse2 .cse8 .cse4 .cse7) (or .cse1 .cse8 .cse4 .cse7 .cse9) (or .cse2 .cse8 .cse3 .cse4) (or .cse1 .cse5 .cse6 .cse7 .cse9) (or .cse0 .cse1 .cse3 .cse4 .cse9))) [2023-11-06 22:18:27,037 INFO L445 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:18:27,040 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2023-11-06 22:18:27,107 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 06.11 10:18:27 BoogieIcfgContainer [2023-11-06 22:18:27,108 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2023-11-06 22:18:27,108 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2023-11-06 22:18:27,108 INFO L270 PluginConnector]: Initializing Witness Printer... [2023-11-06 22:18:27,108 INFO L274 PluginConnector]: Witness Printer initialized [2023-11-06 22:18:27,109 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 06.11 10:18:12" (3/4) ... [2023-11-06 22:18:27,111 INFO L137 WitnessPrinter]: Generating witness for correct program [2023-11-06 22:18:27,115 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2023-11-06 22:18:27,115 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2023-11-06 22:18:27,116 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2023-11-06 22:18:27,116 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2023-11-06 22:18:27,116 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2023-11-06 22:18:27,116 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2023-11-06 22:18:27,116 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2023-11-06 22:18:27,116 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2023-11-06 22:18:27,126 INFO L939 BoogieBacktranslator]: Reduced CFG by removing 18 nodes and edges [2023-11-06 22:18:27,126 INFO L939 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2023-11-06 22:18:27,127 INFO L939 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2023-11-06 22:18:27,128 INFO L939 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2023-11-06 22:18:27,129 INFO L939 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2023-11-06 22:18:27,162 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || (methaneLevelCritical < 1)) && (((!((1 == systemActive)) || (\old(waterLevel) < 2)) || !((methaneLevelCritical == 0))) || ((pumpRunning == \old(pumpRunning)) && (1 <= waterLevel)))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((1 == systemActive))) || !((methaneLevelCritical == 0)))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || (methaneLevelCritical < 1)) || !((0 == systemActive)))) && (((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (\old(waterLevel) < 2)) || (methaneLevelCritical < 1))) && (((!((1 == systemActive)) || (\old(waterLevel) < 2)) || ((pumpRunning == \old(pumpRunning)) && (1 <= waterLevel))) || (methaneLevelCritical < 1))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((methaneLevelCritical == 0))) || !((0 == systemActive)))) [2023-11-06 22:18:27,163 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) || !((1 == systemActive))) || (methaneLevelCritical < 1)) && ((((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (\old(waterLevel) < 2)) || !((methaneLevelCritical == 0))) || (\old(waterLevel) == waterLevel))) && ((((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) || ((pumpRunning == 0) && (waterLevel == 1)))) && (((!((1 == systemActive)) || (\old(waterLevel) < 2)) || (methaneLevelCritical < 1)) || ((pumpRunning == 0) && (1 <= waterLevel)))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || (methaneLevelCritical < 1)) || !((0 == systemActive)))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((methaneLevelCritical == 0))) || !((0 == systemActive)))) && ((((!((1 == systemActive)) || (2 <= waterLevel)) || (\old(waterLevel) < 2)) || !((methaneLevelCritical == 0))) || ((pumpRunning == 0) && (1 <= waterLevel)))) [2023-11-06 22:18:27,165 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((methaneLevelCritical == 0))) || (((tmp == 0) && (pumpRunning == 0)) && (waterLevel == 1))) || !((0 == systemActive))) && (((((((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) == waterLevel)) || !((\old(pumpRunning) == 0))) || (\old(waterLevel) < 1)) || !((1 == systemActive))) || (methaneLevelCritical < 1))) && ((((((((tmp == 0) && (pumpRunning == 0)) && (1 == systemActive)) && (1 <= waterLevel)) || ((tmp == 0) && (2 <= waterLevel))) || !((1 == systemActive))) || (\old(waterLevel) < 2)) || !((methaneLevelCritical == 0)))) && ((((((pumpRunning == 0) && (1 == systemActive)) && (1 <= waterLevel)) || !((1 == systemActive))) || (\old(waterLevel) < 2)) || (methaneLevelCritical < 1))) && ((((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) || (methaneLevelCritical < 1)) || !((0 == systemActive)))) && ((((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) || (\old(waterLevel) == waterLevel))) && ((((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) || (((tmp == 0) && (pumpRunning == 0)) && (1 == systemActive)))) && ((((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 2)) || !((methaneLevelCritical == 0))) || (((tmp == 0) && (pumpRunning == 0)) && (\old(waterLevel) == waterLevel))) || !((0 == systemActive)))) [2023-11-06 22:18:27,166 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!((\old(pumpRunning) == 0)) || (waterLevel < 1)) || !((1 == systemActive))) || (((pumpRunning == 0) && (2 <= waterLevel)) && (methaneLevelCritical <= \result))) || (methaneLevelCritical < 1)) && ((((!((\old(pumpRunning) == 0)) || (waterLevel < 1)) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) || ((pumpRunning == 0) && (2 <= waterLevel)))) [2023-11-06 22:18:27,166 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!((1 == systemActive)) || (\old(waterLevel) < 2)) || (((pumpRunning == 0) && (\result == 0)) && (1 <= waterLevel))) || (methaneLevelCritical < 1)) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((1 == systemActive))) || !((methaneLevelCritical == 0)))) && ((!((1 == systemActive)) || (\old(waterLevel) < 2)) || !((methaneLevelCritical == 0)))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((methaneLevelCritical == 0))) || !((0 == systemActive)))) && ((((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((1 == systemActive))) || (((pumpRunning == 0) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || (methaneLevelCritical < 1))) && ((((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || (((pumpRunning == 0) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || (methaneLevelCritical < 1)) || !((0 == systemActive)))) [2023-11-06 22:18:27,166 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((!((1 == systemActive)) || (\old(waterLevel) < 2)) || (((pumpRunning == \old(pumpRunning)) && (\result == 0)) && (1 <= waterLevel))) || (methaneLevelCritical < 1)) && (((!((1 == systemActive)) || (\old(waterLevel) < 2)) || !((methaneLevelCritical == 0))) || (((pumpRunning == \old(pumpRunning)) && (\result == 0)) && (1 <= waterLevel)))) && (((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || (methaneLevelCritical < 1))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((1 == systemActive))) || !((methaneLevelCritical == 0)))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || (methaneLevelCritical < 1)) || !((0 == systemActive)))) && (((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (\old(waterLevel) < 2)) || (methaneLevelCritical < 1))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((methaneLevelCritical == 0))) || !((0 == systemActive)))) [2023-11-06 22:18:27,167 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!((waterLevel == 1)) || !((\old(pumpRunning) == 0))) || !((1 == systemActive))) || (methaneLevelCritical < 1)) || ((1 <= \result) && (pumpRunning == 0))) && ((((!((waterLevel == 1)) || !((\old(pumpRunning) == 0))) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) || ((1 <= \result) && (pumpRunning == 0)))) && (((((((pumpRunning == 0) && (1 == systemActive)) && (\old(pumpRunning) == 0)) || !((\old(pumpRunning) == 0))) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) || (waterLevel < 2))) && (((((((pumpRunning == 0) && (1 == systemActive)) && (\old(pumpRunning) == 0)) || !((\old(pumpRunning) == 0))) || !((1 == systemActive))) || (waterLevel < 2)) || (methaneLevelCritical < 1))) [2023-11-06 22:18:27,168 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!((waterLevel == 1)) || !((\old(pumpRunning) == 0))) || !((1 == systemActive))) || (methaneLevelCritical < 1)) && ((((!((\old(pumpRunning) == 0)) || (waterLevel < 1)) || !((1 == systemActive))) || (2 <= waterLevel)) || !((methaneLevelCritical == 0)))) && ((((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (((methaneLevelCritical <= tmp) && (pumpRunning == 0)) && (methaneLevelCritical <= \result))) || (waterLevel < 2)) || (methaneLevelCritical < 1))) [2023-11-06 22:18:27,168 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!((\old(pumpRunning) == 0)) || (waterLevel < 1)) || !((1 == systemActive))) || (2 <= waterLevel)) || !((methaneLevelCritical == 0))) && (((!((\old(pumpRunning) == 0)) || (waterLevel < 1)) || !((1 == systemActive))) || (methaneLevelCritical < 1))) [2023-11-06 22:18:27,169 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || (methaneLevelCritical < 1)) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((1 == systemActive))) || !((methaneLevelCritical == 0)))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || (methaneLevelCritical < 1)) || !((0 == systemActive)))) && ((!((1 == systemActive)) || (\old(waterLevel) < 2)) || (methaneLevelCritical < 1))) && ((!((1 == systemActive)) || (\old(waterLevel) < 2)) || !((methaneLevelCritical == 0)))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((methaneLevelCritical == 0))) || !((0 == systemActive)))) [2023-11-06 22:18:27,169 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((((((pumpRunning == \old(pumpRunning)) && (\result == 0)) && (1 <= \result)) && (1 <= tmp___0)) && (1 <= waterLevel)) && (tmp == 0)) || !((1 == systemActive))) || (\old(waterLevel) < 2)) || (methaneLevelCritical < 1)) && (((((((((pumpRunning == \old(pumpRunning)) && (\result == 0)) && (1 <= \result)) && (1 <= tmp___0)) && (1 <= waterLevel)) && (tmp == 0)) || !((1 == systemActive))) || (\old(waterLevel) < 2)) || !((methaneLevelCritical == 0)))) && (((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || (methaneLevelCritical < 1))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((1 == systemActive))) || !((methaneLevelCritical == 0)))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || (methaneLevelCritical < 1)) || !((0 == systemActive)))) && (((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (\old(waterLevel) < 2)) || (methaneLevelCritical < 1))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((methaneLevelCritical == 0))) || !((0 == systemActive)))) [2023-11-06 22:18:27,172 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!((\old(pumpRunning) == 0)) || (waterLevel < 1)) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) || (((((pumpRunning == 0) && (tmp___0 == 0)) && (1 == systemActive)) && (\old(pumpRunning) == 0)) && (\result == 0))) || ((((pumpRunning == 0) && (2 <= waterLevel)) && (1 == systemActive)) && (\old(pumpRunning) == 0))) && (((((!((\old(pumpRunning) == 0)) || (waterLevel < 1)) || !((1 == systemActive))) || (((((pumpRunning == 0) && (tmp___0 == 0)) && (1 == systemActive)) && (\old(pumpRunning) == 0)) && (\result == 0))) || ((((pumpRunning == 0) && (2 <= waterLevel)) && (1 == systemActive)) && (\old(pumpRunning) == 0))) || (methaneLevelCritical < 1))) [2023-11-06 22:18:27,235 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || (methaneLevelCritical < 1)) && (((!((1 == systemActive)) || (\old(waterLevel) < 2)) || !((methaneLevelCritical == 0))) || ((pumpRunning == \old(pumpRunning)) && (1 <= waterLevel)))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((1 == systemActive))) || !((methaneLevelCritical == 0)))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || (methaneLevelCritical < 1)) || !((0 == systemActive)))) && (((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (\old(waterLevel) < 2)) || (methaneLevelCritical < 1))) && (((!((1 == systemActive)) || (\old(waterLevel) < 2)) || ((pumpRunning == \old(pumpRunning)) && (1 <= waterLevel))) || (methaneLevelCritical < 1))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((methaneLevelCritical == 0))) || !((0 == systemActive)))) [2023-11-06 22:18:27,235 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) || !((1 == systemActive))) || (methaneLevelCritical < 1)) && ((((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (\old(waterLevel) < 2)) || !((methaneLevelCritical == 0))) || (\old(waterLevel) == waterLevel))) && ((((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) || ((pumpRunning == 0) && (waterLevel == 1)))) && (((!((1 == systemActive)) || (\old(waterLevel) < 2)) || (methaneLevelCritical < 1)) || ((pumpRunning == 0) && (1 <= waterLevel)))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || (methaneLevelCritical < 1)) || !((0 == systemActive)))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((methaneLevelCritical == 0))) || !((0 == systemActive)))) && ((((!((1 == systemActive)) || (2 <= waterLevel)) || (\old(waterLevel) < 2)) || !((methaneLevelCritical == 0))) || ((pumpRunning == 0) && (1 <= waterLevel)))) [2023-11-06 22:18:27,236 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((methaneLevelCritical == 0))) || (((tmp == 0) && (pumpRunning == 0)) && (waterLevel == 1))) || !((0 == systemActive))) && (((((((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) == waterLevel)) || !((\old(pumpRunning) == 0))) || (\old(waterLevel) < 1)) || !((1 == systemActive))) || (methaneLevelCritical < 1))) && ((((((((tmp == 0) && (pumpRunning == 0)) && (1 == systemActive)) && (1 <= waterLevel)) || ((tmp == 0) && (2 <= waterLevel))) || !((1 == systemActive))) || (\old(waterLevel) < 2)) || !((methaneLevelCritical == 0)))) && ((((((pumpRunning == 0) && (1 == systemActive)) && (1 <= waterLevel)) || !((1 == systemActive))) || (\old(waterLevel) < 2)) || (methaneLevelCritical < 1))) && ((((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) || (methaneLevelCritical < 1)) || !((0 == systemActive)))) && ((((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) || (\old(waterLevel) == waterLevel))) && ((((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) || (((tmp == 0) && (pumpRunning == 0)) && (1 == systemActive)))) && ((((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 2)) || !((methaneLevelCritical == 0))) || (((tmp == 0) && (pumpRunning == 0)) && (\old(waterLevel) == waterLevel))) || !((0 == systemActive)))) [2023-11-06 22:18:27,237 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!((\old(pumpRunning) == 0)) || (waterLevel < 1)) || !((1 == systemActive))) || (((pumpRunning == 0) && (2 <= waterLevel)) && (methaneLevelCritical <= \result))) || (methaneLevelCritical < 1)) && ((((!((\old(pumpRunning) == 0)) || (waterLevel < 1)) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) || ((pumpRunning == 0) && (2 <= waterLevel)))) [2023-11-06 22:18:27,237 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!((1 == systemActive)) || (\old(waterLevel) < 2)) || (((pumpRunning == 0) && (\result == 0)) && (1 <= waterLevel))) || (methaneLevelCritical < 1)) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((1 == systemActive))) || !((methaneLevelCritical == 0)))) && ((!((1 == systemActive)) || (\old(waterLevel) < 2)) || !((methaneLevelCritical == 0)))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((methaneLevelCritical == 0))) || !((0 == systemActive)))) && ((((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((1 == systemActive))) || (((pumpRunning == 0) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || (methaneLevelCritical < 1))) && ((((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || (((pumpRunning == 0) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || (methaneLevelCritical < 1)) || !((0 == systemActive)))) [2023-11-06 22:18:27,237 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((!((1 == systemActive)) || (\old(waterLevel) < 2)) || (((pumpRunning == \old(pumpRunning)) && (\result == 0)) && (1 <= waterLevel))) || (methaneLevelCritical < 1)) && (((!((1 == systemActive)) || (\old(waterLevel) < 2)) || !((methaneLevelCritical == 0))) || (((pumpRunning == \old(pumpRunning)) && (\result == 0)) && (1 <= waterLevel)))) && (((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || (methaneLevelCritical < 1))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((1 == systemActive))) || !((methaneLevelCritical == 0)))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || (methaneLevelCritical < 1)) || !((0 == systemActive)))) && (((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (\old(waterLevel) < 2)) || (methaneLevelCritical < 1))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((methaneLevelCritical == 0))) || !((0 == systemActive)))) [2023-11-06 22:18:27,237 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!((waterLevel == 1)) || !((\old(pumpRunning) == 0))) || !((1 == systemActive))) || (methaneLevelCritical < 1)) || ((1 <= \result) && (pumpRunning == 0))) && ((((!((waterLevel == 1)) || !((\old(pumpRunning) == 0))) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) || ((1 <= \result) && (pumpRunning == 0)))) && (((((((pumpRunning == 0) && (1 == systemActive)) && (\old(pumpRunning) == 0)) || !((\old(pumpRunning) == 0))) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) || (waterLevel < 2))) && (((((((pumpRunning == 0) && (1 == systemActive)) && (\old(pumpRunning) == 0)) || !((\old(pumpRunning) == 0))) || !((1 == systemActive))) || (waterLevel < 2)) || (methaneLevelCritical < 1))) [2023-11-06 22:18:27,238 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!((waterLevel == 1)) || !((\old(pumpRunning) == 0))) || !((1 == systemActive))) || (methaneLevelCritical < 1)) && ((((!((\old(pumpRunning) == 0)) || (waterLevel < 1)) || !((1 == systemActive))) || (2 <= waterLevel)) || !((methaneLevelCritical == 0)))) && ((((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (((methaneLevelCritical <= tmp) && (pumpRunning == 0)) && (methaneLevelCritical <= \result))) || (waterLevel < 2)) || (methaneLevelCritical < 1))) [2023-11-06 22:18:27,238 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!((\old(pumpRunning) == 0)) || (waterLevel < 1)) || !((1 == systemActive))) || (2 <= waterLevel)) || !((methaneLevelCritical == 0))) && (((!((\old(pumpRunning) == 0)) || (waterLevel < 1)) || !((1 == systemActive))) || (methaneLevelCritical < 1))) [2023-11-06 22:18:27,238 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || (methaneLevelCritical < 1)) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((1 == systemActive))) || !((methaneLevelCritical == 0)))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || (methaneLevelCritical < 1)) || !((0 == systemActive)))) && ((!((1 == systemActive)) || (\old(waterLevel) < 2)) || (methaneLevelCritical < 1))) && ((!((1 == systemActive)) || (\old(waterLevel) < 2)) || !((methaneLevelCritical == 0)))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((methaneLevelCritical == 0))) || !((0 == systemActive)))) [2023-11-06 22:18:27,238 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((((((pumpRunning == \old(pumpRunning)) && (\result == 0)) && (1 <= \result)) && (1 <= tmp___0)) && (1 <= waterLevel)) && (tmp == 0)) || !((1 == systemActive))) || (\old(waterLevel) < 2)) || (methaneLevelCritical < 1)) && (((((((((pumpRunning == \old(pumpRunning)) && (\result == 0)) && (1 <= \result)) && (1 <= tmp___0)) && (1 <= waterLevel)) && (tmp == 0)) || !((1 == systemActive))) || (\old(waterLevel) < 2)) || !((methaneLevelCritical == 0)))) && (((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || (methaneLevelCritical < 1))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((1 == systemActive))) || !((methaneLevelCritical == 0)))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || (methaneLevelCritical < 1)) || !((0 == systemActive)))) && (((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (\old(waterLevel) < 2)) || (methaneLevelCritical < 1))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((methaneLevelCritical == 0))) || !((0 == systemActive)))) [2023-11-06 22:18:27,239 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!((\old(pumpRunning) == 0)) || (waterLevel < 1)) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) || (((((pumpRunning == 0) && (tmp___0 == 0)) && (1 == systemActive)) && (\old(pumpRunning) == 0)) && (\result == 0))) || ((((pumpRunning == 0) && (2 <= waterLevel)) && (1 == systemActive)) && (\old(pumpRunning) == 0))) && (((((!((\old(pumpRunning) == 0)) || (waterLevel < 1)) || !((1 == systemActive))) || (((((pumpRunning == 0) && (tmp___0 == 0)) && (1 == systemActive)) && (\old(pumpRunning) == 0)) && (\result == 0))) || ((((pumpRunning == 0) && (2 <= waterLevel)) && (1 == systemActive)) && (\old(pumpRunning) == 0))) || (methaneLevelCritical < 1))) [2023-11-06 22:18:27,276 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/witness.graphml.graphml [2023-11-06 22:18:27,276 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/witness.graphml.yaml [2023-11-06 22:18:27,277 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2023-11-06 22:18:27,278 INFO L158 Benchmark]: Toolchain (without parser) took 16260.88ms. Allocated memory was 132.1MB in the beginning and 308.3MB in the end (delta: 176.2MB). Free memory was 83.5MB in the beginning and 228.5MB in the end (delta: -145.1MB). Peak memory consumption was 32.8MB. Max. memory is 16.1GB. [2023-11-06 22:18:27,278 INFO L158 Benchmark]: CDTParser took 0.29ms. Allocated memory is still 132.1MB. Free memory is still 78.6MB. There was no memory consumed. Max. memory is 16.1GB. [2023-11-06 22:18:27,278 INFO L158 Benchmark]: CACSL2BoogieTranslator took 615.15ms. Allocated memory is still 132.1MB. Free memory was 83.0MB in the beginning and 63.4MB in the end (delta: 19.6MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2023-11-06 22:18:27,279 INFO L158 Benchmark]: Boogie Procedure Inliner took 86.83ms. Allocated memory is still 132.1MB. Free memory was 63.4MB in the beginning and 61.3MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2023-11-06 22:18:27,279 INFO L158 Benchmark]: Boogie Preprocessor took 43.06ms. Allocated memory is still 132.1MB. Free memory was 61.3MB in the beginning and 59.7MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2023-11-06 22:18:27,279 INFO L158 Benchmark]: RCFGBuilder took 676.99ms. Allocated memory was 132.1MB in the beginning and 176.2MB in the end (delta: 44.0MB). Free memory was 59.7MB in the beginning and 145.0MB in the end (delta: -85.3MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2023-11-06 22:18:27,280 INFO L158 Benchmark]: TraceAbstraction took 14662.10ms. Allocated memory was 176.2MB in the beginning and 308.3MB in the end (delta: 132.1MB). Free memory was 144.0MB in the beginning and 236.9MB in the end (delta: -92.9MB). Peak memory consumption was 154.4MB. Max. memory is 16.1GB. [2023-11-06 22:18:27,280 INFO L158 Benchmark]: Witness Printer took 168.58ms. Allocated memory is still 308.3MB. Free memory was 236.9MB in the beginning and 228.5MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2023-11-06 22:18:27,282 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.29ms. Allocated memory is still 132.1MB. Free memory is still 78.6MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 615.15ms. Allocated memory is still 132.1MB. Free memory was 83.0MB in the beginning and 63.4MB in the end (delta: 19.6MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 86.83ms. Allocated memory is still 132.1MB. Free memory was 63.4MB in the beginning and 61.3MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 43.06ms. Allocated memory is still 132.1MB. Free memory was 61.3MB in the beginning and 59.7MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 676.99ms. Allocated memory was 132.1MB in the beginning and 176.2MB in the end (delta: 44.0MB). Free memory was 59.7MB in the beginning and 145.0MB in the end (delta: -85.3MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * TraceAbstraction took 14662.10ms. Allocated memory was 176.2MB in the beginning and 308.3MB in the end (delta: 132.1MB). Free memory was 144.0MB in the beginning and 236.9MB in the end (delta: -92.9MB). Peak memory consumption was 154.4MB. Max. memory is 16.1GB. * Witness Printer took 168.58ms. Allocated memory is still 308.3MB. Free memory was 236.9MB in the beginning and 228.5MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] - GenericResultAtLocation [Line: 153]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [153] - GenericResultAtLocation [Line: 262]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [262] - GenericResultAtLocation [Line: 290]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [290] - GenericResultAtLocation [Line: 656]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [656] - GenericResultAtLocation [Line: 665]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [665] - GenericResultAtLocation [Line: 736]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [736] - GenericResultAtLocation [Line: 976]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [976] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 661]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 99 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 14.5s, OverallIterations: 12, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 3.3s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 6.5s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1526 SdHoareTripleChecker+Valid, 1.4s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1492 mSDsluCounter, 4110 SdHoareTripleChecker+Invalid, 1.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2781 mSDsCounter, 360 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1278 IncrementalHoareTripleChecker+Invalid, 1638 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 360 mSolverCounterUnsat, 1329 mSDtfsCounter, 1278 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 458 GetRequests, 355 SyntacticMatches, 2 SemanticMatches, 101 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 212 ImplicationChecksByTransitivity, 0.8s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1227occurred in iteration=8, InterpolantAutomatonStates: 89, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.9s AutomataMinimizationTime, 12 MinimizatonAttempts, 309 StatesRemovedByMinimization, 9 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 46 LocationsWithAnnotation, 2988 PreInvPairs, 3224 NumberOfFragments, 2920 HoareAnnotationTreeSize, 2988 FomulaSimplifications, 1805 FormulaSimplificationTreeSizeReduction, 0.8s HoareSimplificationTime, 46 FomulaSimplificationsInter, 10396 FormulaSimplificationTreeSizeReductionInter, 5.6s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 2.2s InterpolantComputationTime, 912 NumberOfCodeBlocks, 912 NumberOfCodeBlocksAsserted, 15 NumberOfCheckSat, 897 ConstructedInterpolants, 0 QuantifiedInterpolants, 1504 SizeOfPredicates, 11 NumberOfNonLiveVariables, 897 ConjunctsInSsa, 24 ConjunctsInUnsatCore, 15 InterpolantComputations, 12 PerfectInterpolantSequences, 159/167 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 109]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (waterLevel == 1)) - InvariantResult [Line: 825]: Loop Invariant Derived loop invariant: (((((!((\old(pumpRunning) == 0)) || (waterLevel < 1)) || !((1 == systemActive))) || (2 <= waterLevel)) || !((methaneLevelCritical == 0))) && (((!((\old(pumpRunning) == 0)) || (waterLevel < 1)) || !((1 == systemActive))) || (methaneLevelCritical < 1))) - InvariantResult [Line: 988]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (waterLevel == 1)) - InvariantResult [Line: 934]: Loop Invariant Derived loop invariant: (((((((((((((((pumpRunning == \old(pumpRunning)) && (\result == 0)) && (1 <= \result)) && (1 <= tmp___0)) && (1 <= waterLevel)) && (tmp == 0)) || !((1 == systemActive))) || (\old(waterLevel) < 2)) || (methaneLevelCritical < 1)) && (((((((((pumpRunning == \old(pumpRunning)) && (\result == 0)) && (1 <= \result)) && (1 <= tmp___0)) && (1 <= waterLevel)) && (tmp == 0)) || !((1 == systemActive))) || (\old(waterLevel) < 2)) || !((methaneLevelCritical == 0)))) && (((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || (methaneLevelCritical < 1))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((1 == systemActive))) || !((methaneLevelCritical == 0)))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || (methaneLevelCritical < 1)) || !((0 == systemActive)))) && (((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (\old(waterLevel) < 2)) || (methaneLevelCritical < 1))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((methaneLevelCritical == 0))) || !((0 == systemActive)))) - InvariantResult [Line: 678]: Loop Invariant Derived loop invariant: (((((((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (splverifierCounter == 0)) && (1 <= waterLevel)) || (((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (splverifierCounter == 0)) && (1 <= waterLevel)) && (0 == systemActive))) || (((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive)) && (splverifierCounter == 0)) && (1 <= waterLevel))) || (((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (splverifierCounter == 0)) && (1 <= waterLevel)) && (0 == systemActive))) || ((((methaneLevelCritical == 0) && (2 <= waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) - InvariantResult [Line: 870]: Loop Invariant Derived loop invariant: ((((((((!((1 == systemActive)) || (\old(waterLevel) < 2)) || (((pumpRunning == 0) && (\result == 0)) && (1 <= waterLevel))) || (methaneLevelCritical < 1)) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((1 == systemActive))) || !((methaneLevelCritical == 0)))) && ((!((1 == systemActive)) || (\old(waterLevel) < 2)) || !((methaneLevelCritical == 0)))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((methaneLevelCritical == 0))) || !((0 == systemActive)))) && ((((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((1 == systemActive))) || (((pumpRunning == 0) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || (methaneLevelCritical < 1))) && ((((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || (((pumpRunning == 0) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || (methaneLevelCritical < 1)) || !((0 == systemActive)))) - InvariantResult [Line: 239]: Loop Invariant Derived loop invariant: (((((((!((waterLevel == 1)) || !((\old(pumpRunning) == 0))) || !((1 == systemActive))) || (methaneLevelCritical < 1)) || ((1 <= \result) && (pumpRunning == 0))) && ((((!((waterLevel == 1)) || !((\old(pumpRunning) == 0))) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) || ((1 <= \result) && (pumpRunning == 0)))) && (((((((pumpRunning == 0) && (1 == systemActive)) && (\old(pumpRunning) == 0)) || !((\old(pumpRunning) == 0))) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) || (waterLevel < 2))) && (((((((pumpRunning == 0) && (1 == systemActive)) && (\old(pumpRunning) == 0)) || !((\old(pumpRunning) == 0))) || !((1 == systemActive))) || (waterLevel < 2)) || (methaneLevelCritical < 1))) - InvariantResult [Line: 253]: Loop Invariant Derived loop invariant: (((((((((!((1 == systemActive)) || (\old(waterLevel) < 2)) || (((pumpRunning == \old(pumpRunning)) && (\result == 0)) && (1 <= waterLevel))) || (methaneLevelCritical < 1)) && (((!((1 == systemActive)) || (\old(waterLevel) < 2)) || !((methaneLevelCritical == 0))) || (((pumpRunning == \old(pumpRunning)) && (\result == 0)) && (1 <= waterLevel)))) && (((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || (methaneLevelCritical < 1))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((1 == systemActive))) || !((methaneLevelCritical == 0)))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || (methaneLevelCritical < 1)) || !((0 == systemActive)))) && (((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (\old(waterLevel) < 2)) || (methaneLevelCritical < 1))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((methaneLevelCritical == 0))) || !((0 == systemActive)))) - InvariantResult [Line: 915]: Loop Invariant Derived loop invariant: ((((((!((\old(pumpRunning) == 0)) || (waterLevel < 1)) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) || (((((pumpRunning == 0) && (tmp___0 == 0)) && (1 == systemActive)) && (\old(pumpRunning) == 0)) && (\result == 0))) || ((((pumpRunning == 0) && (2 <= waterLevel)) && (1 == systemActive)) && (\old(pumpRunning) == 0))) && (((((!((\old(pumpRunning) == 0)) || (waterLevel < 1)) || !((1 == systemActive))) || (((((pumpRunning == 0) && (tmp___0 == 0)) && (1 == systemActive)) && (\old(pumpRunning) == 0)) && (\result == 0))) || ((((pumpRunning == 0) && (2 <= waterLevel)) && (1 == systemActive)) && (\old(pumpRunning) == 0))) || (methaneLevelCritical < 1))) - InvariantResult [Line: 117]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 162]: Loop Invariant Derived loop invariant: (((((((((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || (methaneLevelCritical < 1)) && (((!((1 == systemActive)) || (\old(waterLevel) < 2)) || !((methaneLevelCritical == 0))) || ((pumpRunning == \old(pumpRunning)) && (1 <= waterLevel)))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((1 == systemActive))) || !((methaneLevelCritical == 0)))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || (methaneLevelCritical < 1)) || !((0 == systemActive)))) && (((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (\old(waterLevel) < 2)) || (methaneLevelCritical < 1))) && (((!((1 == systemActive)) || (\old(waterLevel) < 2)) || ((pumpRunning == \old(pumpRunning)) && (1 <= waterLevel))) || (methaneLevelCritical < 1))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((methaneLevelCritical == 0))) || !((0 == systemActive)))) - InvariantResult [Line: 953]: Loop Invariant Derived loop invariant: ((((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (splverifierCounter == 0)) && (1 <= waterLevel)) && (0 == systemActive)) || (((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (splverifierCounter == 0)) && (1 <= waterLevel)) && (0 == systemActive))) - InvariantResult [Line: 52]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 968]: Loop Invariant Derived loop invariant: (((((((1 <= methaneLevelCritical) && (2 <= waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0)) || (((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (splverifierCounter == 0)) && (1 <= waterLevel))) || (((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive)) && (splverifierCounter == 0)) && (1 <= waterLevel))) || ((((methaneLevelCritical == 0) && (2 <= waterLevel)) && (1 == systemActive)) && (splverifierCounter == 0))) - InvariantResult [Line: 657]: Loop Invariant Derived loop invariant: ((((((((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || (methaneLevelCritical < 1)) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((1 == systemActive))) || !((methaneLevelCritical == 0)))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || (methaneLevelCritical < 1)) || !((0 == systemActive)))) && ((!((1 == systemActive)) || (\old(waterLevel) < 2)) || (methaneLevelCritical < 1))) && ((!((1 == systemActive)) || (\old(waterLevel) < 2)) || !((methaneLevelCritical == 0)))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((methaneLevelCritical == 0))) || !((0 == systemActive)))) - InvariantResult [Line: 1002]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (waterLevel == 1)) - InvariantResult [Line: 834]: Loop Invariant Derived loop invariant: (((((!((waterLevel == 1)) || !((\old(pumpRunning) == 0))) || !((1 == systemActive))) || (methaneLevelCritical < 1)) && ((((!((\old(pumpRunning) == 0)) || (waterLevel < 1)) || !((1 == systemActive))) || (2 <= waterLevel)) || !((methaneLevelCritical == 0)))) && ((((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (((methaneLevelCritical <= tmp) && (pumpRunning == 0)) && (methaneLevelCritical <= \result))) || (waterLevel < 2)) || (methaneLevelCritical < 1))) - InvariantResult [Line: 995]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (waterLevel == 1)) - InvariantResult [Line: 859]: Loop Invariant Derived loop invariant: (((((!((\old(pumpRunning) == 0)) || (waterLevel < 1)) || !((1 == systemActive))) || (((pumpRunning == 0) && (2 <= waterLevel)) && (methaneLevelCritical <= \result))) || (methaneLevelCritical < 1)) && ((((!((\old(pumpRunning) == 0)) || (waterLevel < 1)) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) || ((pumpRunning == 0) && (2 <= waterLevel)))) - InvariantResult [Line: 130]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 668]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 62]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 677]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 265]: Loop Invariant Derived loop invariant: (((((((((((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((methaneLevelCritical == 0))) || (((tmp == 0) && (pumpRunning == 0)) && (waterLevel == 1))) || !((0 == systemActive))) && (((((((pumpRunning == 0) && (1 == systemActive)) && (\old(waterLevel) == waterLevel)) || !((\old(pumpRunning) == 0))) || (\old(waterLevel) < 1)) || !((1 == systemActive))) || (methaneLevelCritical < 1))) && ((((((((tmp == 0) && (pumpRunning == 0)) && (1 == systemActive)) && (1 <= waterLevel)) || ((tmp == 0) && (2 <= waterLevel))) || !((1 == systemActive))) || (\old(waterLevel) < 2)) || !((methaneLevelCritical == 0)))) && ((((((pumpRunning == 0) && (1 == systemActive)) && (1 <= waterLevel)) || !((1 == systemActive))) || (\old(waterLevel) < 2)) || (methaneLevelCritical < 1))) && ((((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) || (methaneLevelCritical < 1)) || !((0 == systemActive)))) && ((((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) || (\old(waterLevel) == waterLevel))) && ((((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) || (((tmp == 0) && (pumpRunning == 0)) && (1 == systemActive)))) && ((((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 2)) || !((methaneLevelCritical == 0))) || (((tmp == 0) && (pumpRunning == 0)) && (\old(waterLevel) == waterLevel))) || !((0 == systemActive)))) - InvariantResult [Line: 800]: Loop Invariant Derived loop invariant: ((((((((((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) || !((1 == systemActive))) || (methaneLevelCritical < 1)) && ((((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (\old(waterLevel) < 2)) || !((methaneLevelCritical == 0))) || (\old(waterLevel) == waterLevel))) && ((((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) || ((pumpRunning == 0) && (waterLevel == 1)))) && (((!((1 == systemActive)) || (\old(waterLevel) < 2)) || (methaneLevelCritical < 1)) || ((pumpRunning == 0) && (1 <= waterLevel)))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || (methaneLevelCritical < 1)) || !((0 == systemActive)))) && (((!((\old(pumpRunning) == 0)) || (\old(waterLevel) < 1)) || !((methaneLevelCritical == 0))) || !((0 == systemActive)))) && ((((!((1 == systemActive)) || (2 <= waterLevel)) || (\old(waterLevel) < 2)) || !((methaneLevelCritical == 0))) || ((pumpRunning == 0) && (1 <= waterLevel)))) RESULT: Ultimate proved your program to be correct! [2023-11-06 22:18:27,324 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_269dd7f6-2ffd-4844-ae61-8aec5537bd1c/bin/uautomizer-verify-WvqO1wxjHP/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE