./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec1_product61.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version e7bb482b Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_764cb14b-b64f-4070-80d6-b4023affd156/bin/uautomizer-verify-WvqO1wxjHP/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_764cb14b-b64f-4070-80d6-b4023affd156/bin/uautomizer-verify-WvqO1wxjHP/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_764cb14b-b64f-4070-80d6-b4023affd156/bin/uautomizer-verify-WvqO1wxjHP/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_764cb14b-b64f-4070-80d6-b4023affd156/bin/uautomizer-verify-WvqO1wxjHP/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec1_product61.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_764cb14b-b64f-4070-80d6-b4023affd156/bin/uautomizer-verify-WvqO1wxjHP/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_764cb14b-b64f-4070-80d6-b4023affd156/bin/uautomizer-verify-WvqO1wxjHP --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash f250833677b07ed1377ed852c7268af3b652ab26de7f7fe1fca27ae75baf167f --- Real Ultimate output --- This is Ultimate 0.2.3-dev-e7bb482 [2023-11-06 23:06:41,166 INFO L188 SettingsManager]: Resetting all preferences to default values... [2023-11-06 23:06:41,284 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_764cb14b-b64f-4070-80d6-b4023affd156/bin/uautomizer-verify-WvqO1wxjHP/config/svcomp-Reach-32bit-Automizer_Default.epf [2023-11-06 23:06:41,292 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2023-11-06 23:06:41,293 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2023-11-06 23:06:41,334 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2023-11-06 23:06:41,335 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2023-11-06 23:06:41,336 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2023-11-06 23:06:41,337 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2023-11-06 23:06:41,342 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2023-11-06 23:06:41,344 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2023-11-06 23:06:41,344 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2023-11-06 23:06:41,345 INFO L153 SettingsManager]: * Use SBE=true [2023-11-06 23:06:41,346 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2023-11-06 23:06:41,347 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2023-11-06 23:06:41,347 INFO L153 SettingsManager]: * sizeof long=4 [2023-11-06 23:06:41,348 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2023-11-06 23:06:41,348 INFO L153 SettingsManager]: * sizeof POINTER=4 [2023-11-06 23:06:41,349 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2023-11-06 23:06:41,349 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2023-11-06 23:06:41,350 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2023-11-06 23:06:41,350 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2023-11-06 23:06:41,351 INFO L153 SettingsManager]: * sizeof long double=12 [2023-11-06 23:06:41,351 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2023-11-06 23:06:41,351 INFO L153 SettingsManager]: * Use constant arrays=true [2023-11-06 23:06:41,352 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2023-11-06 23:06:41,353 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2023-11-06 23:06:41,353 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2023-11-06 23:06:41,354 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2023-11-06 23:06:41,354 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2023-11-06 23:06:41,356 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2023-11-06 23:06:41,356 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2023-11-06 23:06:41,356 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2023-11-06 23:06:41,356 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2023-11-06 23:06:41,357 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2023-11-06 23:06:41,357 INFO L153 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2023-11-06 23:06:41,357 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2023-11-06 23:06:41,358 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2023-11-06 23:06:41,358 INFO L153 SettingsManager]: * Independence relation used for large block encoding in concurrent analysis=SYNTACTIC [2023-11-06 23:06:41,358 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_764cb14b-b64f-4070-80d6-b4023affd156/bin/uautomizer-verify-WvqO1wxjHP/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_764cb14b-b64f-4070-80d6-b4023affd156/bin/uautomizer-verify-WvqO1wxjHP Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> f250833677b07ed1377ed852c7268af3b652ab26de7f7fe1fca27ae75baf167f [2023-11-06 23:06:41,728 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2023-11-06 23:06:41,763 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2023-11-06 23:06:41,766 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2023-11-06 23:06:41,779 INFO L270 PluginConnector]: Initializing CDTParser... [2023-11-06 23:06:41,779 INFO L274 PluginConnector]: CDTParser initialized [2023-11-06 23:06:41,781 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_764cb14b-b64f-4070-80d6-b4023affd156/bin/uautomizer-verify-WvqO1wxjHP/../../sv-benchmarks/c/product-lines/minepump_spec1_product61.cil.c [2023-11-06 23:06:44,859 INFO L533 CDTParser]: Created temporary CDT project at NULL [2023-11-06 23:06:45,145 INFO L384 CDTParser]: Found 1 translation units. [2023-11-06 23:06:45,149 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_764cb14b-b64f-4070-80d6-b4023affd156/sv-benchmarks/c/product-lines/minepump_spec1_product61.cil.c [2023-11-06 23:06:45,168 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_764cb14b-b64f-4070-80d6-b4023affd156/bin/uautomizer-verify-WvqO1wxjHP/data/c9b8a94ee/9dde088137494afcb80b4eeb50be16b6/FLAG8a1ec7fad [2023-11-06 23:06:45,187 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_764cb14b-b64f-4070-80d6-b4023affd156/bin/uautomizer-verify-WvqO1wxjHP/data/c9b8a94ee/9dde088137494afcb80b4eeb50be16b6 [2023-11-06 23:06:45,189 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2023-11-06 23:06:45,191 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2023-11-06 23:06:45,193 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2023-11-06 23:06:45,193 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2023-11-06 23:06:45,202 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2023-11-06 23:06:45,203 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 06.11 11:06:45" (1/1) ... [2023-11-06 23:06:45,204 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@27ff51f0 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:06:45, skipping insertion in model container [2023-11-06 23:06:45,204 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 06.11 11:06:45" (1/1) ... [2023-11-06 23:06:45,272 INFO L177 MainTranslator]: Built tables and reachable declarations [2023-11-06 23:06:45,493 WARN L240 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_764cb14b-b64f-4070-80d6-b4023affd156/sv-benchmarks/c/product-lines/minepump_spec1_product61.cil.c[3777,3790] [2023-11-06 23:06:45,670 INFO L209 PostProcessor]: Analyzing one entry point: main [2023-11-06 23:06:45,687 INFO L202 MainTranslator]: Completed pre-run [2023-11-06 23:06:45,701 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [49] [2023-11-06 23:06:45,703 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [87] [2023-11-06 23:06:45,704 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [198] [2023-11-06 23:06:45,704 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [207] [2023-11-06 23:06:45,705 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [234] [2023-11-06 23:06:45,705 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [333] [2023-11-06 23:06:45,710 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [575] [2023-11-06 23:06:45,711 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [640] [2023-11-06 23:06:45,725 WARN L240 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_764cb14b-b64f-4070-80d6-b4023affd156/sv-benchmarks/c/product-lines/minepump_spec1_product61.cil.c[3777,3790] [2023-11-06 23:06:45,777 INFO L209 PostProcessor]: Analyzing one entry point: main [2023-11-06 23:06:45,804 INFO L206 MainTranslator]: Completed translation [2023-11-06 23:06:45,804 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:06:45 WrapperNode [2023-11-06 23:06:45,804 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2023-11-06 23:06:45,805 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2023-11-06 23:06:45,806 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2023-11-06 23:06:45,806 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2023-11-06 23:06:45,812 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:06:45" (1/1) ... [2023-11-06 23:06:45,828 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:06:45" (1/1) ... [2023-11-06 23:06:45,869 INFO L138 Inliner]: procedures = 57, calls = 104, calls flagged for inlining = 22, calls inlined = 19, statements flattened = 215 [2023-11-06 23:06:45,869 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2023-11-06 23:06:45,870 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2023-11-06 23:06:45,870 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2023-11-06 23:06:45,870 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2023-11-06 23:06:45,889 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:06:45" (1/1) ... [2023-11-06 23:06:45,889 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:06:45" (1/1) ... [2023-11-06 23:06:45,892 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:06:45" (1/1) ... [2023-11-06 23:06:45,893 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:06:45" (1/1) ... [2023-11-06 23:06:45,900 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:06:45" (1/1) ... [2023-11-06 23:06:45,920 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:06:45" (1/1) ... [2023-11-06 23:06:45,922 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:06:45" (1/1) ... [2023-11-06 23:06:45,924 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:06:45" (1/1) ... [2023-11-06 23:06:45,927 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2023-11-06 23:06:45,928 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2023-11-06 23:06:45,928 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2023-11-06 23:06:45,928 INFO L274 PluginConnector]: RCFGBuilder initialized [2023-11-06 23:06:45,929 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:06:45" (1/1) ... [2023-11-06 23:06:45,945 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2023-11-06 23:06:45,962 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_764cb14b-b64f-4070-80d6-b4023affd156/bin/uautomizer-verify-WvqO1wxjHP/z3 [2023-11-06 23:06:45,976 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_764cb14b-b64f-4070-80d6-b4023affd156/bin/uautomizer-verify-WvqO1wxjHP/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2023-11-06 23:06:46,001 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_764cb14b-b64f-4070-80d6-b4023affd156/bin/uautomizer-verify-WvqO1wxjHP/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2023-11-06 23:06:46,033 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2023-11-06 23:06:46,033 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2023-11-06 23:06:46,033 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2023-11-06 23:06:46,034 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2023-11-06 23:06:46,036 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2023-11-06 23:06:46,037 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2023-11-06 23:06:46,037 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2023-11-06 23:06:46,037 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2023-11-06 23:06:46,038 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2023-11-06 23:06:46,038 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2023-11-06 23:06:46,038 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2023-11-06 23:06:46,038 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2023-11-06 23:06:46,038 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2023-11-06 23:06:46,039 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2023-11-06 23:06:46,039 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2023-11-06 23:06:46,039 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2023-11-06 23:06:46,040 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2023-11-06 23:06:46,040 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2023-11-06 23:06:46,040 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2023-11-06 23:06:46,040 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2023-11-06 23:06:46,041 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2023-11-06 23:06:46,042 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2023-11-06 23:06:46,043 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2023-11-06 23:06:46,043 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2023-11-06 23:06:46,188 INFO L236 CfgBuilder]: Building ICFG [2023-11-06 23:06:46,191 INFO L262 CfgBuilder]: Building CFG for each procedure with an implementation [2023-11-06 23:06:46,609 INFO L277 CfgBuilder]: Performing block encoding [2023-11-06 23:06:46,621 INFO L297 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2023-11-06 23:06:46,624 INFO L302 CfgBuilder]: Removed 2 assume(true) statements. [2023-11-06 23:06:46,627 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 06.11 11:06:46 BoogieIcfgContainer [2023-11-06 23:06:46,627 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2023-11-06 23:06:46,632 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2023-11-06 23:06:46,632 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2023-11-06 23:06:46,636 INFO L274 PluginConnector]: TraceAbstraction initialized [2023-11-06 23:06:46,637 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 06.11 11:06:45" (1/3) ... [2023-11-06 23:06:46,638 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@a5388f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 06.11 11:06:46, skipping insertion in model container [2023-11-06 23:06:46,638 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 11:06:45" (2/3) ... [2023-11-06 23:06:46,639 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@a5388f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 06.11 11:06:46, skipping insertion in model container [2023-11-06 23:06:46,640 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 06.11 11:06:46" (3/3) ... [2023-11-06 23:06:46,641 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product61.cil.c [2023-11-06 23:06:46,665 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2023-11-06 23:06:46,666 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2023-11-06 23:06:46,742 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2023-11-06 23:06:46,750 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@1201a97c, mLbeIndependenceSettings=[IndependenceType=SYNTACTIC, AbstractionType=NONE, UseConditional=, UseSemiCommutativity=, Solver=, SolverTimeout=] [2023-11-06 23:06:46,750 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2023-11-06 23:06:46,758 INFO L276 IsEmpty]: Start isEmpty. Operand has 108 states, 78 states have (on average 1.3717948717948718) internal successors, (107), 88 states have internal predecessors, (107), 18 states have call successors, (18), 10 states have call predecessors, (18), 10 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) [2023-11-06 23:06:46,772 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2023-11-06 23:06:46,773 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 23:06:46,774 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 23:06:46,774 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 23:06:46,780 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 23:06:46,781 INFO L85 PathProgramCache]: Analyzing trace with hash 1854857434, now seen corresponding path program 1 times [2023-11-06 23:06:46,790 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 23:06:46,790 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [887720708] [2023-11-06 23:06:46,791 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 23:06:46,791 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 23:06:46,931 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:46,999 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2023-11-06 23:06:47,005 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:47,011 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2023-11-06 23:06:47,011 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 23:06:47,012 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [887720708] [2023-11-06 23:06:47,013 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [887720708] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 23:06:47,013 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 23:06:47,013 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2023-11-06 23:06:47,015 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1707820341] [2023-11-06 23:06:47,016 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 23:06:47,029 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2023-11-06 23:06:47,030 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 23:06:47,072 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2023-11-06 23:06:47,073 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2023-11-06 23:06:47,076 INFO L87 Difference]: Start difference. First operand has 108 states, 78 states have (on average 1.3717948717948718) internal successors, (107), 88 states have internal predecessors, (107), 18 states have call successors, (18), 10 states have call predecessors, (18), 10 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) Second operand has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2023-11-06 23:06:47,130 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 23:06:47,130 INFO L93 Difference]: Finished difference Result 208 states and 281 transitions. [2023-11-06 23:06:47,131 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2023-11-06 23:06:47,132 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2023-11-06 23:06:47,133 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 23:06:47,145 INFO L225 Difference]: With dead ends: 208 [2023-11-06 23:06:47,145 INFO L226 Difference]: Without dead ends: 99 [2023-11-06 23:06:47,151 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2023-11-06 23:06:47,155 INFO L413 NwaCegarLoop]: 137 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 137 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-11-06 23:06:47,156 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 137 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-11-06 23:06:47,171 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 99 states. [2023-11-06 23:06:47,200 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 99 to 99. [2023-11-06 23:06:47,201 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 99 states, 71 states have (on average 1.3098591549295775) internal successors, (93), 80 states have internal predecessors, (93), 18 states have call successors, (18), 10 states have call predecessors, (18), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) [2023-11-06 23:06:47,206 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 99 states to 99 states and 128 transitions. [2023-11-06 23:06:47,212 INFO L78 Accepts]: Start accepts. Automaton has 99 states and 128 transitions. Word has length 23 [2023-11-06 23:06:47,212 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 23:06:47,212 INFO L495 AbstractCegarLoop]: Abstraction has 99 states and 128 transitions. [2023-11-06 23:06:47,213 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 9.5) internal successors, (19), 2 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2023-11-06 23:06:47,213 INFO L276 IsEmpty]: Start isEmpty. Operand 99 states and 128 transitions. [2023-11-06 23:06:47,216 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2023-11-06 23:06:47,218 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 23:06:47,219 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 23:06:47,219 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2023-11-06 23:06:47,220 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 23:06:47,220 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 23:06:47,221 INFO L85 PathProgramCache]: Analyzing trace with hash 1310134844, now seen corresponding path program 1 times [2023-11-06 23:06:47,222 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 23:06:47,222 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2124986094] [2023-11-06 23:06:47,222 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 23:06:47,223 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 23:06:47,264 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:47,390 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2023-11-06 23:06:47,398 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:47,401 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2023-11-06 23:06:47,401 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 23:06:47,402 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2124986094] [2023-11-06 23:06:47,402 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2124986094] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 23:06:47,402 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 23:06:47,402 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2023-11-06 23:06:47,403 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1336131687] [2023-11-06 23:06:47,403 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 23:06:47,404 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2023-11-06 23:06:47,404 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 23:06:47,405 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2023-11-06 23:06:47,406 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-11-06 23:06:47,406 INFO L87 Difference]: Start difference. First operand 99 states and 128 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2023-11-06 23:06:47,431 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 23:06:47,432 INFO L93 Difference]: Finished difference Result 164 states and 212 transitions. [2023-11-06 23:06:47,432 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2023-11-06 23:06:47,433 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2023-11-06 23:06:47,433 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 23:06:47,435 INFO L225 Difference]: With dead ends: 164 [2023-11-06 23:06:47,435 INFO L226 Difference]: Without dead ends: 90 [2023-11-06 23:06:47,437 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-11-06 23:06:47,439 INFO L413 NwaCegarLoop]: 115 mSDtfsCounter, 12 mSDsluCounter, 99 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 15 SdHoareTripleChecker+Valid, 214 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-11-06 23:06:47,439 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [15 Valid, 214 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-11-06 23:06:47,441 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 90 states. [2023-11-06 23:06:47,452 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 90 to 90. [2023-11-06 23:06:47,453 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 90 states, 65 states have (on average 1.323076923076923) internal successors, (86), 74 states have internal predecessors, (86), 15 states have call successors, (15), 9 states have call predecessors, (15), 9 states have return successors, (15), 10 states have call predecessors, (15), 15 states have call successors, (15) [2023-11-06 23:06:47,455 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 90 states to 90 states and 116 transitions. [2023-11-06 23:06:47,455 INFO L78 Accepts]: Start accepts. Automaton has 90 states and 116 transitions. Word has length 24 [2023-11-06 23:06:47,456 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 23:06:47,456 INFO L495 AbstractCegarLoop]: Abstraction has 90 states and 116 transitions. [2023-11-06 23:06:47,456 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2023-11-06 23:06:47,456 INFO L276 IsEmpty]: Start isEmpty. Operand 90 states and 116 transitions. [2023-11-06 23:06:47,458 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2023-11-06 23:06:47,458 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 23:06:47,458 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 23:06:47,459 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2023-11-06 23:06:47,459 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 23:06:47,459 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 23:06:47,460 INFO L85 PathProgramCache]: Analyzing trace with hash 2011182624, now seen corresponding path program 1 times [2023-11-06 23:06:47,460 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 23:06:47,460 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [85253400] [2023-11-06 23:06:47,460 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 23:06:47,461 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 23:06:47,483 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:47,572 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2023-11-06 23:06:47,574 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:47,577 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2023-11-06 23:06:47,577 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 23:06:47,577 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [85253400] [2023-11-06 23:06:47,578 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [85253400] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 23:06:47,578 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 23:06:47,578 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2023-11-06 23:06:47,579 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1067656075] [2023-11-06 23:06:47,579 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 23:06:47,579 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2023-11-06 23:06:47,580 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 23:06:47,580 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2023-11-06 23:06:47,581 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-11-06 23:06:47,581 INFO L87 Difference]: Start difference. First operand 90 states and 116 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2023-11-06 23:06:47,606 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 23:06:47,606 INFO L93 Difference]: Finished difference Result 173 states and 226 transitions. [2023-11-06 23:06:47,607 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2023-11-06 23:06:47,607 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 28 [2023-11-06 23:06:47,608 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 23:06:47,609 INFO L225 Difference]: With dead ends: 173 [2023-11-06 23:06:47,610 INFO L226 Difference]: Without dead ends: 90 [2023-11-06 23:06:47,611 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-11-06 23:06:47,613 INFO L413 NwaCegarLoop]: 114 mSDtfsCounter, 98 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 98 SdHoareTripleChecker+Valid, 114 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-11-06 23:06:47,614 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [98 Valid, 114 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-11-06 23:06:47,616 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 90 states. [2023-11-06 23:06:47,627 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 90 to 90. [2023-11-06 23:06:47,628 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 90 states, 65 states have (on average 1.3076923076923077) internal successors, (85), 74 states have internal predecessors, (85), 15 states have call successors, (15), 9 states have call predecessors, (15), 9 states have return successors, (15), 10 states have call predecessors, (15), 15 states have call successors, (15) [2023-11-06 23:06:47,630 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 90 states to 90 states and 115 transitions. [2023-11-06 23:06:47,630 INFO L78 Accepts]: Start accepts. Automaton has 90 states and 115 transitions. Word has length 28 [2023-11-06 23:06:47,631 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 23:06:47,631 INFO L495 AbstractCegarLoop]: Abstraction has 90 states and 115 transitions. [2023-11-06 23:06:47,631 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2023-11-06 23:06:47,632 INFO L276 IsEmpty]: Start isEmpty. Operand 90 states and 115 transitions. [2023-11-06 23:06:47,634 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2023-11-06 23:06:47,634 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 23:06:47,635 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 23:06:47,635 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2023-11-06 23:06:47,635 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 23:06:47,636 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 23:06:47,636 INFO L85 PathProgramCache]: Analyzing trace with hash -1454995953, now seen corresponding path program 1 times [2023-11-06 23:06:47,636 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 23:06:47,637 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1817482724] [2023-11-06 23:06:47,637 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 23:06:47,637 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 23:06:47,657 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:47,766 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2023-11-06 23:06:47,770 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:47,783 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-06 23:06:47,785 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:47,805 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-06 23:06:47,807 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:47,810 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2023-11-06 23:06:47,812 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:47,814 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2023-11-06 23:06:47,815 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 23:06:47,815 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1817482724] [2023-11-06 23:06:47,815 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1817482724] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 23:06:47,816 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 23:06:47,816 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2023-11-06 23:06:47,816 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [45418109] [2023-11-06 23:06:47,816 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 23:06:47,817 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2023-11-06 23:06:47,817 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 23:06:47,818 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2023-11-06 23:06:47,819 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2023-11-06 23:06:47,819 INFO L87 Difference]: Start difference. First operand 90 states and 115 transitions. Second operand has 5 states, 5 states have (on average 6.8) internal successors, (34), 5 states have internal predecessors, (34), 4 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2023-11-06 23:06:48,204 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 23:06:48,205 INFO L93 Difference]: Finished difference Result 258 states and 327 transitions. [2023-11-06 23:06:48,205 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2023-11-06 23:06:48,206 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.8) internal successors, (34), 5 states have internal predecessors, (34), 4 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) Word has length 43 [2023-11-06 23:06:48,206 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 23:06:48,209 INFO L225 Difference]: With dead ends: 258 [2023-11-06 23:06:48,209 INFO L226 Difference]: Without dead ends: 175 [2023-11-06 23:06:48,210 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 19 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=19, Invalid=37, Unknown=0, NotChecked=0, Total=56 [2023-11-06 23:06:48,212 INFO L413 NwaCegarLoop]: 119 mSDtfsCounter, 213 mSDsluCounter, 169 mSDsCounter, 0 mSdLazyCounter, 143 mSolverCounterSat, 77 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 215 SdHoareTripleChecker+Valid, 288 SdHoareTripleChecker+Invalid, 220 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 77 IncrementalHoareTripleChecker+Valid, 143 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2023-11-06 23:06:48,213 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [215 Valid, 288 Invalid, 220 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [77 Valid, 143 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2023-11-06 23:06:48,214 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 175 states. [2023-11-06 23:06:48,248 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 175 to 169. [2023-11-06 23:06:48,251 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 169 states, 123 states have (on average 1.2357723577235773) internal successors, (152), 132 states have internal predecessors, (152), 22 states have call successors, (22), 18 states have call predecessors, (22), 23 states have return successors, (29), 24 states have call predecessors, (29), 22 states have call successors, (29) [2023-11-06 23:06:48,257 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 169 states to 169 states and 203 transitions. [2023-11-06 23:06:48,258 INFO L78 Accepts]: Start accepts. Automaton has 169 states and 203 transitions. Word has length 43 [2023-11-06 23:06:48,258 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 23:06:48,259 INFO L495 AbstractCegarLoop]: Abstraction has 169 states and 203 transitions. [2023-11-06 23:06:48,259 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.8) internal successors, (34), 5 states have internal predecessors, (34), 4 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2023-11-06 23:06:48,259 INFO L276 IsEmpty]: Start isEmpty. Operand 169 states and 203 transitions. [2023-11-06 23:06:48,266 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2023-11-06 23:06:48,266 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 23:06:48,266 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 23:06:48,267 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2023-11-06 23:06:48,267 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 23:06:48,269 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 23:06:48,269 INFO L85 PathProgramCache]: Analyzing trace with hash 541296903, now seen corresponding path program 1 times [2023-11-06 23:06:48,270 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 23:06:48,270 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1524564115] [2023-11-06 23:06:48,270 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 23:06:48,271 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 23:06:48,306 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:48,478 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2023-11-06 23:06:48,491 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:48,505 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-06 23:06:48,511 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:48,527 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-06 23:06:48,528 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:48,532 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 40 [2023-11-06 23:06:48,534 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:48,547 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2023-11-06 23:06:48,547 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 23:06:48,548 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1524564115] [2023-11-06 23:06:48,548 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1524564115] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 23:06:48,549 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 23:06:48,549 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2023-11-06 23:06:48,551 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [507076648] [2023-11-06 23:06:48,551 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 23:06:48,552 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2023-11-06 23:06:48,553 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 23:06:48,554 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2023-11-06 23:06:48,554 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2023-11-06 23:06:48,554 INFO L87 Difference]: Start difference. First operand 169 states and 203 transitions. Second operand has 6 states, 6 states have (on average 6.666666666666667) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 1 states have call predecessors, (4), 2 states have call successors, (4) [2023-11-06 23:06:48,886 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 23:06:48,886 INFO L93 Difference]: Finished difference Result 181 states and 214 transitions. [2023-11-06 23:06:48,887 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2023-11-06 23:06:48,887 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.666666666666667) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 1 states have call predecessors, (4), 2 states have call successors, (4) Word has length 49 [2023-11-06 23:06:48,888 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 23:06:48,890 INFO L225 Difference]: With dead ends: 181 [2023-11-06 23:06:48,890 INFO L226 Difference]: Without dead ends: 179 [2023-11-06 23:06:48,891 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 23 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 11 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=45, Invalid=87, Unknown=0, NotChecked=0, Total=132 [2023-11-06 23:06:48,897 INFO L413 NwaCegarLoop]: 93 mSDtfsCounter, 158 mSDsluCounter, 282 mSDsCounter, 0 mSdLazyCounter, 179 mSolverCounterSat, 37 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 164 SdHoareTripleChecker+Valid, 375 SdHoareTripleChecker+Invalid, 216 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 37 IncrementalHoareTripleChecker+Valid, 179 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2023-11-06 23:06:48,903 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [164 Valid, 375 Invalid, 216 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [37 Valid, 179 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2023-11-06 23:06:48,904 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 179 states. [2023-11-06 23:06:48,942 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 179 to 169. [2023-11-06 23:06:48,947 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 169 states, 123 states have (on average 1.2195121951219512) internal successors, (150), 132 states have internal predecessors, (150), 22 states have call successors, (22), 18 states have call predecessors, (22), 23 states have return successors, (29), 24 states have call predecessors, (29), 22 states have call successors, (29) [2023-11-06 23:06:48,949 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 169 states to 169 states and 201 transitions. [2023-11-06 23:06:48,956 INFO L78 Accepts]: Start accepts. Automaton has 169 states and 201 transitions. Word has length 49 [2023-11-06 23:06:48,957 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 23:06:48,958 INFO L495 AbstractCegarLoop]: Abstraction has 169 states and 201 transitions. [2023-11-06 23:06:48,959 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.666666666666667) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 1 states have call predecessors, (4), 2 states have call successors, (4) [2023-11-06 23:06:48,959 INFO L276 IsEmpty]: Start isEmpty. Operand 169 states and 201 transitions. [2023-11-06 23:06:48,960 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 60 [2023-11-06 23:06:48,965 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 23:06:48,966 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 23:06:48,966 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2023-11-06 23:06:48,966 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 23:06:48,968 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 23:06:48,968 INFO L85 PathProgramCache]: Analyzing trace with hash -543497229, now seen corresponding path program 1 times [2023-11-06 23:06:48,968 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 23:06:48,969 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1502051111] [2023-11-06 23:06:48,969 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 23:06:48,969 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 23:06:48,986 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:49,084 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2023-11-06 23:06:49,090 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:49,114 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-06 23:06:49,120 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:49,175 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-06 23:06:49,177 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:49,179 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2023-11-06 23:06:49,180 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:49,182 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 50 [2023-11-06 23:06:49,184 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:49,186 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2023-11-06 23:06:49,186 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 23:06:49,186 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1502051111] [2023-11-06 23:06:49,186 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1502051111] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 23:06:49,187 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 23:06:49,187 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2023-11-06 23:06:49,187 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1147031388] [2023-11-06 23:06:49,187 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 23:06:49,188 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2023-11-06 23:06:49,188 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 23:06:49,189 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2023-11-06 23:06:49,189 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2023-11-06 23:06:49,189 INFO L87 Difference]: Start difference. First operand 169 states and 201 transitions. Second operand has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2023-11-06 23:06:49,436 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 23:06:49,436 INFO L93 Difference]: Finished difference Result 341 states and 414 transitions. [2023-11-06 23:06:49,437 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2023-11-06 23:06:49,437 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 59 [2023-11-06 23:06:49,437 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 23:06:49,439 INFO L225 Difference]: With dead ends: 341 [2023-11-06 23:06:49,439 INFO L226 Difference]: Without dead ends: 179 [2023-11-06 23:06:49,440 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 21 GetRequests, 13 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=29, Invalid=61, Unknown=0, NotChecked=0, Total=90 [2023-11-06 23:06:49,441 INFO L413 NwaCegarLoop]: 92 mSDtfsCounter, 72 mSDsluCounter, 297 mSDsCounter, 0 mSdLazyCounter, 168 mSolverCounterSat, 23 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 77 SdHoareTripleChecker+Valid, 389 SdHoareTripleChecker+Invalid, 191 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 23 IncrementalHoareTripleChecker+Valid, 168 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2023-11-06 23:06:49,441 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [77 Valid, 389 Invalid, 191 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [23 Valid, 168 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2023-11-06 23:06:49,442 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 179 states. [2023-11-06 23:06:49,463 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 179 to 172. [2023-11-06 23:06:49,463 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 172 states, 126 states have (on average 1.2142857142857142) internal successors, (153), 135 states have internal predecessors, (153), 22 states have call successors, (22), 18 states have call predecessors, (22), 23 states have return successors, (29), 24 states have call predecessors, (29), 22 states have call successors, (29) [2023-11-06 23:06:49,465 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 172 states to 172 states and 204 transitions. [2023-11-06 23:06:49,465 INFO L78 Accepts]: Start accepts. Automaton has 172 states and 204 transitions. Word has length 59 [2023-11-06 23:06:49,466 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 23:06:49,466 INFO L495 AbstractCegarLoop]: Abstraction has 172 states and 204 transitions. [2023-11-06 23:06:49,466 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2023-11-06 23:06:49,466 INFO L276 IsEmpty]: Start isEmpty. Operand 172 states and 204 transitions. [2023-11-06 23:06:49,467 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 60 [2023-11-06 23:06:49,467 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 23:06:49,468 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 23:06:49,468 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2023-11-06 23:06:49,468 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 23:06:49,468 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 23:06:49,469 INFO L85 PathProgramCache]: Analyzing trace with hash -268737615, now seen corresponding path program 1 times [2023-11-06 23:06:49,469 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 23:06:49,469 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2106204009] [2023-11-06 23:06:49,469 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 23:06:49,469 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 23:06:49,482 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:49,551 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2023-11-06 23:06:49,558 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:49,617 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-06 23:06:49,632 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:49,673 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-06 23:06:49,689 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:49,692 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2023-11-06 23:06:49,697 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:49,701 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 50 [2023-11-06 23:06:49,705 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:49,708 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2023-11-06 23:06:49,708 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 23:06:49,708 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2106204009] [2023-11-06 23:06:49,709 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2106204009] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 23:06:49,709 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 23:06:49,709 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2023-11-06 23:06:49,709 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2080821238] [2023-11-06 23:06:49,709 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 23:06:49,710 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2023-11-06 23:06:49,710 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 23:06:49,711 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2023-11-06 23:06:49,711 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2023-11-06 23:06:49,712 INFO L87 Difference]: Start difference. First operand 172 states and 204 transitions. Second operand has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 3 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2023-11-06 23:06:49,998 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 23:06:49,998 INFO L93 Difference]: Finished difference Result 347 states and 420 transitions. [2023-11-06 23:06:49,999 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2023-11-06 23:06:50,000 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 3 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) Word has length 59 [2023-11-06 23:06:50,000 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 23:06:50,003 INFO L225 Difference]: With dead ends: 347 [2023-11-06 23:06:50,003 INFO L226 Difference]: Without dead ends: 182 [2023-11-06 23:06:50,004 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 22 GetRequests, 14 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=34, Invalid=56, Unknown=0, NotChecked=0, Total=90 [2023-11-06 23:06:50,008 INFO L413 NwaCegarLoop]: 90 mSDtfsCounter, 167 mSDsluCounter, 205 mSDsCounter, 0 mSdLazyCounter, 136 mSolverCounterSat, 49 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 170 SdHoareTripleChecker+Valid, 295 SdHoareTripleChecker+Invalid, 185 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 49 IncrementalHoareTripleChecker+Valid, 136 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2023-11-06 23:06:50,009 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [170 Valid, 295 Invalid, 185 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [49 Valid, 136 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2023-11-06 23:06:50,011 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 182 states. [2023-11-06 23:06:50,067 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 182 to 174. [2023-11-06 23:06:50,068 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 174 states, 128 states have (on average 1.2109375) internal successors, (155), 137 states have internal predecessors, (155), 22 states have call successors, (22), 18 states have call predecessors, (22), 23 states have return successors, (29), 24 states have call predecessors, (29), 22 states have call successors, (29) [2023-11-06 23:06:50,070 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 174 states to 174 states and 206 transitions. [2023-11-06 23:06:50,070 INFO L78 Accepts]: Start accepts. Automaton has 174 states and 206 transitions. Word has length 59 [2023-11-06 23:06:50,071 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 23:06:50,071 INFO L495 AbstractCegarLoop]: Abstraction has 174 states and 206 transitions. [2023-11-06 23:06:50,072 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.666666666666667) internal successors, (46), 5 states have internal predecessors, (46), 3 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 2 states have call successors, (5) [2023-11-06 23:06:50,072 INFO L276 IsEmpty]: Start isEmpty. Operand 174 states and 206 transitions. [2023-11-06 23:06:50,073 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 60 [2023-11-06 23:06:50,073 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 23:06:50,074 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 23:06:50,074 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2023-11-06 23:06:50,074 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 23:06:50,075 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 23:06:50,079 INFO L85 PathProgramCache]: Analyzing trace with hash 1782246383, now seen corresponding path program 1 times [2023-11-06 23:06:50,080 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 23:06:50,080 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2022687963] [2023-11-06 23:06:50,080 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 23:06:50,081 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 23:06:50,105 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:50,203 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2023-11-06 23:06:50,210 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:50,230 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-06 23:06:50,235 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:50,255 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-06 23:06:50,258 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:50,265 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2023-11-06 23:06:50,267 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:50,277 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 50 [2023-11-06 23:06:50,278 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:50,281 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2023-11-06 23:06:50,281 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 23:06:50,282 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2022687963] [2023-11-06 23:06:50,282 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2022687963] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 23:06:50,282 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 23:06:50,282 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2023-11-06 23:06:50,283 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [607314792] [2023-11-06 23:06:50,283 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 23:06:50,284 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2023-11-06 23:06:50,284 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 23:06:50,285 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2023-11-06 23:06:50,285 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2023-11-06 23:06:50,285 INFO L87 Difference]: Start difference. First operand 174 states and 206 transitions. Second operand has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 4 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2023-11-06 23:06:50,567 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 23:06:50,568 INFO L93 Difference]: Finished difference Result 465 states and 581 transitions. [2023-11-06 23:06:50,568 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2023-11-06 23:06:50,568 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 4 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) Word has length 59 [2023-11-06 23:06:50,570 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 23:06:50,574 INFO L225 Difference]: With dead ends: 465 [2023-11-06 23:06:50,574 INFO L226 Difference]: Without dead ends: 298 [2023-11-06 23:06:50,575 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 19 GetRequests, 13 SyntacticMatches, 1 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2023-11-06 23:06:50,577 INFO L413 NwaCegarLoop]: 132 mSDtfsCounter, 220 mSDsluCounter, 180 mSDsCounter, 0 mSdLazyCounter, 160 mSolverCounterSat, 70 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 228 SdHoareTripleChecker+Valid, 312 SdHoareTripleChecker+Invalid, 230 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 70 IncrementalHoareTripleChecker+Valid, 160 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2023-11-06 23:06:50,578 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [228 Valid, 312 Invalid, 230 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [70 Valid, 160 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2023-11-06 23:06:50,580 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 298 states. [2023-11-06 23:06:50,624 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 298 to 296. [2023-11-06 23:06:50,626 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 296 states, 218 states have (on average 1.2064220183486238) internal successors, (263), 231 states have internal predecessors, (263), 39 states have call successors, (39), 35 states have call predecessors, (39), 38 states have return successors, (58), 40 states have call predecessors, (58), 39 states have call successors, (58) [2023-11-06 23:06:50,631 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 296 states to 296 states and 360 transitions. [2023-11-06 23:06:50,631 INFO L78 Accepts]: Start accepts. Automaton has 296 states and 360 transitions. Word has length 59 [2023-11-06 23:06:50,632 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 23:06:50,632 INFO L495 AbstractCegarLoop]: Abstraction has 296 states and 360 transitions. [2023-11-06 23:06:50,632 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.2) internal successors, (46), 4 states have internal predecessors, (46), 4 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 4 states have call successors, (5) [2023-11-06 23:06:50,632 INFO L276 IsEmpty]: Start isEmpty. Operand 296 states and 360 transitions. [2023-11-06 23:06:50,634 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 64 [2023-11-06 23:06:50,634 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 23:06:50,635 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 23:06:50,635 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2023-11-06 23:06:50,635 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 23:06:50,636 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 23:06:50,636 INFO L85 PathProgramCache]: Analyzing trace with hash -1601702199, now seen corresponding path program 1 times [2023-11-06 23:06:50,636 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 23:06:50,636 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [92466435] [2023-11-06 23:06:50,636 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 23:06:50,637 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 23:06:50,656 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:50,793 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2023-11-06 23:06:50,794 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:50,803 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2023-11-06 23:06:50,809 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:50,855 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-06 23:06:50,860 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:50,956 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-06 23:06:50,958 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:50,991 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2023-11-06 23:06:50,992 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:51,009 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 54 [2023-11-06 23:06:51,011 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:51,023 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2023-11-06 23:06:51,023 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 23:06:51,023 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [92466435] [2023-11-06 23:06:51,024 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [92466435] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 23:06:51,024 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 23:06:51,024 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [12] imperfect sequences [] total 12 [2023-11-06 23:06:51,024 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [654891693] [2023-11-06 23:06:51,025 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 23:06:51,027 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 12 states [2023-11-06 23:06:51,027 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 23:06:51,028 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2023-11-06 23:06:51,029 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=23, Invalid=109, Unknown=0, NotChecked=0, Total=132 [2023-11-06 23:06:51,029 INFO L87 Difference]: Start difference. First operand 296 states and 360 transitions. Second operand has 12 states, 12 states have (on average 4.0) internal successors, (48), 7 states have internal predecessors, (48), 2 states have call successors, (7), 3 states have call predecessors, (7), 4 states have return successors, (6), 5 states have call predecessors, (6), 2 states have call successors, (6) [2023-11-06 23:06:52,058 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 23:06:52,059 INFO L93 Difference]: Finished difference Result 900 states and 1135 transitions. [2023-11-06 23:06:52,059 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 29 states. [2023-11-06 23:06:52,060 INFO L78 Accepts]: Start accepts. Automaton has has 12 states, 12 states have (on average 4.0) internal successors, (48), 7 states have internal predecessors, (48), 2 states have call successors, (7), 3 states have call predecessors, (7), 4 states have return successors, (6), 5 states have call predecessors, (6), 2 states have call successors, (6) Word has length 63 [2023-11-06 23:06:52,060 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 23:06:52,065 INFO L225 Difference]: With dead ends: 900 [2023-11-06 23:06:52,065 INFO L226 Difference]: Without dead ends: 611 [2023-11-06 23:06:52,067 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 49 GetRequests, 16 SyntacticMatches, 0 SemanticMatches, 33 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 257 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=229, Invalid=961, Unknown=0, NotChecked=0, Total=1190 [2023-11-06 23:06:52,068 INFO L413 NwaCegarLoop]: 55 mSDtfsCounter, 361 mSDsluCounter, 416 mSDsCounter, 0 mSdLazyCounter, 792 mSolverCounterSat, 141 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 368 SdHoareTripleChecker+Valid, 471 SdHoareTripleChecker+Invalid, 933 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 141 IncrementalHoareTripleChecker+Valid, 792 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2023-11-06 23:06:52,069 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [368 Valid, 471 Invalid, 933 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [141 Valid, 792 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2023-11-06 23:06:52,070 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 611 states. [2023-11-06 23:06:52,168 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 611 to 602. [2023-11-06 23:06:52,169 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 602 states, 437 states have (on average 1.1807780320366132) internal successors, (516), 467 states have internal predecessors, (516), 86 states have call successors, (86), 68 states have call predecessors, (86), 78 states have return successors, (135), 86 states have call predecessors, (135), 86 states have call successors, (135) [2023-11-06 23:06:52,175 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 602 states to 602 states and 737 transitions. [2023-11-06 23:06:52,175 INFO L78 Accepts]: Start accepts. Automaton has 602 states and 737 transitions. Word has length 63 [2023-11-06 23:06:52,176 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 23:06:52,176 INFO L495 AbstractCegarLoop]: Abstraction has 602 states and 737 transitions. [2023-11-06 23:06:52,176 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 12 states, 12 states have (on average 4.0) internal successors, (48), 7 states have internal predecessors, (48), 2 states have call successors, (7), 3 states have call predecessors, (7), 4 states have return successors, (6), 5 states have call predecessors, (6), 2 states have call successors, (6) [2023-11-06 23:06:52,177 INFO L276 IsEmpty]: Start isEmpty. Operand 602 states and 737 transitions. [2023-11-06 23:06:52,180 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 122 [2023-11-06 23:06:52,180 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 23:06:52,181 INFO L195 NwaCegarLoop]: trace histogram [4, 4, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 23:06:52,181 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2023-11-06 23:06:52,181 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 23:06:52,182 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 23:06:52,182 INFO L85 PathProgramCache]: Analyzing trace with hash 1570194048, now seen corresponding path program 1 times [2023-11-06 23:06:52,182 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 23:06:52,182 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1723198764] [2023-11-06 23:06:52,182 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 23:06:52,183 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 23:06:52,204 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:52,333 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2023-11-06 23:06:52,335 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:52,346 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2023-11-06 23:06:52,349 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:52,370 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 3 [2023-11-06 23:06:52,373 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:52,378 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-06 23:06:52,380 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:52,385 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-06 23:06:52,386 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:52,388 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2023-11-06 23:06:52,390 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:52,391 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2023-11-06 23:06:52,392 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:52,402 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 69 [2023-11-06 23:06:52,403 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:52,416 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 81 [2023-11-06 23:06:52,418 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:52,485 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2023-11-06 23:06:52,487 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:52,507 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 92 [2023-11-06 23:06:52,510 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:52,513 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 7 [2023-11-06 23:06:52,514 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:52,516 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-06 23:06:52,517 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:52,518 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 112 [2023-11-06 23:06:52,519 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:52,521 INFO L134 CoverageAnalysis]: Checked inductivity of 48 backedges. 14 proven. 12 refuted. 0 times theorem prover too weak. 22 trivial. 0 not checked. [2023-11-06 23:06:52,521 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 23:06:52,522 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1723198764] [2023-11-06 23:06:52,522 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1723198764] provided 0 perfect and 1 imperfect interpolant sequences [2023-11-06 23:06:52,522 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [755042741] [2023-11-06 23:06:52,522 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 23:06:52,522 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-11-06 23:06:52,523 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_764cb14b-b64f-4070-80d6-b4023affd156/bin/uautomizer-verify-WvqO1wxjHP/z3 [2023-11-06 23:06:52,528 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_764cb14b-b64f-4070-80d6-b4023affd156/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-11-06 23:06:52,552 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_764cb14b-b64f-4070-80d6-b4023affd156/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2023-11-06 23:06:52,665 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 23:06:52,672 INFO L262 TraceCheckSpWp]: Trace formula consists of 379 conjuncts, 9 conjunts are in the unsatisfiable core [2023-11-06 23:06:52,693 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-11-06 23:06:52,933 INFO L134 CoverageAnalysis]: Checked inductivity of 48 backedges. 39 proven. 0 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2023-11-06 23:06:52,933 INFO L323 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2023-11-06 23:06:52,934 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [755042741] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 23:06:52,934 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2023-11-06 23:06:52,934 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [14] total 19 [2023-11-06 23:06:52,934 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1161488590] [2023-11-06 23:06:52,934 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 23:06:52,935 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2023-11-06 23:06:52,935 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 23:06:52,936 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2023-11-06 23:06:52,936 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=48, Invalid=294, Unknown=0, NotChecked=0, Total=342 [2023-11-06 23:06:52,936 INFO L87 Difference]: Start difference. First operand 602 states and 737 transitions. Second operand has 8 states, 8 states have (on average 10.75) internal successors, (86), 6 states have internal predecessors, (86), 3 states have call successors, (15), 3 states have call predecessors, (15), 5 states have return successors, (14), 5 states have call predecessors, (14), 3 states have call successors, (14) [2023-11-06 23:06:53,227 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 23:06:53,227 INFO L93 Difference]: Finished difference Result 1302 states and 1594 transitions. [2023-11-06 23:06:53,228 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2023-11-06 23:06:53,228 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 10.75) internal successors, (86), 6 states have internal predecessors, (86), 3 states have call successors, (15), 3 states have call predecessors, (15), 5 states have return successors, (14), 5 states have call predecessors, (14), 3 states have call successors, (14) Word has length 121 [2023-11-06 23:06:53,229 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 23:06:53,229 INFO L225 Difference]: With dead ends: 1302 [2023-11-06 23:06:53,229 INFO L226 Difference]: Without dead ends: 0 [2023-11-06 23:06:53,233 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 158 GetRequests, 139 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 43 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=60, Invalid=360, Unknown=0, NotChecked=0, Total=420 [2023-11-06 23:06:53,234 INFO L413 NwaCegarLoop]: 190 mSDtfsCounter, 65 mSDsluCounter, 965 mSDsCounter, 0 mSdLazyCounter, 121 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 68 SdHoareTripleChecker+Valid, 1155 SdHoareTripleChecker+Invalid, 124 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 121 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2023-11-06 23:06:53,235 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [68 Valid, 1155 Invalid, 124 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 121 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2023-11-06 23:06:53,235 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2023-11-06 23:06:53,235 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2023-11-06 23:06:53,236 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2023-11-06 23:06:53,236 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2023-11-06 23:06:53,236 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 121 [2023-11-06 23:06:53,237 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 23:06:53,237 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2023-11-06 23:06:53,237 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 10.75) internal successors, (86), 6 states have internal predecessors, (86), 3 states have call successors, (15), 3 states have call predecessors, (15), 5 states have return successors, (14), 5 states have call predecessors, (14), 3 states have call successors, (14) [2023-11-06 23:06:53,237 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2023-11-06 23:06:53,237 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2023-11-06 23:06:53,240 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2023-11-06 23:06:53,252 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_764cb14b-b64f-4070-80d6-b4023affd156/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2023-11-06 23:06:53,446 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_764cb14b-b64f-4070-80d6-b4023affd156/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2023-11-06 23:06:53,448 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2023-11-06 23:06:57,259 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 473 480) no Hoare annotation was computed. [2023-11-06 23:06:57,260 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 473 480) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (= |old(~pumpRunning~0)| 0))) (and (or .cse0 .cse1 .cse2 (not (= ~methaneLevelCritical~0 0))) (or .cse0 .cse1 .cse2 (< ~methaneLevelCritical~0 1)))) [2023-11-06 23:06:57,260 INFO L899 garLoopResultBuilder]: For program point deactivatePumpFINAL(lines 473 480) no Hoare annotation was computed. [2023-11-06 23:06:57,260 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 363 369) no Hoare annotation was computed. [2023-11-06 23:06:57,260 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 363 369) the Hoare annotation is: true [2023-11-06 23:06:57,260 INFO L895 garLoopResultBuilder]: At program point L411(line 411) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= ~methaneLevelCritical~0 0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1) (or .cse2 .cse0 (< ~methaneLevelCritical~0 1)) (or .cse2 .cse0 .cse1))) [2023-11-06 23:06:57,260 INFO L895 garLoopResultBuilder]: At program point L407(line 407) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= ~methaneLevelCritical~0 0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1) (or .cse2 .cse0 (< ~methaneLevelCritical~0 1)) (or .cse2 .cse0 .cse1))) [2023-11-06 23:06:57,261 INFO L899 garLoopResultBuilder]: For program point L405(lines 405 413) no Hoare annotation was computed. [2023-11-06 23:06:57,261 INFO L899 garLoopResultBuilder]: For program point L401(lines 401 418) no Hoare annotation was computed. [2023-11-06 23:06:57,261 INFO L895 garLoopResultBuilder]: At program point isLowWaterSensorDry_returnLabel#1(lines 189 197) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= ~methaneLevelCritical~0 0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1) (or .cse2 .cse0 (< ~methaneLevelCritical~0 1)) (or .cse2 .cse0 .cse1))) [2023-11-06 23:06:57,261 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 397 421) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (= ~methaneLevelCritical~0 0))) (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) .cse0 (< ~methaneLevelCritical~0 1)))) [2023-11-06 23:06:57,261 INFO L895 garLoopResultBuilder]: At program point L416(line 416) the Hoare annotation is: (let ((.cse1 (= |old(~pumpRunning~0)| 0)) (.cse3 (= ~pumpRunning~0 0)) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2) (or (not .cse1) .cse3 .cse0 (< ~methaneLevelCritical~0 1)) (or .cse3 .cse0 .cse2))) [2023-11-06 23:06:57,261 INFO L899 garLoopResultBuilder]: For program point L416-1(lines 397 421) no Hoare annotation was computed. [2023-11-06 23:06:57,262 INFO L895 garLoopResultBuilder]: At program point isLowWaterLevel_returnLabel#1(lines 556 574) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= ~methaneLevelCritical~0 0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1) (or .cse2 .cse0 (< ~methaneLevelCritical~0 1)) (or .cse2 .cse0 .cse1))) [2023-11-06 23:06:57,262 INFO L899 garLoopResultBuilder]: For program point L565(lines 565 569) no Hoare annotation was computed. [2023-11-06 23:06:57,262 INFO L899 garLoopResultBuilder]: For program point L565-2(lines 565 569) no Hoare annotation was computed. [2023-11-06 23:06:57,262 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__methaneQueryEXIT(lines 397 421) no Hoare annotation was computed. [2023-11-06 23:06:57,262 INFO L899 garLoopResultBuilder]: For program point L126-1(lines 122 133) no Hoare annotation was computed. [2023-11-06 23:06:57,262 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 122 133) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (<= 1 ~methaneLevelCritical~0) (not (= ~pumpRunning~0 0)) .cse0 (< |old(~methaneLevelCritical~0)| 1)) (or (not (= |old(~methaneLevelCritical~0)| 0)) (= ~methaneLevelCritical~0 0) .cse0))) [2023-11-06 23:06:57,262 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 122 133) no Hoare annotation was computed. [2023-11-06 23:06:57,263 INFO L899 garLoopResultBuilder]: For program point L221(lines 221 227) no Hoare annotation was computed. [2023-11-06 23:06:57,263 INFO L899 garLoopResultBuilder]: For program point L217(lines 217 230) no Hoare annotation was computed. [2023-11-06 23:06:57,263 INFO L895 garLoopResultBuilder]: At program point L217-1(lines 209 233) the Hoare annotation is: (let ((.cse2 (= |old(~pumpRunning~0)| 0))) (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse4 (not .cse2)) (.cse1 (= ~pumpRunning~0 0)) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 (and .cse1 .cse2 .cse3) (and .cse4 .cse1) (< ~methaneLevelCritical~0 1)) (let ((.cse5 (= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 0))) (or (and .cse5 (<= 2 ~waterLevel~0) .cse3) .cse0 (not (= ~methaneLevelCritical~0 0)) (and .cse4 .cse1 .cse5) (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse4 .cse5) (and .cse1 .cse5 .cse2 .cse3)))))) [2023-11-06 23:06:57,263 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 339 362) no Hoare annotation was computed. [2023-11-06 23:06:57,263 INFO L899 garLoopResultBuilder]: For program point L102(lines 102 106) no Hoare annotation was computed. [2023-11-06 23:06:57,263 INFO L895 garLoopResultBuilder]: At program point L102-2(lines 98 109) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2) (or .cse1 (and .cse0 .cse3) (< ~methaneLevelCritical~0 1)) (or .cse3 .cse1 .cse2))) [2023-11-06 23:06:57,264 INFO L899 garLoopResultBuilder]: For program point L350-1(lines 350 356) no Hoare annotation was computed. [2023-11-06 23:06:57,264 INFO L895 garLoopResultBuilder]: At program point L437(line 437) the Hoare annotation is: (let ((.cse1 (not (= ~methaneLevelCritical~0 0))) (.cse0 (not (= 1 ~systemActive~0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1) (or .cse0 (< ~methaneLevelCritical~0 1)))) [2023-11-06 23:06:57,264 INFO L895 garLoopResultBuilder]: At program point L433(line 433) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2) (or .cse1 (and .cse0 (<= 1 |timeShift_processEnvironment_~tmp~4#1|) .cse3) (< ~methaneLevelCritical~0 1)) (or .cse3 .cse1 .cse2))) [2023-11-06 23:06:57,264 INFO L895 garLoopResultBuilder]: At program point L429(line 429) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2) (or .cse1 (and .cse0 .cse3) (< ~methaneLevelCritical~0 1)) (or .cse3 .cse1 .cse2))) [2023-11-06 23:06:57,264 INFO L899 garLoopResultBuilder]: For program point L429-1(line 429) no Hoare annotation was computed. [2023-11-06 23:06:57,265 INFO L895 garLoopResultBuilder]: At program point L442(line 442) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (and (= ~pumpRunning~0 0) (= |old(~pumpRunning~0)| 0) (= |old(~waterLevel~0)| ~waterLevel~0)))) (and (or .cse0 .cse1 (not (= ~methaneLevelCritical~0 0))) (or .cse0 .cse1 (< ~methaneLevelCritical~0 1)))) [2023-11-06 23:06:57,265 INFO L895 garLoopResultBuilder]: At program point L442-1(lines 423 447) the Hoare annotation is: (let ((.cse3 (= |old(~pumpRunning~0)| 0))) (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse0 (not .cse3)) (.cse1 (= ~pumpRunning~0 0)) (.cse4 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or (and (<= 1 |timeShift_processEnvironment_~tmp~4#1|) .cse0 .cse1) .cse2 (and .cse1 .cse3 .cse4) (< ~methaneLevelCritical~0 1)) (or (and .cse1 .cse4) .cse2 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0) (and .cse0 .cse1) (not (= ~methaneLevelCritical~0 0)) (and (<= 2 ~waterLevel~0) .cse4))))) [2023-11-06 23:06:57,265 INFO L895 garLoopResultBuilder]: At program point L215(line 215) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (= ~pumpRunning~0 0)) (.cse4 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse0 (and .cse5 .cse4)) (.cse1 (not (= 1 ~systemActive~0))) (.cse3 (and .cse2 .cse5))) (and (or .cse0 .cse1 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse2) .cse3 (not (= ~methaneLevelCritical~0 0)) (and (<= 2 ~waterLevel~0) .cse4)) (or .cse0 .cse1 .cse3 (< ~methaneLevelCritical~0 1))))) [2023-11-06 23:06:57,265 INFO L899 garLoopResultBuilder]: For program point L343-1(lines 342 361) no Hoare annotation was computed. [2023-11-06 23:06:57,265 INFO L899 garLoopResultBuilder]: For program point L215-1(line 215) no Hoare annotation was computed. [2023-11-06 23:06:57,265 INFO L899 garLoopResultBuilder]: For program point L203(line 203) no Hoare annotation was computed. [2023-11-06 23:06:57,266 INFO L895 garLoopResultBuilder]: At program point __automaton_fail_returnLabel#1(lines 199 206) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or .cse0 (not (= ~methaneLevelCritical~0 0))) (or .cse0 (< ~methaneLevelCritical~0 1)))) [2023-11-06 23:06:57,266 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 339 362) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= |old(~waterLevel~0)| ~waterLevel~0)))) (and (or .cse0 (not (= ~methaneLevelCritical~0 0)) .cse1) (or .cse0 .cse1 (< ~methaneLevelCritical~0 1)))) [2023-11-06 23:06:57,266 INFO L899 garLoopResultBuilder]: For program point L431(lines 431 439) no Hoare annotation was computed. [2023-11-06 23:06:57,266 INFO L899 garLoopResultBuilder]: For program point L427(lines 427 444) no Hoare annotation was computed. [2023-11-06 23:06:57,266 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 339 362) no Hoare annotation was computed. [2023-11-06 23:06:57,266 INFO L895 garLoopResultBuilder]: At program point isPumpRunning_returnLabel#1(lines 492 500) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (let ((.cse1 (= ~pumpRunning~0 0)) (.cse2 (= |timeShift_isPumpRunning_#res#1| 0))) (or .cse0 (and .cse1 .cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (and (not (= |old(~pumpRunning~0)| 0)) .cse1 .cse2) (< ~methaneLevelCritical~0 1))) (or .cse0 (not (= ~methaneLevelCritical~0 0))))) [2023-11-06 23:06:57,267 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 203) no Hoare annotation was computed. [2023-11-06 23:06:57,267 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 237 266) no Hoare annotation was computed. [2023-11-06 23:06:57,267 INFO L899 garLoopResultBuilder]: For program point L251(lines 251 255) no Hoare annotation was computed. [2023-11-06 23:06:57,267 INFO L902 garLoopResultBuilder]: At program point L251-1(lines 251 255) the Hoare annotation is: true [2023-11-06 23:06:57,267 INFO L899 garLoopResultBuilder]: For program point L248(line 248) no Hoare annotation was computed. [2023-11-06 23:06:57,267 INFO L902 garLoopResultBuilder]: At program point L247-2(lines 247 261) the Hoare annotation is: true [2023-11-06 23:06:57,267 INFO L902 garLoopResultBuilder]: At program point L243(line 243) the Hoare annotation is: true [2023-11-06 23:06:57,267 INFO L899 garLoopResultBuilder]: For program point L243-1(line 243) no Hoare annotation was computed. [2023-11-06 23:06:57,268 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(lines 237 266) the Hoare annotation is: true [2023-11-06 23:06:57,268 INFO L902 garLoopResultBuilder]: At program point L262(lines 237 266) the Hoare annotation is: true [2023-11-06 23:06:57,268 INFO L899 garLoopResultBuilder]: For program point L258(line 258) no Hoare annotation was computed. [2023-11-06 23:06:57,268 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(lines 134 142) the Hoare annotation is: true [2023-11-06 23:06:57,268 INFO L899 garLoopResultBuilder]: For program point isMethaneLevelCriticalFINAL(lines 134 142) no Hoare annotation was computed. [2023-11-06 23:06:57,268 INFO L899 garLoopResultBuilder]: For program point isMethaneLevelCriticalEXIT(lines 134 142) no Hoare annotation was computed. [2023-11-06 23:06:57,268 INFO L899 garLoopResultBuilder]: For program point L320(lines 320 327) no Hoare annotation was computed. [2023-11-06 23:06:57,268 INFO L899 garLoopResultBuilder]: For program point L320-2(lines 320 327) no Hoare annotation was computed. [2023-11-06 23:06:57,269 INFO L902 garLoopResultBuilder]: At program point runTest_returnLabel#1(lines 300 309) the Hoare annotation is: true [2023-11-06 23:06:57,269 INFO L899 garLoopResultBuilder]: For program point L622(lines 622 626) no Hoare annotation was computed. [2023-11-06 23:06:57,269 INFO L895 garLoopResultBuilder]: At program point L622-2(lines 616 627) the Hoare annotation is: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (<= 1 ~methaneLevelCritical~0) .cse0 .cse1) (and (= ~methaneLevelCritical~0 0) .cse0 .cse1))) [2023-11-06 23:06:57,269 INFO L895 garLoopResultBuilder]: At program point select_features_returnLabel#1(lines 64 70) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2023-11-06 23:06:57,269 INFO L902 garLoopResultBuilder]: At program point main_returnLabel#1(lines 310 332) the Hoare annotation is: true [2023-11-06 23:06:57,269 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2023-11-06 23:06:57,269 INFO L899 garLoopResultBuilder]: For program point L606(lines 606 612) no Hoare annotation was computed. [2023-11-06 23:06:57,270 INFO L899 garLoopResultBuilder]: For program point L606-1(lines 606 612) no Hoare annotation was computed. [2023-11-06 23:06:57,270 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2023-11-06 23:06:57,270 INFO L902 garLoopResultBuilder]: At program point L635(lines 576 639) the Hoare annotation is: true [2023-11-06 23:06:57,270 INFO L895 garLoopResultBuilder]: At program point L598(line 598) the Hoare annotation is: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~methaneLevelCritical~0 0) .cse0 .cse1) (and (= ~pumpRunning~0 0) (<= 1 ~methaneLevelCritical~0) .cse0 .cse1))) [2023-11-06 23:06:57,270 INFO L895 garLoopResultBuilder]: At program point setup_returnLabel#1(lines 292 298) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2023-11-06 23:06:57,270 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2023-11-06 23:06:57,270 INFO L895 garLoopResultBuilder]: At program point L632(lines 585 633) the Hoare annotation is: false [2023-11-06 23:06:57,271 INFO L899 garLoopResultBuilder]: For program point L587(lines 586 631) no Hoare annotation was computed. [2023-11-06 23:06:57,271 INFO L899 garLoopResultBuilder]: For program point $Ultimate##0(line -1) no Hoare annotation was computed. [2023-11-06 23:06:57,271 INFO L895 garLoopResultBuilder]: At program point select_helpers_returnLabel#1(lines 71 77) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2023-11-06 23:06:57,271 INFO L899 garLoopResultBuilder]: For program point L616(lines 616 627) no Hoare annotation was computed. [2023-11-06 23:06:57,271 INFO L895 garLoopResultBuilder]: At program point L608(line 608) the Hoare annotation is: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~methaneLevelCritical~0 0) .cse0 .cse1) (and (= ~pumpRunning~0 0) (<= 1 ~methaneLevelCritical~0) .cse0 .cse1))) [2023-11-06 23:06:57,271 INFO L895 garLoopResultBuilder]: At program point L629(lines 586 631) the Hoare annotation is: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= ~methaneLevelCritical~0 0) .cse0 .cse1) (and (= ~pumpRunning~0 0) (<= 1 ~methaneLevelCritical~0) .cse0 .cse1))) [2023-11-06 23:06:57,271 INFO L899 garLoopResultBuilder]: For program point L596(lines 596 602) no Hoare annotation was computed. [2023-11-06 23:06:57,272 INFO L899 garLoopResultBuilder]: For program point L596-1(lines 596 602) no Hoare annotation was computed. [2023-11-06 23:06:57,272 INFO L899 garLoopResultBuilder]: For program point L588(lines 588 592) no Hoare annotation was computed. [2023-11-06 23:06:57,272 INFO L895 garLoopResultBuilder]: At program point valid_product_returnLabel#1(lines 78 86) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2023-11-06 23:06:57,274 INFO L899 garLoopResultBuilder]: For program point L463(lines 463 469) no Hoare annotation was computed. [2023-11-06 23:06:57,274 INFO L895 garLoopResultBuilder]: At program point L461(line 461) the Hoare annotation is: (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse3 (= 1 ~systemActive~0))) (let ((.cse1 (not .cse3)) (.cse2 (and (= ~pumpRunning~0 0) (<= 2 ~waterLevel~0) .cse3 .cse0))) (and (or (not .cse0) .cse1 .cse2 (< ~methaneLevelCritical~0 1)) (or .cse1 (not (= ~methaneLevelCritical~0 0)) .cse2)))) [2023-11-06 23:06:57,274 INFO L895 garLoopResultBuilder]: At program point L463-2(lines 456 472) the Hoare annotation is: (let ((.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse1 (= |old(~pumpRunning~0)| 0)) (.cse0 (not (= 1 ~systemActive~0))) (.cse3 (<= 2 ~waterLevel~0))) (and (or .cse0 .cse1 .cse2) (or .cse0 .cse3 .cse2) (or (not .cse1) .cse0 (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 |processEnvironment__wrappee__highWaterSensor_activatePump_~tmp~5#1|) .cse3) (< ~methaneLevelCritical~0 1)))) [2023-11-06 23:06:57,275 INFO L899 garLoopResultBuilder]: For program point L461-1(line 461) no Hoare annotation was computed. [2023-11-06 23:06:57,275 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 371 395) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (= ~methaneLevelCritical~0 0))) (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) .cse0 (< ~methaneLevelCritical~0 1)))) [2023-11-06 23:06:57,275 INFO L895 garLoopResultBuilder]: At program point isHighWaterSensorDry_returnLabel#1(lines 175 188) the Hoare annotation is: (let ((.cse1 (= |old(~pumpRunning~0)| 0)) (.cse5 (= ~pumpRunning~0 0)) (.cse6 (= 1 ~systemActive~0))) (let ((.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse0 (not .cse6)) (.cse3 (and .cse5 (not (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1| 0)))) (.cse4 (and .cse5 (<= 2 ~waterLevel~0) .cse6 .cse1))) (and (or .cse0 .cse1 .cse2) (or .cse0 .cse3 .cse2 .cse4) (or (not .cse1) .cse0 .cse3 .cse4 (< ~methaneLevelCritical~0 1))))) [2023-11-06 23:06:57,276 INFO L899 garLoopResultBuilder]: For program point L546(lines 546 550) no Hoare annotation was computed. [2023-11-06 23:06:57,276 INFO L895 garLoopResultBuilder]: At program point L385(line 385) the Hoare annotation is: (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse3 (= 1 ~systemActive~0))) (let ((.cse1 (not .cse3)) (.cse2 (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~2#1| 0) .cse3 .cse0))) (and (or (not .cse0) .cse1 .cse2 (< ~methaneLevelCritical~0 1)) (or .cse1 .cse2 (not (= ~methaneLevelCritical~0 0)))))) [2023-11-06 23:06:57,276 INFO L899 garLoopResultBuilder]: For program point L546-2(lines 546 550) no Hoare annotation was computed. [2023-11-06 23:06:57,276 INFO L895 garLoopResultBuilder]: At program point isHighWaterLevel_returnLabel#1(lines 537 555) the Hoare annotation is: (let ((.cse4 (= ~pumpRunning~0 0)) (.cse0 (= |old(~pumpRunning~0)| 0)) (.cse5 (= 1 ~systemActive~0))) (let ((.cse1 (not .cse5)) (.cse2 (and .cse4 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp___0~1#1| 0) .cse5 .cse0 (not (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp~6#1| 0)) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1| 0))) (.cse3 (and .cse4 (<= 2 ~waterLevel~0) .cse5 .cse0))) (and (or (not .cse0) .cse1 .cse2 .cse3 (< ~methaneLevelCritical~0 1)) (or .cse1 .cse2 (not (= ~methaneLevelCritical~0 0)) .cse3)))) [2023-11-06 23:06:57,277 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 371 395) no Hoare annotation was computed. [2023-11-06 23:06:57,277 INFO L899 garLoopResultBuilder]: For program point L379(lines 379 387) no Hoare annotation was computed. [2023-11-06 23:06:57,277 INFO L899 garLoopResultBuilder]: For program point L375(lines 375 392) no Hoare annotation was computed. [2023-11-06 23:06:57,277 INFO L899 garLoopResultBuilder]: For program point L179(lines 179 185) no Hoare annotation was computed. [2023-11-06 23:06:57,278 INFO L895 garLoopResultBuilder]: At program point L390(line 390) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= ~methaneLevelCritical~0 0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1) (or .cse2 .cse0 (< ~methaneLevelCritical~0 1)) (or .cse2 .cse0 .cse1))) [2023-11-06 23:06:57,278 INFO L895 garLoopResultBuilder]: At program point activatePump__wrappee__lowWaterSensor_returnLabel#1(lines 448 455) the Hoare annotation is: (let ((.cse1 (= |old(~pumpRunning~0)| 0)) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2) (or (not .cse1) .cse0 (< ~methaneLevelCritical~0 1)) (or .cse0 (<= 2 ~waterLevel~0) .cse2))) [2023-11-06 23:06:57,278 INFO L899 garLoopResultBuilder]: For program point L390-1(lines 371 395) no Hoare annotation was computed. [2023-11-06 23:06:57,278 INFO L899 garLoopResultBuilder]: For program point L114-1(lines 110 121) no Hoare annotation was computed. [2023-11-06 23:06:57,278 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 110 121) no Hoare annotation was computed. [2023-11-06 23:06:57,279 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 110 121) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 (not (= ~methaneLevelCritical~0 0)) .cse1) (or (not (= ~pumpRunning~0 0)) .cse0 .cse1 (< ~methaneLevelCritical~0 1)))) [2023-11-06 23:06:57,279 INFO L899 garLoopResultBuilder]: For program point isMethaneAlarmEXIT(lines 481 491) no Hoare annotation was computed. [2023-11-06 23:06:57,279 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(lines 481 491) the Hoare annotation is: true [2023-11-06 23:06:57,279 INFO L899 garLoopResultBuilder]: For program point isMethaneAlarmFINAL(lines 481 491) no Hoare annotation was computed. [2023-11-06 23:06:57,279 INFO L902 garLoopResultBuilder]: At program point L486(line 486) the Hoare annotation is: true [2023-11-06 23:06:57,280 INFO L899 garLoopResultBuilder]: For program point L486-1(line 486) no Hoare annotation was computed. [2023-11-06 23:06:57,286 INFO L445 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 23:06:57,289 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2023-11-06 23:06:57,332 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 06.11 11:06:57 BoogieIcfgContainer [2023-11-06 23:06:57,332 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2023-11-06 23:06:57,333 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2023-11-06 23:06:57,333 INFO L270 PluginConnector]: Initializing Witness Printer... [2023-11-06 23:06:57,333 INFO L274 PluginConnector]: Witness Printer initialized [2023-11-06 23:06:57,334 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 06.11 11:06:46" (3/4) ... [2023-11-06 23:06:57,336 INFO L137 WitnessPrinter]: Generating witness for correct program [2023-11-06 23:06:57,340 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2023-11-06 23:06:57,341 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2023-11-06 23:06:57,341 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2023-11-06 23:06:57,341 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2023-11-06 23:06:57,341 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2023-11-06 23:06:57,341 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2023-11-06 23:06:57,342 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2023-11-06 23:06:57,342 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2023-11-06 23:06:57,342 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2023-11-06 23:06:57,342 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2023-11-06 23:06:57,352 INFO L939 BoogieBacktranslator]: Reduced CFG by removing 19 nodes and edges [2023-11-06 23:06:57,353 INFO L939 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2023-11-06 23:06:57,354 INFO L939 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2023-11-06 23:06:57,354 INFO L939 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2023-11-06 23:06:57,355 INFO L939 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2023-11-06 23:06:57,387 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((pumpRunning == \old(pumpRunning)) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) && ((!((1 == systemActive)) || ((pumpRunning == \old(pumpRunning)) && !((\old(pumpRunning) == 0)))) || (methaneLevelCritical < 1))) && ((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || !((methaneLevelCritical == 0)))) [2023-11-06 23:06:57,388 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((1 <= tmp) && !((\old(pumpRunning) == 0))) && (pumpRunning == 0)) || !((1 == systemActive))) || (((pumpRunning == 0) && (\old(pumpRunning) == 0)) && (\old(waterLevel) == waterLevel))) || (methaneLevelCritical < 1)) && (((((((pumpRunning == 0) && (\old(waterLevel) == waterLevel)) || !((1 == systemActive))) || ((pumpRunning == \old(pumpRunning)) && !((\old(pumpRunning) == 0)))) || (!((\old(pumpRunning) == 0)) && (pumpRunning == 0))) || !((methaneLevelCritical == 0))) || ((2 <= waterLevel) && (\old(waterLevel) == waterLevel)))) [2023-11-06 23:06:57,393 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!((1 == systemActive)) || (((pumpRunning == 0) && (\old(pumpRunning) == 0)) && (\old(waterLevel) == waterLevel))) || (!((\old(pumpRunning) == 0)) && (pumpRunning == 0))) || (methaneLevelCritical < 1)) && ((((((((tmp == 0) && (2 <= waterLevel)) && (\old(waterLevel) == waterLevel)) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) || ((!((\old(pumpRunning) == 0)) && (pumpRunning == 0)) && (tmp == 0))) || (((pumpRunning == \old(pumpRunning)) && !((\old(pumpRunning) == 0))) && (tmp == 0))) || ((((pumpRunning == 0) && (tmp == 0)) && (\old(pumpRunning) == 0)) && (\old(waterLevel) == waterLevel)))) [2023-11-06 23:06:57,395 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!((1 == systemActive)) || (((pumpRunning == 0) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || ((!((\old(pumpRunning) == 0)) && (pumpRunning == 0)) && (\result == 0))) || (methaneLevelCritical < 1)) && (!((1 == systemActive)) || !((methaneLevelCritical == 0)))) [2023-11-06 23:06:57,395 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!((1 == systemActive)) || (\old(pumpRunning) == 0)) || !((methaneLevelCritical == 0))) && ((!((1 == systemActive)) || (2 <= waterLevel)) || !((methaneLevelCritical == 0)))) && (((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (((pumpRunning == 0) && (methaneLevelCritical == tmp)) && (2 <= waterLevel))) || (methaneLevelCritical < 1))) [2023-11-06 23:06:57,395 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!((1 == systemActive)) || (\old(pumpRunning) == 0)) || !((methaneLevelCritical == 0))) && ((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (methaneLevelCritical < 1))) && ((!((1 == systemActive)) || (2 <= waterLevel)) || !((methaneLevelCritical == 0)))) [2023-11-06 23:06:57,395 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((pumpRunning == \old(pumpRunning)) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) && ((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (methaneLevelCritical < 1))) && ((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || !((methaneLevelCritical == 0)))) [2023-11-06 23:06:57,396 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!((1 == systemActive)) || (\old(pumpRunning) == 0)) || !((methaneLevelCritical == 0))) && (((!((1 == systemActive)) || ((pumpRunning == 0) && !((\result == 0)))) || !((methaneLevelCritical == 0))) || ((((pumpRunning == 0) && (2 <= waterLevel)) && (1 == systemActive)) && (\old(pumpRunning) == 0)))) && ((((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || ((pumpRunning == 0) && !((\result == 0)))) || ((((pumpRunning == 0) && (2 <= waterLevel)) && (1 == systemActive)) && (\old(pumpRunning) == 0))) || (methaneLevelCritical < 1))) [2023-11-06 23:06:57,400 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((pumpRunning == \old(pumpRunning)) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) && ((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (methaneLevelCritical < 1))) && ((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || !((methaneLevelCritical == 0)))) [2023-11-06 23:06:57,401 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || ((((((pumpRunning == 0) && (tmp___0 == 0)) && (1 == systemActive)) && (\old(pumpRunning) == 0)) && !((tmp == 0))) && (\result == 0))) || ((((pumpRunning == 0) && (2 <= waterLevel)) && (1 == systemActive)) && (\old(pumpRunning) == 0))) || (methaneLevelCritical < 1)) && (((!((1 == systemActive)) || ((((((pumpRunning == 0) && (tmp___0 == 0)) && (1 == systemActive)) && (\old(pumpRunning) == 0)) && !((tmp == 0))) && (\result == 0))) || !((methaneLevelCritical == 0))) || ((((pumpRunning == 0) && (2 <= waterLevel)) && (1 == systemActive)) && (\old(pumpRunning) == 0)))) [2023-11-06 23:06:57,467 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((pumpRunning == \old(pumpRunning)) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) && ((!((1 == systemActive)) || ((pumpRunning == \old(pumpRunning)) && !((\old(pumpRunning) == 0)))) || (methaneLevelCritical < 1))) && ((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || !((methaneLevelCritical == 0)))) [2023-11-06 23:06:57,467 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((1 <= tmp) && !((\old(pumpRunning) == 0))) && (pumpRunning == 0)) || !((1 == systemActive))) || (((pumpRunning == 0) && (\old(pumpRunning) == 0)) && (\old(waterLevel) == waterLevel))) || (methaneLevelCritical < 1)) && (((((((pumpRunning == 0) && (\old(waterLevel) == waterLevel)) || !((1 == systemActive))) || ((pumpRunning == \old(pumpRunning)) && !((\old(pumpRunning) == 0)))) || (!((\old(pumpRunning) == 0)) && (pumpRunning == 0))) || !((methaneLevelCritical == 0))) || ((2 <= waterLevel) && (\old(waterLevel) == waterLevel)))) [2023-11-06 23:06:57,468 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!((1 == systemActive)) || (((pumpRunning == 0) && (\old(pumpRunning) == 0)) && (\old(waterLevel) == waterLevel))) || (!((\old(pumpRunning) == 0)) && (pumpRunning == 0))) || (methaneLevelCritical < 1)) && ((((((((tmp == 0) && (2 <= waterLevel)) && (\old(waterLevel) == waterLevel)) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) || ((!((\old(pumpRunning) == 0)) && (pumpRunning == 0)) && (tmp == 0))) || (((pumpRunning == \old(pumpRunning)) && !((\old(pumpRunning) == 0))) && (tmp == 0))) || ((((pumpRunning == 0) && (tmp == 0)) && (\old(pumpRunning) == 0)) && (\old(waterLevel) == waterLevel)))) [2023-11-06 23:06:57,469 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!((1 == systemActive)) || (((pumpRunning == 0) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || ((!((\old(pumpRunning) == 0)) && (pumpRunning == 0)) && (\result == 0))) || (methaneLevelCritical < 1)) && (!((1 == systemActive)) || !((methaneLevelCritical == 0)))) [2023-11-06 23:06:57,469 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!((1 == systemActive)) || (\old(pumpRunning) == 0)) || !((methaneLevelCritical == 0))) && ((!((1 == systemActive)) || (2 <= waterLevel)) || !((methaneLevelCritical == 0)))) && (((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (((pumpRunning == 0) && (methaneLevelCritical == tmp)) && (2 <= waterLevel))) || (methaneLevelCritical < 1))) [2023-11-06 23:06:57,469 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!((1 == systemActive)) || (\old(pumpRunning) == 0)) || !((methaneLevelCritical == 0))) && ((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (methaneLevelCritical < 1))) && ((!((1 == systemActive)) || (2 <= waterLevel)) || !((methaneLevelCritical == 0)))) [2023-11-06 23:06:57,469 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((pumpRunning == \old(pumpRunning)) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) && ((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (methaneLevelCritical < 1))) && ((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || !((methaneLevelCritical == 0)))) [2023-11-06 23:06:57,469 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!((1 == systemActive)) || (\old(pumpRunning) == 0)) || !((methaneLevelCritical == 0))) && (((!((1 == systemActive)) || ((pumpRunning == 0) && !((\result == 0)))) || !((methaneLevelCritical == 0))) || ((((pumpRunning == 0) && (2 <= waterLevel)) && (1 == systemActive)) && (\old(pumpRunning) == 0)))) && ((((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || ((pumpRunning == 0) && !((\result == 0)))) || ((((pumpRunning == 0) && (2 <= waterLevel)) && (1 == systemActive)) && (\old(pumpRunning) == 0))) || (methaneLevelCritical < 1))) [2023-11-06 23:06:57,470 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((pumpRunning == \old(pumpRunning)) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) && ((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (methaneLevelCritical < 1))) && ((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || !((methaneLevelCritical == 0)))) [2023-11-06 23:06:57,472 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || ((((((pumpRunning == 0) && (tmp___0 == 0)) && (1 == systemActive)) && (\old(pumpRunning) == 0)) && !((tmp == 0))) && (\result == 0))) || ((((pumpRunning == 0) && (2 <= waterLevel)) && (1 == systemActive)) && (\old(pumpRunning) == 0))) || (methaneLevelCritical < 1)) && (((!((1 == systemActive)) || ((((((pumpRunning == 0) && (tmp___0 == 0)) && (1 == systemActive)) && (\old(pumpRunning) == 0)) && !((tmp == 0))) && (\result == 0))) || !((methaneLevelCritical == 0))) || ((((pumpRunning == 0) && (2 <= waterLevel)) && (1 == systemActive)) && (\old(pumpRunning) == 0)))) [2023-11-06 23:06:57,510 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_764cb14b-b64f-4070-80d6-b4023affd156/bin/uautomizer-verify-WvqO1wxjHP/witness.graphml.graphml [2023-11-06 23:06:57,511 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_764cb14b-b64f-4070-80d6-b4023affd156/bin/uautomizer-verify-WvqO1wxjHP/witness.graphml.yaml [2023-11-06 23:06:57,511 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2023-11-06 23:06:57,512 INFO L158 Benchmark]: Toolchain (without parser) took 12320.50ms. Allocated memory was 153.1MB in the beginning and 222.3MB in the end (delta: 69.2MB). Free memory was 114.2MB in the beginning and 153.2MB in the end (delta: -38.9MB). Peak memory consumption was 30.8MB. Max. memory is 16.1GB. [2023-11-06 23:06:57,512 INFO L158 Benchmark]: CDTParser took 0.29ms. Allocated memory is still 115.3MB. Free memory is still 91.5MB. There was no memory consumed. Max. memory is 16.1GB. [2023-11-06 23:06:57,513 INFO L158 Benchmark]: CACSL2BoogieTranslator took 611.69ms. Allocated memory is still 153.1MB. Free memory was 113.7MB in the beginning and 94.3MB in the end (delta: 19.4MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2023-11-06 23:06:57,513 INFO L158 Benchmark]: Boogie Procedure Inliner took 64.03ms. Allocated memory is still 153.1MB. Free memory was 94.3MB in the beginning and 91.7MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2023-11-06 23:06:57,514 INFO L158 Benchmark]: Boogie Preprocessor took 56.79ms. Allocated memory is still 153.1MB. Free memory was 91.7MB in the beginning and 90.1MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2023-11-06 23:06:57,514 INFO L158 Benchmark]: RCFGBuilder took 700.11ms. Allocated memory is still 153.1MB. Free memory was 90.1MB in the beginning and 72.3MB in the end (delta: 17.8MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2023-11-06 23:06:57,515 INFO L158 Benchmark]: TraceAbstraction took 10700.01ms. Allocated memory was 153.1MB in the beginning and 222.3MB in the end (delta: 69.2MB). Free memory was 71.7MB in the beginning and 161.5MB in the end (delta: -89.8MB). Peak memory consumption was 81.6MB. Max. memory is 16.1GB. [2023-11-06 23:06:57,516 INFO L158 Benchmark]: Witness Printer took 178.39ms. Allocated memory is still 222.3MB. Free memory was 161.5MB in the beginning and 153.2MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2023-11-06 23:06:57,519 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.29ms. Allocated memory is still 115.3MB. Free memory is still 91.5MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 611.69ms. Allocated memory is still 153.1MB. Free memory was 113.7MB in the beginning and 94.3MB in the end (delta: 19.4MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 64.03ms. Allocated memory is still 153.1MB. Free memory was 94.3MB in the beginning and 91.7MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 56.79ms. Allocated memory is still 153.1MB. Free memory was 91.7MB in the beginning and 90.1MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 700.11ms. Allocated memory is still 153.1MB. Free memory was 90.1MB in the beginning and 72.3MB in the end (delta: 17.8MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * TraceAbstraction took 10700.01ms. Allocated memory was 153.1MB in the beginning and 222.3MB in the end (delta: 69.2MB). Free memory was 71.7MB in the beginning and 161.5MB in the end (delta: -89.8MB). Peak memory consumption was 81.6MB. Max. memory is 16.1GB. * Witness Printer took 178.39ms. Allocated memory is still 222.3MB. Free memory was 161.5MB in the beginning and 153.2MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [49] - GenericResultAtLocation [Line: 87]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [87] - GenericResultAtLocation [Line: 198]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [198] - GenericResultAtLocation [Line: 207]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification1_spec.i","") [207] - GenericResultAtLocation [Line: 234]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [234] - GenericResultAtLocation [Line: 333]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [333] - GenericResultAtLocation [Line: 575]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [575] - GenericResultAtLocation [Line: 640]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [640] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 203]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 11 procedures, 108 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 10.6s, OverallIterations: 10, TraceHistogramMax: 4, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 3.1s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 3.8s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1403 SdHoareTripleChecker+Valid, 1.8s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1366 mSDsluCounter, 3750 SdHoareTripleChecker+Invalid, 1.5s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2613 mSDsCounter, 400 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1701 IncrementalHoareTripleChecker+Invalid, 2101 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 400 mSolverCounterUnsat, 1137 mSDtfsCounter, 1701 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 324 GetRequests, 232 SyntacticMatches, 1 SemanticMatches, 91 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 322 ImplicationChecksByTransitivity, 0.8s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=602occurred in iteration=9, InterpolantAutomatonStates: 84, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 10 MinimizatonAttempts, 42 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 49 LocationsWithAnnotation, 1249 PreInvPairs, 1521 NumberOfFragments, 1377 HoareAnnotationTreeSize, 1249 FomulaSimplifications, 3647 FormulaSimplificationTreeSizeReduction, 0.4s HoareSimplificationTime, 49 FomulaSimplificationsInter, 9147 FormulaSimplificationTreeSizeReductionInter, 3.3s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 2.2s InterpolantComputationTime, 649 NumberOfCodeBlocks, 649 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 638 ConstructedInterpolants, 0 QuantifiedInterpolants, 1097 SizeOfPredicates, 3 NumberOfNonLiveVariables, 379 ConjunctsInSsa, 9 ConjunctsInUnsatCore, 11 InterpolantComputations, 10 PerfectInterpolantSequences, 96/108 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 292]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (waterLevel == 1)) - InvariantResult [Line: 448]: Loop Invariant Derived loop invariant: ((((!((1 == systemActive)) || (\old(pumpRunning) == 0)) || !((methaneLevelCritical == 0))) && ((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (methaneLevelCritical < 1))) && ((!((1 == systemActive)) || (2 <= waterLevel)) || !((methaneLevelCritical == 0)))) - InvariantResult [Line: 199]: Loop Invariant Derived loop invariant: ((!((1 == systemActive)) || !((methaneLevelCritical == 0))) && (!((1 == systemActive)) || (methaneLevelCritical < 1))) - InvariantResult [Line: 64]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (waterLevel == 1)) - InvariantResult [Line: 78]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (waterLevel == 1)) - InvariantResult [Line: 576]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 209]: Loop Invariant Derived loop invariant: ((((!((1 == systemActive)) || (((pumpRunning == 0) && (\old(pumpRunning) == 0)) && (\old(waterLevel) == waterLevel))) || (!((\old(pumpRunning) == 0)) && (pumpRunning == 0))) || (methaneLevelCritical < 1)) && ((((((((tmp == 0) && (2 <= waterLevel)) && (\old(waterLevel) == waterLevel)) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) || ((!((\old(pumpRunning) == 0)) && (pumpRunning == 0)) && (tmp == 0))) || (((pumpRunning == \old(pumpRunning)) && !((\old(pumpRunning) == 0))) && (tmp == 0))) || ((((pumpRunning == 0) && (tmp == 0)) && (\old(pumpRunning) == 0)) && (\old(waterLevel) == waterLevel)))) - InvariantResult [Line: 247]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 71]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (waterLevel == 1)) - InvariantResult [Line: 237]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 556]: Loop Invariant Derived loop invariant: (((((pumpRunning == \old(pumpRunning)) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) && ((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (methaneLevelCritical < 1))) && ((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || !((methaneLevelCritical == 0)))) - InvariantResult [Line: 585]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 189]: Loop Invariant Derived loop invariant: (((((pumpRunning == \old(pumpRunning)) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) && ((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (methaneLevelCritical < 1))) && ((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || !((methaneLevelCritical == 0)))) - InvariantResult [Line: 310]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 492]: Loop Invariant Derived loop invariant: ((((!((1 == systemActive)) || (((pumpRunning == 0) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || ((!((\old(pumpRunning) == 0)) && (pumpRunning == 0)) && (\result == 0))) || (methaneLevelCritical < 1)) && (!((1 == systemActive)) || !((methaneLevelCritical == 0)))) - InvariantResult [Line: 423]: Loop Invariant Derived loop invariant: (((((((1 <= tmp) && !((\old(pumpRunning) == 0))) && (pumpRunning == 0)) || !((1 == systemActive))) || (((pumpRunning == 0) && (\old(pumpRunning) == 0)) && (\old(waterLevel) == waterLevel))) || (methaneLevelCritical < 1)) && (((((((pumpRunning == 0) && (\old(waterLevel) == waterLevel)) || !((1 == systemActive))) || ((pumpRunning == \old(pumpRunning)) && !((\old(pumpRunning) == 0)))) || (!((\old(pumpRunning) == 0)) && (pumpRunning == 0))) || !((methaneLevelCritical == 0))) || ((2 <= waterLevel) && (\old(waterLevel) == waterLevel)))) - InvariantResult [Line: 586]: Loop Invariant Derived loop invariant: ((((methaneLevelCritical == 0) && (1 == systemActive)) && (splverifierCounter == 0)) || ((((pumpRunning == 0) && (1 <= methaneLevelCritical)) && (1 == systemActive)) && (splverifierCounter == 0))) - InvariantResult [Line: 98]: Loop Invariant Derived loop invariant: (((((pumpRunning == \old(pumpRunning)) || !((1 == systemActive))) || !((methaneLevelCritical == 0))) && ((!((1 == systemActive)) || ((pumpRunning == \old(pumpRunning)) && !((\old(pumpRunning) == 0)))) || (methaneLevelCritical < 1))) && ((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || !((methaneLevelCritical == 0)))) - InvariantResult [Line: 175]: Loop Invariant Derived loop invariant: ((((!((1 == systemActive)) || (\old(pumpRunning) == 0)) || !((methaneLevelCritical == 0))) && (((!((1 == systemActive)) || ((pumpRunning == 0) && !((\result == 0)))) || !((methaneLevelCritical == 0))) || ((((pumpRunning == 0) && (2 <= waterLevel)) && (1 == systemActive)) && (\old(pumpRunning) == 0)))) && ((((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || ((pumpRunning == 0) && !((\result == 0)))) || ((((pumpRunning == 0) && (2 <= waterLevel)) && (1 == systemActive)) && (\old(pumpRunning) == 0))) || (methaneLevelCritical < 1))) - InvariantResult [Line: 456]: Loop Invariant Derived loop invariant: ((((!((1 == systemActive)) || (\old(pumpRunning) == 0)) || !((methaneLevelCritical == 0))) && ((!((1 == systemActive)) || (2 <= waterLevel)) || !((methaneLevelCritical == 0)))) && (((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (((pumpRunning == 0) && (methaneLevelCritical == tmp)) && (2 <= waterLevel))) || (methaneLevelCritical < 1))) - InvariantResult [Line: 537]: Loop Invariant Derived loop invariant: (((((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || ((((((pumpRunning == 0) && (tmp___0 == 0)) && (1 == systemActive)) && (\old(pumpRunning) == 0)) && !((tmp == 0))) && (\result == 0))) || ((((pumpRunning == 0) && (2 <= waterLevel)) && (1 == systemActive)) && (\old(pumpRunning) == 0))) || (methaneLevelCritical < 1)) && (((!((1 == systemActive)) || ((((((pumpRunning == 0) && (tmp___0 == 0)) && (1 == systemActive)) && (\old(pumpRunning) == 0)) && !((tmp == 0))) && (\result == 0))) || !((methaneLevelCritical == 0))) || ((((pumpRunning == 0) && (2 <= waterLevel)) && (1 == systemActive)) && (\old(pumpRunning) == 0)))) - InvariantResult [Line: 300]: Loop Invariant Derived loop invariant: 1 RESULT: Ultimate proved your program to be correct! [2023-11-06 23:06:57,589 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_764cb14b-b64f-4070-80d6-b4023affd156/bin/uautomizer-verify-WvqO1wxjHP/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE