./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec3_product42.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version e7bb482b Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_788a1512-0fbe-437c-a3de-f5ec19c93461/bin/uautomizer-verify-WvqO1wxjHP/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_788a1512-0fbe-437c-a3de-f5ec19c93461/bin/uautomizer-verify-WvqO1wxjHP/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_788a1512-0fbe-437c-a3de-f5ec19c93461/bin/uautomizer-verify-WvqO1wxjHP/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_788a1512-0fbe-437c-a3de-f5ec19c93461/bin/uautomizer-verify-WvqO1wxjHP/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec3_product42.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_788a1512-0fbe-437c-a3de-f5ec19c93461/bin/uautomizer-verify-WvqO1wxjHP/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_788a1512-0fbe-437c-a3de-f5ec19c93461/bin/uautomizer-verify-WvqO1wxjHP --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 449370313253a0d5d7b509b2cd15e912fe8e85dcb7140575e7078385cf7fc6cf --- Real Ultimate output --- This is Ultimate 0.2.3-dev-e7bb482 [2023-11-06 22:18:12,660 INFO L188 SettingsManager]: Resetting all preferences to default values... [2023-11-06 22:18:12,792 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_788a1512-0fbe-437c-a3de-f5ec19c93461/bin/uautomizer-verify-WvqO1wxjHP/config/svcomp-Reach-32bit-Automizer_Default.epf [2023-11-06 22:18:12,805 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2023-11-06 22:18:12,806 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2023-11-06 22:18:12,851 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2023-11-06 22:18:12,852 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2023-11-06 22:18:12,853 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2023-11-06 22:18:12,854 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2023-11-06 22:18:12,859 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2023-11-06 22:18:12,860 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2023-11-06 22:18:12,861 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2023-11-06 22:18:12,861 INFO L153 SettingsManager]: * Use SBE=true [2023-11-06 22:18:12,863 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2023-11-06 22:18:12,864 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2023-11-06 22:18:12,864 INFO L153 SettingsManager]: * sizeof long=4 [2023-11-06 22:18:12,864 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2023-11-06 22:18:12,865 INFO L153 SettingsManager]: * sizeof POINTER=4 [2023-11-06 22:18:12,865 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2023-11-06 22:18:12,866 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2023-11-06 22:18:12,866 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2023-11-06 22:18:12,867 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2023-11-06 22:18:12,867 INFO L153 SettingsManager]: * sizeof long double=12 [2023-11-06 22:18:12,868 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2023-11-06 22:18:12,868 INFO L153 SettingsManager]: * Use constant arrays=true [2023-11-06 22:18:12,869 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2023-11-06 22:18:12,870 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2023-11-06 22:18:12,870 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2023-11-06 22:18:12,870 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2023-11-06 22:18:12,871 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2023-11-06 22:18:12,872 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2023-11-06 22:18:12,873 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2023-11-06 22:18:12,873 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2023-11-06 22:18:12,873 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2023-11-06 22:18:12,874 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2023-11-06 22:18:12,874 INFO L153 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2023-11-06 22:18:12,874 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2023-11-06 22:18:12,874 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2023-11-06 22:18:12,875 INFO L153 SettingsManager]: * Independence relation used for large block encoding in concurrent analysis=SYNTACTIC [2023-11-06 22:18:12,875 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_788a1512-0fbe-437c-a3de-f5ec19c93461/bin/uautomizer-verify-WvqO1wxjHP/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_788a1512-0fbe-437c-a3de-f5ec19c93461/bin/uautomizer-verify-WvqO1wxjHP Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 449370313253a0d5d7b509b2cd15e912fe8e85dcb7140575e7078385cf7fc6cf [2023-11-06 22:18:13,266 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2023-11-06 22:18:13,302 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2023-11-06 22:18:13,305 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2023-11-06 22:18:13,307 INFO L270 PluginConnector]: Initializing CDTParser... [2023-11-06 22:18:13,307 INFO L274 PluginConnector]: CDTParser initialized [2023-11-06 22:18:13,309 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_788a1512-0fbe-437c-a3de-f5ec19c93461/bin/uautomizer-verify-WvqO1wxjHP/../../sv-benchmarks/c/product-lines/minepump_spec3_product42.cil.c [2023-11-06 22:18:16,392 INFO L533 CDTParser]: Created temporary CDT project at NULL [2023-11-06 22:18:16,752 INFO L384 CDTParser]: Found 1 translation units. [2023-11-06 22:18:16,759 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_788a1512-0fbe-437c-a3de-f5ec19c93461/sv-benchmarks/c/product-lines/minepump_spec3_product42.cil.c [2023-11-06 22:18:16,782 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_788a1512-0fbe-437c-a3de-f5ec19c93461/bin/uautomizer-verify-WvqO1wxjHP/data/1c86a779f/ecb034a5fa384a308c50933555025c41/FLAGfa3317c68 [2023-11-06 22:18:16,797 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_788a1512-0fbe-437c-a3de-f5ec19c93461/bin/uautomizer-verify-WvqO1wxjHP/data/1c86a779f/ecb034a5fa384a308c50933555025c41 [2023-11-06 22:18:16,800 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2023-11-06 22:18:16,802 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2023-11-06 22:18:16,805 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2023-11-06 22:18:16,805 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2023-11-06 22:18:16,811 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2023-11-06 22:18:16,812 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 06.11 10:18:16" (1/1) ... [2023-11-06 22:18:16,813 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@2e09e116 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:16, skipping insertion in model container [2023-11-06 22:18:16,813 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 06.11 10:18:16" (1/1) ... [2023-11-06 22:18:16,877 INFO L177 MainTranslator]: Built tables and reachable declarations [2023-11-06 22:18:17,097 WARN L240 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_788a1512-0fbe-437c-a3de-f5ec19c93461/sv-benchmarks/c/product-lines/minepump_spec3_product42.cil.c[7477,7490] [2023-11-06 22:18:17,167 INFO L209 PostProcessor]: Analyzing one entry point: main [2023-11-06 22:18:17,180 INFO L202 MainTranslator]: Completed pre-run [2023-11-06 22:18:17,191 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] [2023-11-06 22:18:17,193 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [153] [2023-11-06 22:18:17,193 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [221] [2023-11-06 22:18:17,193 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [407] [2023-11-06 22:18:17,193 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [502] [2023-11-06 22:18:17,194 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [511] [2023-11-06 22:18:17,194 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [546] [2023-11-06 22:18:17,194 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification3_spec.i","") [912] [2023-11-06 22:18:17,215 WARN L240 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_788a1512-0fbe-437c-a3de-f5ec19c93461/sv-benchmarks/c/product-lines/minepump_spec3_product42.cil.c[7477,7490] [2023-11-06 22:18:17,249 INFO L209 PostProcessor]: Analyzing one entry point: main [2023-11-06 22:18:17,269 INFO L206 MainTranslator]: Completed translation [2023-11-06 22:18:17,269 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:17 WrapperNode [2023-11-06 22:18:17,269 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2023-11-06 22:18:17,270 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2023-11-06 22:18:17,270 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2023-11-06 22:18:17,271 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2023-11-06 22:18:17,278 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:17" (1/1) ... [2023-11-06 22:18:17,308 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:17" (1/1) ... [2023-11-06 22:18:17,334 INFO L138 Inliner]: procedures = 54, calls = 97, calls flagged for inlining = 23, calls inlined = 20, statements flattened = 196 [2023-11-06 22:18:17,335 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2023-11-06 22:18:17,335 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2023-11-06 22:18:17,336 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2023-11-06 22:18:17,336 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2023-11-06 22:18:17,360 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:17" (1/1) ... [2023-11-06 22:18:17,360 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:17" (1/1) ... [2023-11-06 22:18:17,364 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:17" (1/1) ... [2023-11-06 22:18:17,365 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:17" (1/1) ... [2023-11-06 22:18:17,384 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:17" (1/1) ... [2023-11-06 22:18:17,388 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:17" (1/1) ... [2023-11-06 22:18:17,390 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:17" (1/1) ... [2023-11-06 22:18:17,392 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:17" (1/1) ... [2023-11-06 22:18:17,394 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2023-11-06 22:18:17,404 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2023-11-06 22:18:17,404 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2023-11-06 22:18:17,404 INFO L274 PluginConnector]: RCFGBuilder initialized [2023-11-06 22:18:17,405 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:17" (1/1) ... [2023-11-06 22:18:17,411 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2023-11-06 22:18:17,425 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_788a1512-0fbe-437c-a3de-f5ec19c93461/bin/uautomizer-verify-WvqO1wxjHP/z3 [2023-11-06 22:18:17,438 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_788a1512-0fbe-437c-a3de-f5ec19c93461/bin/uautomizer-verify-WvqO1wxjHP/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2023-11-06 22:18:17,446 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_788a1512-0fbe-437c-a3de-f5ec19c93461/bin/uautomizer-verify-WvqO1wxjHP/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2023-11-06 22:18:17,477 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2023-11-06 22:18:17,477 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2023-11-06 22:18:17,477 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2023-11-06 22:18:17,477 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2023-11-06 22:18:17,478 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2023-11-06 22:18:17,478 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2023-11-06 22:18:17,478 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2023-11-06 22:18:17,478 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2023-11-06 22:18:17,478 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2023-11-06 22:18:17,478 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2023-11-06 22:18:17,478 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2023-11-06 22:18:17,479 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2023-11-06 22:18:17,479 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2023-11-06 22:18:17,479 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2023-11-06 22:18:17,479 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2023-11-06 22:18:17,484 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2023-11-06 22:18:17,562 INFO L236 CfgBuilder]: Building ICFG [2023-11-06 22:18:17,567 INFO L262 CfgBuilder]: Building CFG for each procedure with an implementation [2023-11-06 22:18:17,866 INFO L277 CfgBuilder]: Performing block encoding [2023-11-06 22:18:17,881 INFO L297 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2023-11-06 22:18:17,881 INFO L302 CfgBuilder]: Removed 2 assume(true) statements. [2023-11-06 22:18:17,884 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 06.11 10:18:17 BoogieIcfgContainer [2023-11-06 22:18:17,884 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2023-11-06 22:18:17,887 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2023-11-06 22:18:17,887 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2023-11-06 22:18:17,890 INFO L274 PluginConnector]: TraceAbstraction initialized [2023-11-06 22:18:17,891 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 06.11 10:18:16" (1/3) ... [2023-11-06 22:18:17,891 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4543fb4a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 06.11 10:18:17, skipping insertion in model container [2023-11-06 22:18:17,892 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:18:17" (2/3) ... [2023-11-06 22:18:17,892 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4543fb4a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 06.11 10:18:17, skipping insertion in model container [2023-11-06 22:18:17,892 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 06.11 10:18:17" (3/3) ... [2023-11-06 22:18:17,894 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product42.cil.c [2023-11-06 22:18:17,912 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2023-11-06 22:18:17,913 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2023-11-06 22:18:17,957 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2023-11-06 22:18:17,963 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@f745261, mLbeIndependenceSettings=[IndependenceType=SYNTACTIC, AbstractionType=NONE, UseConditional=, UseSemiCommutativity=, Solver=, SolverTimeout=] [2023-11-06 22:18:17,963 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2023-11-06 22:18:17,967 INFO L276 IsEmpty]: Start isEmpty. Operand has 82 states, 64 states have (on average 1.390625) internal successors, (89), 70 states have internal predecessors, (89), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2023-11-06 22:18:17,976 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2023-11-06 22:18:17,976 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:18:17,976 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:18:17,977 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:18:17,982 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:18:17,983 INFO L85 PathProgramCache]: Analyzing trace with hash 1617756963, now seen corresponding path program 1 times [2023-11-06 22:18:17,992 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:18:17,993 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1253847998] [2023-11-06 22:18:17,993 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:18:17,994 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:18:18,106 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:18,183 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2023-11-06 22:18:18,186 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:18,193 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2023-11-06 22:18:18,193 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:18:18,194 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1253847998] [2023-11-06 22:18:18,194 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1253847998] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:18:18,195 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:18:18,195 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2023-11-06 22:18:18,197 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [187545981] [2023-11-06 22:18:18,197 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:18:18,202 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2023-11-06 22:18:18,202 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:18:18,232 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2023-11-06 22:18:18,233 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2023-11-06 22:18:18,235 INFO L87 Difference]: Start difference. First operand has 82 states, 64 states have (on average 1.390625) internal successors, (89), 70 states have internal predecessors, (89), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2023-11-06 22:18:18,270 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:18:18,270 INFO L93 Difference]: Finished difference Result 156 states and 213 transitions. [2023-11-06 22:18:18,271 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2023-11-06 22:18:18,272 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 25 [2023-11-06 22:18:18,273 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:18:18,282 INFO L225 Difference]: With dead ends: 156 [2023-11-06 22:18:18,282 INFO L226 Difference]: Without dead ends: 73 [2023-11-06 22:18:18,287 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2023-11-06 22:18:18,290 INFO L413 NwaCegarLoop]: 103 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 103 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-11-06 22:18:18,292 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 103 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-11-06 22:18:18,309 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 73 states. [2023-11-06 22:18:18,333 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 73 to 73. [2023-11-06 22:18:18,335 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 73 states, 57 states have (on average 1.3157894736842106) internal successors, (75), 62 states have internal predecessors, (75), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2023-11-06 22:18:18,337 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 73 states to 73 states and 94 transitions. [2023-11-06 22:18:18,339 INFO L78 Accepts]: Start accepts. Automaton has 73 states and 94 transitions. Word has length 25 [2023-11-06 22:18:18,339 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:18:18,339 INFO L495 AbstractCegarLoop]: Abstraction has 73 states and 94 transitions. [2023-11-06 22:18:18,340 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2023-11-06 22:18:18,340 INFO L276 IsEmpty]: Start isEmpty. Operand 73 states and 94 transitions. [2023-11-06 22:18:18,342 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2023-11-06 22:18:18,342 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:18:18,342 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:18:18,343 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2023-11-06 22:18:18,343 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:18:18,344 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:18:18,344 INFO L85 PathProgramCache]: Analyzing trace with hash 1176803179, now seen corresponding path program 1 times [2023-11-06 22:18:18,344 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:18:18,344 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [902731822] [2023-11-06 22:18:18,345 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:18:18,345 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:18:18,373 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:18,494 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 15 [2023-11-06 22:18:18,497 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:18,502 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2023-11-06 22:18:18,503 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:18:18,503 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [902731822] [2023-11-06 22:18:18,503 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [902731822] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:18:18,503 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:18:18,503 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2023-11-06 22:18:18,504 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [854093628] [2023-11-06 22:18:18,504 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:18:18,505 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2023-11-06 22:18:18,505 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:18:18,506 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2023-11-06 22:18:18,506 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-11-06 22:18:18,507 INFO L87 Difference]: Start difference. First operand 73 states and 94 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2023-11-06 22:18:18,526 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:18:18,526 INFO L93 Difference]: Finished difference Result 111 states and 143 transitions. [2023-11-06 22:18:18,527 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2023-11-06 22:18:18,527 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 26 [2023-11-06 22:18:18,527 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:18:18,528 INFO L225 Difference]: With dead ends: 111 [2023-11-06 22:18:18,529 INFO L226 Difference]: Without dead ends: 64 [2023-11-06 22:18:18,530 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-11-06 22:18:18,531 INFO L413 NwaCegarLoop]: 81 mSDtfsCounter, 13 mSDsluCounter, 64 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 145 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-11-06 22:18:18,532 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [16 Valid, 145 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-11-06 22:18:18,533 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 64 states. [2023-11-06 22:18:18,545 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 64 to 64. [2023-11-06 22:18:18,546 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 64 states, 51 states have (on average 1.3333333333333333) internal successors, (68), 56 states have internal predecessors, (68), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2023-11-06 22:18:18,548 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 64 states to 64 states and 82 transitions. [2023-11-06 22:18:18,551 INFO L78 Accepts]: Start accepts. Automaton has 64 states and 82 transitions. Word has length 26 [2023-11-06 22:18:18,552 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:18:18,552 INFO L495 AbstractCegarLoop]: Abstraction has 64 states and 82 transitions. [2023-11-06 22:18:18,552 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2023-11-06 22:18:18,553 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 82 transitions. [2023-11-06 22:18:18,554 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2023-11-06 22:18:18,555 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:18:18,556 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:18:18,556 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2023-11-06 22:18:18,556 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:18:18,557 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:18:18,559 INFO L85 PathProgramCache]: Analyzing trace with hash 414343402, now seen corresponding path program 1 times [2023-11-06 22:18:18,560 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:18:18,560 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1563802902] [2023-11-06 22:18:18,561 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:18:18,561 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:18:18,605 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:18,807 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2023-11-06 22:18:18,809 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:18,812 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2023-11-06 22:18:18,812 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:18:18,813 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1563802902] [2023-11-06 22:18:18,813 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1563802902] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:18:18,813 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:18:18,813 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2023-11-06 22:18:18,853 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [926641907] [2023-11-06 22:18:18,853 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:18:18,854 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2023-11-06 22:18:18,854 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:18:18,855 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2023-11-06 22:18:18,855 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2023-11-06 22:18:18,856 INFO L87 Difference]: Start difference. First operand 64 states and 82 transitions. Second operand has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2023-11-06 22:18:19,015 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:18:19,019 INFO L93 Difference]: Finished difference Result 121 states and 158 transitions. [2023-11-06 22:18:19,020 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2023-11-06 22:18:19,020 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 31 [2023-11-06 22:18:19,021 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:18:19,022 INFO L225 Difference]: With dead ends: 121 [2023-11-06 22:18:19,024 INFO L226 Difference]: Without dead ends: 64 [2023-11-06 22:18:19,025 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2023-11-06 22:18:19,028 INFO L413 NwaCegarLoop]: 75 mSDtfsCounter, 107 mSDsluCounter, 118 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 107 SdHoareTripleChecker+Valid, 193 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2023-11-06 22:18:19,032 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [107 Valid, 193 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2023-11-06 22:18:19,034 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 64 states. [2023-11-06 22:18:19,047 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 64 to 64. [2023-11-06 22:18:19,052 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 64 states, 51 states have (on average 1.3137254901960784) internal successors, (67), 56 states have internal predecessors, (67), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2023-11-06 22:18:19,055 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 64 states to 64 states and 81 transitions. [2023-11-06 22:18:19,055 INFO L78 Accepts]: Start accepts. Automaton has 64 states and 81 transitions. Word has length 31 [2023-11-06 22:18:19,056 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:18:19,056 INFO L495 AbstractCegarLoop]: Abstraction has 64 states and 81 transitions. [2023-11-06 22:18:19,057 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.6) internal successors, (28), 5 states have internal predecessors, (28), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2023-11-06 22:18:19,057 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 81 transitions. [2023-11-06 22:18:19,062 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 37 [2023-11-06 22:18:19,063 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:18:19,063 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:18:19,063 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2023-11-06 22:18:19,064 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:18:19,065 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:18:19,065 INFO L85 PathProgramCache]: Analyzing trace with hash 808202887, now seen corresponding path program 1 times [2023-11-06 22:18:19,065 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:18:19,065 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1617233609] [2023-11-06 22:18:19,066 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:18:19,066 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:18:19,096 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:19,182 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 20 [2023-11-06 22:18:19,184 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:19,185 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2023-11-06 22:18:19,187 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:19,189 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2023-11-06 22:18:19,189 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:18:19,190 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1617233609] [2023-11-06 22:18:19,190 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1617233609] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:18:19,190 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:18:19,190 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2023-11-06 22:18:19,191 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [753738996] [2023-11-06 22:18:19,191 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:18:19,191 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2023-11-06 22:18:19,192 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:18:19,195 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2023-11-06 22:18:19,195 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-11-06 22:18:19,195 INFO L87 Difference]: Start difference. First operand 64 states and 81 transitions. Second operand has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2023-11-06 22:18:19,276 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:18:19,277 INFO L93 Difference]: Finished difference Result 163 states and 210 transitions. [2023-11-06 22:18:19,278 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2023-11-06 22:18:19,279 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 36 [2023-11-06 22:18:19,279 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:18:19,282 INFO L225 Difference]: With dead ends: 163 [2023-11-06 22:18:19,283 INFO L226 Difference]: Without dead ends: 106 [2023-11-06 22:18:19,284 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-11-06 22:18:19,286 INFO L413 NwaCegarLoop]: 92 mSDtfsCounter, 54 mSDsluCounter, 52 mSDsCounter, 0 mSdLazyCounter, 7 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 54 SdHoareTripleChecker+Valid, 144 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 7 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-11-06 22:18:19,286 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [54 Valid, 144 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 7 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-11-06 22:18:19,288 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 106 states. [2023-11-06 22:18:19,310 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 106 to 104. [2023-11-06 22:18:19,311 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 104 states, 82 states have (on average 1.3048780487804879) internal successors, (107), 89 states have internal predecessors, (107), 11 states have call successors, (11), 10 states have call predecessors, (11), 10 states have return successors, (13), 11 states have call predecessors, (13), 11 states have call successors, (13) [2023-11-06 22:18:19,313 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 104 states to 104 states and 131 transitions. [2023-11-06 22:18:19,313 INFO L78 Accepts]: Start accepts. Automaton has 104 states and 131 transitions. Word has length 36 [2023-11-06 22:18:19,314 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:18:19,314 INFO L495 AbstractCegarLoop]: Abstraction has 104 states and 131 transitions. [2023-11-06 22:18:19,314 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 10.333333333333334) internal successors, (31), 3 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2023-11-06 22:18:19,314 INFO L276 IsEmpty]: Start isEmpty. Operand 104 states and 131 transitions. [2023-11-06 22:18:19,316 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2023-11-06 22:18:19,316 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:18:19,316 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:18:19,317 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2023-11-06 22:18:19,317 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:18:19,320 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:18:19,320 INFO L85 PathProgramCache]: Analyzing trace with hash 165647039, now seen corresponding path program 1 times [2023-11-06 22:18:19,320 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:18:19,321 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [640381880] [2023-11-06 22:18:19,321 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:18:19,321 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:18:19,355 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:19,477 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 26 [2023-11-06 22:18:19,479 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:19,481 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 31 [2023-11-06 22:18:19,482 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:19,485 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2023-11-06 22:18:19,486 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:18:19,486 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [640381880] [2023-11-06 22:18:19,486 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [640381880] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:18:19,486 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:18:19,486 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2023-11-06 22:18:19,487 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [422733934] [2023-11-06 22:18:19,487 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:18:19,487 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2023-11-06 22:18:19,487 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:18:19,488 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2023-11-06 22:18:19,488 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2023-11-06 22:18:19,489 INFO L87 Difference]: Start difference. First operand 104 states and 131 transitions. Second operand has 5 states, 5 states have (on average 7.4) internal successors, (37), 5 states have internal predecessors, (37), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2023-11-06 22:18:19,569 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:18:19,569 INFO L93 Difference]: Finished difference Result 288 states and 379 transitions. [2023-11-06 22:18:19,570 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2023-11-06 22:18:19,570 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.4) internal successors, (37), 5 states have internal predecessors, (37), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 42 [2023-11-06 22:18:19,571 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:18:19,574 INFO L225 Difference]: With dead ends: 288 [2023-11-06 22:18:19,574 INFO L226 Difference]: Without dead ends: 191 [2023-11-06 22:18:19,579 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2023-11-06 22:18:19,589 INFO L413 NwaCegarLoop]: 78 mSDtfsCounter, 39 mSDsluCounter, 219 mSDsCounter, 0 mSdLazyCounter, 28 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 39 SdHoareTripleChecker+Valid, 297 SdHoareTripleChecker+Invalid, 31 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 28 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-11-06 22:18:19,589 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [39 Valid, 297 Invalid, 31 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 28 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-11-06 22:18:19,592 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 191 states. [2023-11-06 22:18:19,645 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 191 to 185. [2023-11-06 22:18:19,648 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 185 states, 146 states have (on average 1.2808219178082192) internal successors, (187), 156 states have internal predecessors, (187), 21 states have call successors, (21), 19 states have call predecessors, (21), 17 states have return successors, (27), 19 states have call predecessors, (27), 21 states have call successors, (27) [2023-11-06 22:18:19,652 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 185 states to 185 states and 235 transitions. [2023-11-06 22:18:19,652 INFO L78 Accepts]: Start accepts. Automaton has 185 states and 235 transitions. Word has length 42 [2023-11-06 22:18:19,653 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:18:19,653 INFO L495 AbstractCegarLoop]: Abstraction has 185 states and 235 transitions. [2023-11-06 22:18:19,653 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.4) internal successors, (37), 5 states have internal predecessors, (37), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2023-11-06 22:18:19,653 INFO L276 IsEmpty]: Start isEmpty. Operand 185 states and 235 transitions. [2023-11-06 22:18:19,659 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2023-11-06 22:18:19,660 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:18:19,663 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:18:19,663 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2023-11-06 22:18:19,664 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:18:19,664 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:18:19,664 INFO L85 PathProgramCache]: Analyzing trace with hash -1345519451, now seen corresponding path program 1 times [2023-11-06 22:18:19,665 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:18:19,665 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [456112795] [2023-11-06 22:18:19,665 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:18:19,665 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:18:19,699 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:19,822 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2023-11-06 22:18:19,823 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:19,825 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2023-11-06 22:18:19,826 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:19,830 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2023-11-06 22:18:19,832 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:19,838 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2023-11-06 22:18:19,838 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:18:19,839 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [456112795] [2023-11-06 22:18:19,839 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [456112795] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:18:19,839 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:18:19,839 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2023-11-06 22:18:19,839 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1536345534] [2023-11-06 22:18:19,840 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:18:19,840 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2023-11-06 22:18:19,842 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:18:19,842 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2023-11-06 22:18:19,842 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2023-11-06 22:18:19,843 INFO L87 Difference]: Start difference. First operand 185 states and 235 transitions. Second operand has 6 states, 6 states have (on average 6.5) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2023-11-06 22:18:20,144 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:18:20,145 INFO L93 Difference]: Finished difference Result 469 states and 631 transitions. [2023-11-06 22:18:20,145 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2023-11-06 22:18:20,146 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.5) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 46 [2023-11-06 22:18:20,148 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:18:20,157 INFO L225 Difference]: With dead ends: 469 [2023-11-06 22:18:20,157 INFO L226 Difference]: Without dead ends: 372 [2023-11-06 22:18:20,159 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=40, Invalid=70, Unknown=0, NotChecked=0, Total=110 [2023-11-06 22:18:20,163 INFO L413 NwaCegarLoop]: 67 mSDtfsCounter, 160 mSDsluCounter, 234 mSDsCounter, 0 mSdLazyCounter, 109 mSolverCounterSat, 33 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 166 SdHoareTripleChecker+Valid, 301 SdHoareTripleChecker+Invalid, 142 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 33 IncrementalHoareTripleChecker+Valid, 109 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2023-11-06 22:18:20,167 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [166 Valid, 301 Invalid, 142 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [33 Valid, 109 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2023-11-06 22:18:20,170 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 372 states. [2023-11-06 22:18:20,232 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 372 to 348. [2023-11-06 22:18:20,234 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 348 states, 277 states have (on average 1.2707581227436824) internal successors, (352), 300 states have internal predecessors, (352), 39 states have call successors, (39), 27 states have call predecessors, (39), 31 states have return successors, (59), 37 states have call predecessors, (59), 39 states have call successors, (59) [2023-11-06 22:18:20,238 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 348 states to 348 states and 450 transitions. [2023-11-06 22:18:20,238 INFO L78 Accepts]: Start accepts. Automaton has 348 states and 450 transitions. Word has length 46 [2023-11-06 22:18:20,238 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:18:20,239 INFO L495 AbstractCegarLoop]: Abstraction has 348 states and 450 transitions. [2023-11-06 22:18:20,239 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.5) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2023-11-06 22:18:20,239 INFO L276 IsEmpty]: Start isEmpty. Operand 348 states and 450 transitions. [2023-11-06 22:18:20,240 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2023-11-06 22:18:20,241 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:18:20,241 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:18:20,241 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2023-11-06 22:18:20,241 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:18:20,242 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:18:20,242 INFO L85 PathProgramCache]: Analyzing trace with hash -1126664733, now seen corresponding path program 1 times [2023-11-06 22:18:20,242 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:18:20,242 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [327451702] [2023-11-06 22:18:20,242 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:18:20,243 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:18:20,255 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:20,303 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2023-11-06 22:18:20,305 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:20,307 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2023-11-06 22:18:20,308 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:20,309 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2023-11-06 22:18:20,310 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:20,312 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2023-11-06 22:18:20,312 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:18:20,312 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [327451702] [2023-11-06 22:18:20,312 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [327451702] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:18:20,312 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:18:20,313 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2023-11-06 22:18:20,313 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [805478571] [2023-11-06 22:18:20,313 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:18:20,313 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2023-11-06 22:18:20,314 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:18:20,314 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2023-11-06 22:18:20,314 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2023-11-06 22:18:20,315 INFO L87 Difference]: Start difference. First operand 348 states and 450 transitions. Second operand has 5 states, 5 states have (on average 7.8) internal successors, (39), 4 states have internal predecessors, (39), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2023-11-06 22:18:20,536 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:18:20,537 INFO L93 Difference]: Finished difference Result 634 states and 825 transitions. [2023-11-06 22:18:20,537 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2023-11-06 22:18:20,537 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.8) internal successors, (39), 4 states have internal predecessors, (39), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 46 [2023-11-06 22:18:20,538 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:18:20,542 INFO L225 Difference]: With dead ends: 634 [2023-11-06 22:18:20,542 INFO L226 Difference]: Without dead ends: 370 [2023-11-06 22:18:20,543 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=27, Invalid=45, Unknown=0, NotChecked=0, Total=72 [2023-11-06 22:18:20,545 INFO L413 NwaCegarLoop]: 94 mSDtfsCounter, 98 mSDsluCounter, 232 mSDsCounter, 0 mSdLazyCounter, 92 mSolverCounterSat, 14 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 105 SdHoareTripleChecker+Valid, 326 SdHoareTripleChecker+Invalid, 106 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 14 IncrementalHoareTripleChecker+Valid, 92 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2023-11-06 22:18:20,545 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [105 Valid, 326 Invalid, 106 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [14 Valid, 92 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2023-11-06 22:18:20,548 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 370 states. [2023-11-06 22:18:20,602 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 370 to 348. [2023-11-06 22:18:20,603 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 348 states, 277 states have (on average 1.263537906137184) internal successors, (350), 300 states have internal predecessors, (350), 39 states have call successors, (39), 27 states have call predecessors, (39), 31 states have return successors, (59), 37 states have call predecessors, (59), 39 states have call successors, (59) [2023-11-06 22:18:20,606 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 348 states to 348 states and 448 transitions. [2023-11-06 22:18:20,607 INFO L78 Accepts]: Start accepts. Automaton has 348 states and 448 transitions. Word has length 46 [2023-11-06 22:18:20,607 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:18:20,607 INFO L495 AbstractCegarLoop]: Abstraction has 348 states and 448 transitions. [2023-11-06 22:18:20,608 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.8) internal successors, (39), 4 states have internal predecessors, (39), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2023-11-06 22:18:20,608 INFO L276 IsEmpty]: Start isEmpty. Operand 348 states and 448 transitions. [2023-11-06 22:18:20,609 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2023-11-06 22:18:20,609 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:18:20,609 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:18:20,609 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2023-11-06 22:18:20,610 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:18:20,610 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:18:20,610 INFO L85 PathProgramCache]: Analyzing trace with hash -1944313183, now seen corresponding path program 1 times [2023-11-06 22:18:20,610 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:18:20,610 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1511001505] [2023-11-06 22:18:20,611 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:18:20,611 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:18:20,624 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:20,706 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2023-11-06 22:18:20,708 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:20,710 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2023-11-06 22:18:20,711 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:20,712 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2023-11-06 22:18:20,713 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:20,714 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2023-11-06 22:18:20,715 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:18:20,715 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1511001505] [2023-11-06 22:18:20,715 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1511001505] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:18:20,715 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:18:20,715 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2023-11-06 22:18:20,715 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1164419618] [2023-11-06 22:18:20,716 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:18:20,716 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2023-11-06 22:18:20,716 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:18:20,717 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2023-11-06 22:18:20,717 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2023-11-06 22:18:20,717 INFO L87 Difference]: Start difference. First operand 348 states and 448 transitions. Second operand has 6 states, 6 states have (on average 6.5) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2023-11-06 22:18:20,961 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:18:20,962 INFO L93 Difference]: Finished difference Result 791 states and 1037 transitions. [2023-11-06 22:18:20,962 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2023-11-06 22:18:20,962 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.5) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 46 [2023-11-06 22:18:20,964 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:18:20,970 INFO L225 Difference]: With dead ends: 791 [2023-11-06 22:18:20,970 INFO L226 Difference]: Without dead ends: 450 [2023-11-06 22:18:20,972 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 17 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 14 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=40, Invalid=92, Unknown=0, NotChecked=0, Total=132 [2023-11-06 22:18:20,974 INFO L413 NwaCegarLoop]: 80 mSDtfsCounter, 111 mSDsluCounter, 277 mSDsCounter, 0 mSdLazyCounter, 114 mSolverCounterSat, 15 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 116 SdHoareTripleChecker+Valid, 357 SdHoareTripleChecker+Invalid, 129 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 15 IncrementalHoareTripleChecker+Valid, 114 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2023-11-06 22:18:20,974 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [116 Valid, 357 Invalid, 129 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [15 Valid, 114 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2023-11-06 22:18:20,976 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 450 states. [2023-11-06 22:18:21,033 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 450 to 353. [2023-11-06 22:18:21,034 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 353 states, 285 states have (on average 1.249122807017544) internal successors, (356), 306 states have internal predecessors, (356), 37 states have call successors, (37), 26 states have call predecessors, (37), 30 states have return successors, (57), 35 states have call predecessors, (57), 37 states have call successors, (57) [2023-11-06 22:18:21,039 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 353 states to 353 states and 450 transitions. [2023-11-06 22:18:21,039 INFO L78 Accepts]: Start accepts. Automaton has 353 states and 450 transitions. Word has length 46 [2023-11-06 22:18:21,040 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:18:21,040 INFO L495 AbstractCegarLoop]: Abstraction has 353 states and 450 transitions. [2023-11-06 22:18:21,040 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.5) internal successors, (39), 5 states have internal predecessors, (39), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2023-11-06 22:18:21,040 INFO L276 IsEmpty]: Start isEmpty. Operand 353 states and 450 transitions. [2023-11-06 22:18:21,042 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2023-11-06 22:18:21,042 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:18:21,042 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:18:21,042 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2023-11-06 22:18:21,042 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:18:21,043 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:18:21,043 INFO L85 PathProgramCache]: Analyzing trace with hash -1025339665, now seen corresponding path program 1 times [2023-11-06 22:18:21,043 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:18:21,043 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [418471776] [2023-11-06 22:18:21,043 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:18:21,044 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:18:21,062 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:21,199 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2023-11-06 22:18:21,201 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:21,203 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2023-11-06 22:18:21,205 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:21,219 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 40 [2023-11-06 22:18:21,220 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:21,222 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2023-11-06 22:18:21,222 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:18:21,222 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [418471776] [2023-11-06 22:18:21,222 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [418471776] provided 0 perfect and 1 imperfect interpolant sequences [2023-11-06 22:18:21,222 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2147192826] [2023-11-06 22:18:21,222 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:18:21,223 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-11-06 22:18:21,223 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_788a1512-0fbe-437c-a3de-f5ec19c93461/bin/uautomizer-verify-WvqO1wxjHP/z3 [2023-11-06 22:18:21,228 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_788a1512-0fbe-437c-a3de-f5ec19c93461/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-11-06 22:18:21,256 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_788a1512-0fbe-437c-a3de-f5ec19c93461/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2023-11-06 22:18:21,331 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:21,334 INFO L262 TraceCheckSpWp]: Trace formula consists of 224 conjuncts, 15 conjunts are in the unsatisfiable core [2023-11-06 22:18:21,340 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-11-06 22:18:21,487 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 3 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2023-11-06 22:18:21,487 INFO L323 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2023-11-06 22:18:21,487 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2147192826] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:18:21,487 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2023-11-06 22:18:21,487 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [8] total 12 [2023-11-06 22:18:21,488 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2132226232] [2023-11-06 22:18:21,488 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:18:21,488 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2023-11-06 22:18:21,488 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:18:21,489 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2023-11-06 22:18:21,489 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=29, Invalid=103, Unknown=0, NotChecked=0, Total=132 [2023-11-06 22:18:21,489 INFO L87 Difference]: Start difference. First operand 353 states and 450 transitions. Second operand has 7 states, 7 states have (on average 6.285714285714286) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (4), 2 states have call predecessors, (4), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2023-11-06 22:18:21,648 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:18:21,648 INFO L93 Difference]: Finished difference Result 1042 states and 1354 transitions. [2023-11-06 22:18:21,648 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2023-11-06 22:18:21,649 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.285714285714286) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (4), 2 states have call predecessors, (4), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) Word has length 51 [2023-11-06 22:18:21,649 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:18:21,654 INFO L225 Difference]: With dead ends: 1042 [2023-11-06 22:18:21,654 INFO L226 Difference]: Without dead ends: 696 [2023-11-06 22:18:21,656 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 64 GetRequests, 53 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 22 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=36, Invalid=120, Unknown=0, NotChecked=0, Total=156 [2023-11-06 22:18:21,658 INFO L413 NwaCegarLoop]: 80 mSDtfsCounter, 76 mSDsluCounter, 380 mSDsCounter, 0 mSdLazyCounter, 48 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 79 SdHoareTripleChecker+Valid, 460 SdHoareTripleChecker+Invalid, 53 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 48 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-11-06 22:18:21,659 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [79 Valid, 460 Invalid, 53 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 48 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-11-06 22:18:21,660 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 696 states. [2023-11-06 22:18:21,755 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 696 to 680. [2023-11-06 22:18:21,757 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 680 states, 547 states have (on average 1.2285191956124315) internal successors, (672), 582 states have internal predecessors, (672), 73 states have call successors, (73), 51 states have call predecessors, (73), 59 states have return successors, (119), 69 states have call predecessors, (119), 73 states have call successors, (119) [2023-11-06 22:18:21,766 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 680 states to 680 states and 864 transitions. [2023-11-06 22:18:21,768 INFO L78 Accepts]: Start accepts. Automaton has 680 states and 864 transitions. Word has length 51 [2023-11-06 22:18:21,768 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:18:21,769 INFO L495 AbstractCegarLoop]: Abstraction has 680 states and 864 transitions. [2023-11-06 22:18:21,769 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.285714285714286) internal successors, (44), 5 states have internal predecessors, (44), 2 states have call successors, (4), 2 states have call predecessors, (4), 3 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2023-11-06 22:18:21,769 INFO L276 IsEmpty]: Start isEmpty. Operand 680 states and 864 transitions. [2023-11-06 22:18:21,771 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2023-11-06 22:18:21,771 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:18:21,771 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:18:21,780 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_788a1512-0fbe-437c-a3de-f5ec19c93461/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2023-11-06 22:18:21,977 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_788a1512-0fbe-437c-a3de-f5ec19c93461/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-11-06 22:18:21,977 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:18:21,978 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:18:21,978 INFO L85 PathProgramCache]: Analyzing trace with hash 468700430, now seen corresponding path program 1 times [2023-11-06 22:18:21,978 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:18:21,978 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [449599907] [2023-11-06 22:18:21,978 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:18:21,978 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:18:21,993 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:22,106 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2023-11-06 22:18:22,107 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:22,108 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2023-11-06 22:18:22,110 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:22,111 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 41 [2023-11-06 22:18:22,112 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:22,114 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2023-11-06 22:18:22,114 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:18:22,114 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [449599907] [2023-11-06 22:18:22,115 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [449599907] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:18:22,115 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:18:22,115 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2023-11-06 22:18:22,115 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [470399219] [2023-11-06 22:18:22,115 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:18:22,116 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2023-11-06 22:18:22,116 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:18:22,116 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2023-11-06 22:18:22,116 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2023-11-06 22:18:22,117 INFO L87 Difference]: Start difference. First operand 680 states and 864 transitions. Second operand has 8 states, 8 states have (on average 5.375) internal successors, (43), 7 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2023-11-06 22:18:22,468 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:18:22,468 INFO L93 Difference]: Finished difference Result 1266 states and 1620 transitions. [2023-11-06 22:18:22,469 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2023-11-06 22:18:22,469 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 5.375) internal successors, (43), 7 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 52 [2023-11-06 22:18:22,470 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:18:22,472 INFO L225 Difference]: With dead ends: 1266 [2023-11-06 22:18:22,472 INFO L226 Difference]: Without dead ends: 257 [2023-11-06 22:18:22,476 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 25 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 24 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=59, Invalid=181, Unknown=0, NotChecked=0, Total=240 [2023-11-06 22:18:22,477 INFO L413 NwaCegarLoop]: 90 mSDtfsCounter, 148 mSDsluCounter, 378 mSDsCounter, 0 mSdLazyCounter, 211 mSolverCounterSat, 28 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 152 SdHoareTripleChecker+Valid, 468 SdHoareTripleChecker+Invalid, 239 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 28 IncrementalHoareTripleChecker+Valid, 211 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2023-11-06 22:18:22,477 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [152 Valid, 468 Invalid, 239 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [28 Valid, 211 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2023-11-06 22:18:22,478 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 257 states. [2023-11-06 22:18:22,512 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 257 to 247. [2023-11-06 22:18:22,513 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 247 states, 197 states have (on average 1.1878172588832487) internal successors, (234), 208 states have internal predecessors, (234), 26 states have call successors, (26), 23 states have call predecessors, (26), 23 states have return successors, (31), 24 states have call predecessors, (31), 26 states have call successors, (31) [2023-11-06 22:18:22,515 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 247 states to 247 states and 291 transitions. [2023-11-06 22:18:22,515 INFO L78 Accepts]: Start accepts. Automaton has 247 states and 291 transitions. Word has length 52 [2023-11-06 22:18:22,515 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:18:22,515 INFO L495 AbstractCegarLoop]: Abstraction has 247 states and 291 transitions. [2023-11-06 22:18:22,516 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 5.375) internal successors, (43), 7 states have internal predecessors, (43), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2023-11-06 22:18:22,516 INFO L276 IsEmpty]: Start isEmpty. Operand 247 states and 291 transitions. [2023-11-06 22:18:22,517 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2023-11-06 22:18:22,517 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:18:22,517 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:18:22,517 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2023-11-06 22:18:22,518 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:18:22,518 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:18:22,518 INFO L85 PathProgramCache]: Analyzing trace with hash -1675825877, now seen corresponding path program 1 times [2023-11-06 22:18:22,518 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:18:22,518 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1827668258] [2023-11-06 22:18:22,518 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:18:22,519 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:18:22,531 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:22,629 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 11 [2023-11-06 22:18:22,630 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:22,639 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 17 [2023-11-06 22:18:22,640 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:22,652 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2023-11-06 22:18:22,654 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:22,656 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 44 [2023-11-06 22:18:22,657 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:18:22,674 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2023-11-06 22:18:22,674 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:18:22,674 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1827668258] [2023-11-06 22:18:22,674 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1827668258] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:18:22,674 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:18:22,674 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [11] imperfect sequences [] total 11 [2023-11-06 22:18:22,675 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1369385706] [2023-11-06 22:18:22,675 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:18:22,675 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 11 states [2023-11-06 22:18:22,675 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:18:22,676 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 11 interpolants. [2023-11-06 22:18:22,676 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=90, Unknown=0, NotChecked=0, Total=110 [2023-11-06 22:18:22,676 INFO L87 Difference]: Start difference. First operand 247 states and 291 transitions. Second operand has 11 states, 11 states have (on average 4.181818181818182) internal successors, (46), 8 states have internal predecessors, (46), 2 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2023-11-06 22:18:23,206 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:18:23,206 INFO L93 Difference]: Finished difference Result 479 states and 570 transitions. [2023-11-06 22:18:23,206 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 16 states. [2023-11-06 22:18:23,207 INFO L78 Accepts]: Start accepts. Automaton has has 11 states, 11 states have (on average 4.181818181818182) internal successors, (46), 8 states have internal predecessors, (46), 2 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 55 [2023-11-06 22:18:23,207 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:18:23,207 INFO L225 Difference]: With dead ends: 479 [2023-11-06 22:18:23,208 INFO L226 Difference]: Without dead ends: 0 [2023-11-06 22:18:23,209 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 30 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 20 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 48 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=101, Invalid=361, Unknown=0, NotChecked=0, Total=462 [2023-11-06 22:18:23,210 INFO L413 NwaCegarLoop]: 43 mSDtfsCounter, 146 mSDsluCounter, 237 mSDsCounter, 0 mSdLazyCounter, 506 mSolverCounterSat, 38 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 146 SdHoareTripleChecker+Valid, 280 SdHoareTripleChecker+Invalid, 544 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 38 IncrementalHoareTripleChecker+Valid, 506 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2023-11-06 22:18:23,210 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [146 Valid, 280 Invalid, 544 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [38 Valid, 506 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2023-11-06 22:18:23,211 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2023-11-06 22:18:23,211 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2023-11-06 22:18:23,211 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2023-11-06 22:18:23,212 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2023-11-06 22:18:23,212 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 55 [2023-11-06 22:18:23,212 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:18:23,212 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2023-11-06 22:18:23,212 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 11 states, 11 states have (on average 4.181818181818182) internal successors, (46), 8 states have internal predecessors, (46), 2 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2023-11-06 22:18:23,213 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2023-11-06 22:18:23,213 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2023-11-06 22:18:23,215 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2023-11-06 22:18:23,216 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2023-11-06 22:18:23,217 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2023-11-06 22:18:27,889 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 257 263) no Hoare annotation was computed. [2023-11-06 22:18:27,889 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 257 263) the Hoare annotation is: true [2023-11-06 22:18:27,890 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 435 446) the Hoare annotation is: (let ((.cse0 (= 0 ~systemActive~0))) (and (or (not (= ~pumpRunning~0 0)) (= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0) (< |old(~methaneLevelCritical~0)| 1) .cse0) (or (not (= |old(~methaneLevelCritical~0)| 0)) (= ~methaneLevelCritical~0 0) .cse0))) [2023-11-06 22:18:27,890 INFO L899 garLoopResultBuilder]: For program point L439-1(lines 435 446) no Hoare annotation was computed. [2023-11-06 22:18:27,890 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 435 446) no Hoare annotation was computed. [2023-11-06 22:18:27,890 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(lines 447 455) the Hoare annotation is: true [2023-11-06 22:18:27,890 INFO L899 garLoopResultBuilder]: For program point isMethaneLevelCriticalFINAL(lines 447 455) no Hoare annotation was computed. [2023-11-06 22:18:27,890 INFO L899 garLoopResultBuilder]: For program point isMethaneLevelCriticalEXIT(lines 447 455) no Hoare annotation was computed. [2023-11-06 22:18:27,891 INFO L899 garLoopResultBuilder]: For program point L415(lines 415 419) no Hoare annotation was computed. [2023-11-06 22:18:27,891 INFO L895 garLoopResultBuilder]: At program point L415-2(lines 411 422) the Hoare annotation is: (let ((.cse0 (= |old(~pumpRunning~0)| 0))) (let ((.cse2 (not .cse0)) (.cse1 (= 0 ~systemActive~0))) (and (or (< 1 |old(~waterLevel~0)|) (<= ~waterLevel~0 1) .cse0 .cse1) (or .cse2 (not (= ~methaneLevelCritical~0 0)) .cse1) (or .cse2 .cse1 (< ~methaneLevelCritical~0 1)) (or (not (= ~pumpRunning~0 0)) .cse0 .cse1)))) [2023-11-06 22:18:27,891 INFO L895 garLoopResultBuilder]: At program point L279(line 279) the Hoare annotation is: (let ((.cse0 (and (= ~pumpRunning~0 0) (<= ~waterLevel~0 1) (= |old(~waterLevel~0)| ~waterLevel~0))) (.cse1 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 (< ~methaneLevelCritical~0 1)) (or .cse0 (not (= ~methaneLevelCritical~0 0)) .cse1) (or (= |old(~pumpRunning~0)| 0) .cse1))) [2023-11-06 22:18:27,892 INFO L895 garLoopResultBuilder]: At program point L329(line 329) the Hoare annotation is: (let ((.cse1 (= ~pumpRunning~0 0)) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse3 (= 0 ~systemActive~0))) (let ((.cse0 (and .cse1 (<= ~waterLevel~0 1) .cse2 (not .cse3)))) (and (or .cse0 (and (= |timeShift_isHighWaterLevel_#res#1| 1) .cse1 (= |timeShift_processEnvironment_~tmp~2#1| 1) (= |timeShift_isHighWaterSensorDry_#res#1| 0) .cse2) .cse3 (< ~methaneLevelCritical~0 1)) (or .cse0 (not (= ~methaneLevelCritical~0 0)) .cse3) (or (= |old(~pumpRunning~0)| 0) .cse3)))) [2023-11-06 22:18:27,892 INFO L899 garLoopResultBuilder]: For program point L329-1(line 329) no Hoare annotation was computed. [2023-11-06 22:18:27,892 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 233 256) no Hoare annotation was computed. [2023-11-06 22:18:27,892 INFO L899 garLoopResultBuilder]: For program point L932(lines 932 938) no Hoare annotation was computed. [2023-11-06 22:18:27,893 INFO L895 garLoopResultBuilder]: At program point isHighWaterSensorDry_returnLabel#1(lines 488 501) the Hoare annotation is: (let ((.cse2 (= ~pumpRunning~0 0)) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse0 (and .cse2 (<= ~waterLevel~0 1) .cse3)) (.cse1 (= 0 ~systemActive~0))) (and (or .cse0 (not (= ~methaneLevelCritical~0 0)) .cse1) (or .cse0 .cse1 (and .cse2 (= |timeShift_isHighWaterSensorDry_#res#1| 0) .cse3) (< ~methaneLevelCritical~0 1)) (or (= |old(~pumpRunning~0)| 0) .cse1)))) [2023-11-06 22:18:27,893 INFO L899 garLoopResultBuilder]: For program point L928(lines 928 941) no Hoare annotation was computed. [2023-11-06 22:18:27,893 INFO L895 garLoopResultBuilder]: At program point L928-1(lines 913 945) the Hoare annotation is: (let ((.cse1 (= ~pumpRunning~0 0)) (.cse5 (= 0 ~systemActive~0)) (.cse6 (= |old(~pumpRunning~0)| 0))) (let ((.cse0 (not .cse6)) (.cse2 (<= ~waterLevel~0 1)) (.cse4 (not .cse5)) (.cse7 (not .cse1)) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 (and .cse1 .cse2 .cse3 .cse4) (not (= ~methaneLevelCritical~0 0)) (and .cse2 (= |timeShift_isMethaneAlarm_#res#1| 0) .cse3 .cse4) .cse5) (or (< 1 |old(~waterLevel~0)|) (and .cse2 .cse4) .cse6 .cse5) (or .cse7 .cse6 .cse5) (let ((.cse10 (not (= |timeShift___utac_acc__Specification3_spec__1_~tmp~8#1| 0))) (.cse8 (= |timeShift_isHighWaterLevel_#res#1| 1)) (.cse9 (= |timeShift_isHighWaterSensorDry_#res#1| 0))) (or .cse0 (and .cse8 .cse9 .cse3 .cse10) (and .cse1 .cse2 .cse3 .cse10 .cse4) (and .cse7 .cse2 .cse3 .cse4) .cse5 (and .cse8 .cse7 .cse9 .cse3) (< ~methaneLevelCritical~0 1)))))) [2023-11-06 22:18:27,894 INFO L895 garLoopResultBuilder]: At program point L284(line 284) the Hoare annotation is: (let ((.cse0 (= |old(~pumpRunning~0)| 0))) (let ((.cse2 (not .cse0)) (.cse1 (= 0 ~systemActive~0))) (and (or (< 1 |old(~waterLevel~0)|) (<= ~waterLevel~0 1) .cse0 .cse1) (or .cse2 (not (= ~methaneLevelCritical~0 0)) .cse1) (or .cse2 .cse1 (< ~methaneLevelCritical~0 1)) (or (not (= ~pumpRunning~0 0)) .cse0 .cse1)))) [2023-11-06 22:18:27,894 INFO L895 garLoopResultBuilder]: At program point L284-1(lines 265 289) the Hoare annotation is: (let ((.cse5 (= 0 ~systemActive~0)) (.cse6 (= |old(~pumpRunning~0)| 0))) (let ((.cse3 (not .cse6)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (not .cse5)) (.cse0 (= ~pumpRunning~0 0))) (and (or (and .cse0 .cse1 .cse2) .cse3 (not (= ~methaneLevelCritical~0 0)) (and .cse1 (= |timeShift_isMethaneAlarm_#res#1| 0) .cse2 .cse4) .cse5) (or (< 1 |old(~waterLevel~0)|) (and .cse1 .cse4) .cse6 .cse5) (or .cse3 (and (= |timeShift_isHighWaterLevel_#res#1| 1) (= |timeShift_processEnvironment_~tmp~2#1| 1) (= |timeShift_isHighWaterSensorDry_#res#1| 0) .cse2) (and .cse1 .cse2 .cse4) .cse5 (< ~methaneLevelCritical~0 1)) (or (not .cse0) .cse6 .cse5)))) [2023-11-06 22:18:27,894 INFO L899 garLoopResultBuilder]: For program point L507(line 507) no Hoare annotation was computed. [2023-11-06 22:18:27,895 INFO L895 garLoopResultBuilder]: At program point L920(line 920) the Hoare annotation is: (let ((.cse4 (= 0 ~systemActive~0)) (.cse6 (= |old(~pumpRunning~0)| 0))) (let ((.cse0 (not .cse6)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse2 (<= ~waterLevel~0 1)) (.cse3 (not .cse4)) (.cse5 (= ~pumpRunning~0 0))) (and (or .cse0 (and (= |timeShift_isHighWaterLevel_#res#1| 1) (= |timeShift_isHighWaterSensorDry_#res#1| 0) .cse1) (and .cse2 .cse1 .cse3) .cse4 (< ~methaneLevelCritical~0 1)) (or (and .cse5 .cse2 .cse1) .cse0 (not (= ~methaneLevelCritical~0 0)) (and .cse2 (= |timeShift_isMethaneAlarm_#res#1| 0) .cse1 .cse3) .cse4) (or (< 1 |old(~waterLevel~0)|) (and .cse2 .cse3) .cse6 .cse4) (or (not .cse5) .cse6 .cse4)))) [2023-11-06 22:18:27,895 INFO L899 garLoopResultBuilder]: For program point L920-1(line 920) no Hoare annotation was computed. [2023-11-06 22:18:27,895 INFO L895 garLoopResultBuilder]: At program point getWaterLevel_returnLabel#1(lines 479 487) the Hoare annotation is: (let ((.cse7 (= 0 ~systemActive~0)) (.cse4 (= ~pumpRunning~0 0))) (let ((.cse14 (= |old(~pumpRunning~0)| 0)) (.cse13 (not .cse4)) (.cse0 (<= ~waterLevel~0 1)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse2 (<= |timeShift_getWaterLevel_#res#1| 1)) (.cse3 (not .cse7))) (let ((.cse6 (not (= ~methaneLevelCritical~0 0))) (.cse11 (and .cse13 .cse0 .cse1 .cse2 .cse3)) (.cse10 (< 1 |old(~waterLevel~0)|)) (.cse5 (not .cse14)) (.cse8 (not (= |old(~waterLevel~0)| 1))) (.cse9 (and (= ~waterLevel~0 1) (= |timeShift_getWaterLevel_#res#1| 1) .cse3)) (.cse12 (< ~methaneLevelCritical~0 1))) (and (or (and .cse0 (= |timeShift_isMethaneAlarm_#res#1| 0) .cse1 .cse2 .cse3) (and .cse4 .cse0 .cse1 .cse2) .cse5 .cse6 .cse7) (or .cse5 .cse8 .cse9 .cse6 .cse7) (or .cse10 .cse5 .cse11 .cse7 .cse12) (or .cse5 .cse11 .cse7 (and (= |timeShift_isHighWaterLevel_#res#1| 1) .cse13 (= |timeShift_isHighWaterSensorDry_#res#1| 0) .cse1) .cse12) (or .cse10 (and .cse0 .cse2 .cse3) .cse14 .cse7) (or .cse5 .cse8 .cse9 .cse7 .cse12) (or .cse13 .cse14 .cse7))))) [2023-11-06 22:18:27,895 INFO L899 garLoopResultBuilder]: For program point L244-1(lines 244 250) no Hoare annotation was computed. [2023-11-06 22:18:27,896 INFO L899 garLoopResultBuilder]: For program point L306(lines 306 312) no Hoare annotation was computed. [2023-11-06 22:18:27,896 INFO L899 garLoopResultBuilder]: For program point L273(lines 273 281) no Hoare annotation was computed. [2023-11-06 22:18:27,896 INFO L895 garLoopResultBuilder]: At program point L306-2(lines 299 315) the Hoare annotation is: (let ((.cse5 (= 0 ~systemActive~0))) (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= |timeShift_activatePump_~tmp~3#1| 0)) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (not .cse5))) (and (or (not (= ~methaneLevelCritical~0 0)) (and (not .cse0) .cse1 (= |timeShift_isMethaneAlarm_#res#1| 0) .cse2 .cse3 .cse4) .cse5) (let ((.cse6 (= |timeShift_isHighWaterLevel_#res#1| 1)) (.cse7 (= |timeShift_processEnvironment_~tmp~2#1| 1)) (.cse8 (= |timeShift_isHighWaterSensorDry_#res#1| 0))) (or (and .cse0 .cse1 .cse3) (and .cse6 .cse0 .cse7 .cse8 .cse3) (and .cse6 .cse7 .cse2 .cse8 .cse3) (and .cse1 .cse2 .cse3 .cse4) .cse5 (< ~methaneLevelCritical~0 1))) (or (= |old(~pumpRunning~0)| 0) .cse5)))) [2023-11-06 22:18:27,896 INFO L899 garLoopResultBuilder]: For program point L269(lines 269 286) no Hoare annotation was computed. [2023-11-06 22:18:27,897 INFO L899 garLoopResultBuilder]: For program point L492(lines 492 498) no Hoare annotation was computed. [2023-11-06 22:18:27,897 INFO L895 garLoopResultBuilder]: At program point activatePump__wrappee__highWaterSensor_returnLabel#1(lines 290 297) the Hoare annotation is: (let ((.cse5 (= 0 ~systemActive~0))) (let ((.cse1 (<= ~waterLevel~0 1)) (.cse4 (not .cse5)) (.cse0 (not (= ~pumpRunning~0 0))) (.cse2 (= |timeShift_activatePump_~tmp~3#1| 0)) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or (not (= ~methaneLevelCritical~0 0)) (and .cse0 .cse1 (= |timeShift_isMethaneAlarm_#res#1| 0) .cse2 .cse3 .cse4) .cse5) (or (= |old(~pumpRunning~0)| 0) .cse5) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and (= |timeShift_isHighWaterLevel_#res#1| 1) .cse0 (= |timeShift_processEnvironment_~tmp~2#1| 1) .cse2 (= |timeShift_isHighWaterSensorDry_#res#1| 0) .cse3) .cse5 (< ~methaneLevelCritical~0 1))))) [2023-11-06 22:18:27,897 INFO L895 garLoopResultBuilder]: At program point __automaton_fail_returnLabel#1(lines 503 510) the Hoare annotation is: (let ((.cse0 (= 0 ~systemActive~0))) (and (or .cse0 (< ~methaneLevelCritical~0 1)) (or (= |old(~pumpRunning~0)| 0) .cse0) (or (not (= ~methaneLevelCritical~0 0)) .cse0))) [2023-11-06 22:18:27,898 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 233 256) the Hoare annotation is: (let ((.cse2 (= ~pumpRunning~0 0)) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse0 (= |old(~pumpRunning~0)| 0))) (let ((.cse4 (not .cse0)) (.cse5 (and .cse2 .cse3)) (.cse1 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 (and (not .cse2) .cse3)) (or .cse4 .cse5 .cse1 (< ~methaneLevelCritical~0 1)) (or .cse4 .cse5 (not (= ~methaneLevelCritical~0 0)) .cse1)))) [2023-11-06 22:18:27,898 INFO L899 garLoopResultBuilder]: For program point L389(lines 389 393) no Hoare annotation was computed. [2023-11-06 22:18:27,898 INFO L899 garLoopResultBuilder]: For program point L389-2(lines 389 393) no Hoare annotation was computed. [2023-11-06 22:18:27,898 INFO L895 garLoopResultBuilder]: At program point isHighWaterLevel_returnLabel#1(lines 380 398) the Hoare annotation is: (let ((.cse2 (= ~pumpRunning~0 0)) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse1 (= 0 ~systemActive~0))) (let ((.cse0 (and .cse2 (<= ~waterLevel~0 1) .cse3 (not .cse1)))) (and (or .cse0 (not (= ~methaneLevelCritical~0 0)) .cse1) (or (= |old(~pumpRunning~0)| 0) .cse1) (or (and (= |timeShift_isHighWaterLevel_#res#1| 1) .cse2 (= |timeShift_isHighWaterLevel_~tmp~4#1| 0) (= |timeShift_isHighWaterSensorDry_#res#1| 0) .cse3 (= |timeShift_isHighWaterLevel_~tmp___0~1#1| 1)) .cse0 .cse1 (< ~methaneLevelCritical~0 1))))) [2023-11-06 22:18:27,898 INFO L899 garLoopResultBuilder]: For program point L922(lines 922 942) no Hoare annotation was computed. [2023-11-06 22:18:27,898 INFO L899 garLoopResultBuilder]: For program point L237-1(lines 236 255) no Hoare annotation was computed. [2023-11-06 22:18:27,899 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 233 256) no Hoare annotation was computed. [2023-11-06 22:18:27,899 INFO L895 garLoopResultBuilder]: At program point isMethaneAlarm_returnLabel#1(lines 324 334) the Hoare annotation is: (let ((.cse4 (= 0 ~systemActive~0))) (let ((.cse1 (<= ~waterLevel~0 1)) (.cse3 (not .cse4)) (.cse0 (= ~pumpRunning~0 0)) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or (and .cse0 .cse1 (= |timeShift_isMethaneAlarm_#res#1| 0) .cse2 .cse3) (not (= ~methaneLevelCritical~0 0)) .cse4) (or (and .cse0 .cse1 .cse2 .cse3) (and (= |timeShift_isHighWaterLevel_#res#1| 1) .cse0 (= |timeShift_processEnvironment_~tmp~2#1| 1) (= |timeShift_isHighWaterSensorDry_#res#1| 0) .cse2) .cse4 (< ~methaneLevelCritical~0 1)) (or (= |old(~pumpRunning~0)| 0) .cse4)))) [2023-11-06 22:18:27,899 INFO L895 garLoopResultBuilder]: At program point isPumpRunning_returnLabel#1(lines 335 343) the Hoare annotation is: (let ((.cse6 (= |old(~pumpRunning~0)| 0))) (let ((.cse0 (not .cse6)) (.cse3 (not (= ~pumpRunning~0 0))) (.cse4 (not (= |timeShift_isPumpRunning_#res#1| 0))) (.cse5 (< 1 |old(~waterLevel~0)|)) (.cse1 (= 0 ~systemActive~0)) (.cse2 (< ~methaneLevelCritical~0 1))) (and (or .cse0 .cse1 .cse2 (and (= |timeShift_isHighWaterLevel_#res#1| 1) .cse3 .cse4 (= |timeShift_isHighWaterSensorDry_#res#1| 0) (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse0 (not (= ~methaneLevelCritical~0 0)) .cse1) (or .cse5 .cse6 .cse1) (or (and .cse3 .cse4) .cse6 .cse1) (or .cse5 .cse1 .cse2)))) [2023-11-06 22:18:27,899 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 507) no Hoare annotation was computed. [2023-11-06 22:18:27,900 INFO L902 garLoopResultBuilder]: At program point L66-1(lines 66 70) the Hoare annotation is: true [2023-11-06 22:18:27,900 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 52 81) no Hoare annotation was computed. [2023-11-06 22:18:27,900 INFO L899 garLoopResultBuilder]: For program point L63(line 63) no Hoare annotation was computed. [2023-11-06 22:18:27,900 INFO L902 garLoopResultBuilder]: At program point L62-2(lines 62 76) the Hoare annotation is: true [2023-11-06 22:18:27,900 INFO L902 garLoopResultBuilder]: At program point L58(line 58) the Hoare annotation is: true [2023-11-06 22:18:27,900 INFO L899 garLoopResultBuilder]: For program point L58-1(line 58) no Hoare annotation was computed. [2023-11-06 22:18:27,901 INFO L902 garLoopResultBuilder]: At program point L77(lines 52 81) the Hoare annotation is: true [2023-11-06 22:18:27,901 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(lines 52 81) the Hoare annotation is: true [2023-11-06 22:18:27,901 INFO L899 garLoopResultBuilder]: For program point L73(line 73) no Hoare annotation was computed. [2023-11-06 22:18:27,901 INFO L899 garLoopResultBuilder]: For program point L66(lines 66 70) no Hoare annotation was computed. [2023-11-06 22:18:27,901 INFO L895 garLoopResultBuilder]: At program point startSystem_returnLabel#1(lines 399 406) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (not (= 0 ~systemActive~0)))) (or (and (<= 1 ~methaneLevelCritical~0) .cse0 .cse1 .cse2 .cse3) (and (not (= ~pumpRunning~0 0)) .cse0 .cse1 .cse2 .cse3) (and (= ~methaneLevelCritical~0 0) .cse0 .cse1 .cse2 .cse3))) [2023-11-06 22:18:27,901 INFO L895 garLoopResultBuilder]: At program point L213(lines 164 214) the Hoare annotation is: false [2023-11-06 22:18:27,902 INFO L902 garLoopResultBuilder]: At program point runTest_returnLabel#1(lines 117 126) the Hoare annotation is: true [2023-11-06 22:18:27,902 INFO L895 garLoopResultBuilder]: At program point select_features_returnLabel#1(lines 523 529) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2023-11-06 22:18:27,902 INFO L902 garLoopResultBuilder]: At program point main_returnLabel#1(lines 130 152) the Hoare annotation is: true [2023-11-06 22:18:27,902 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2023-11-06 22:18:27,902 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2023-11-06 22:18:27,902 INFO L899 garLoopResultBuilder]: For program point L185(lines 185 191) no Hoare annotation was computed. [2023-11-06 22:18:27,903 INFO L899 garLoopResultBuilder]: For program point L185-1(lines 185 191) no Hoare annotation was computed. [2023-11-06 22:18:27,903 INFO L895 garLoopResultBuilder]: At program point L210(lines 165 212) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (not (= 0 ~systemActive~0)))) (or (and (= ~methaneLevelCritical~0 0) .cse0 .cse1 (<= ~waterLevel~0 1) .cse2 .cse3) (and (<= 1 ~methaneLevelCritical~0) .cse0 .cse1 .cse2 .cse3) (and (not (= ~pumpRunning~0 0)) .cse0 .cse1 .cse2 .cse3))) [2023-11-06 22:18:27,903 INFO L895 garLoopResultBuilder]: At program point L177(line 177) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (not (= 0 ~systemActive~0)))) (or (and (= ~methaneLevelCritical~0 0) .cse0 .cse1 (<= ~waterLevel~0 1) .cse2 .cse3) (and (<= 1 ~methaneLevelCritical~0) .cse0 .cse1 .cse2 .cse3) (and (not (= ~pumpRunning~0 0)) .cse0 .cse1 .cse2 .cse3))) [2023-11-06 22:18:27,903 INFO L899 garLoopResultBuilder]: For program point L140(lines 140 147) no Hoare annotation was computed. [2023-11-06 22:18:27,903 INFO L899 garLoopResultBuilder]: For program point L140-2(lines 140 147) no Hoare annotation was computed. [2023-11-06 22:18:27,904 INFO L895 garLoopResultBuilder]: At program point setup_returnLabel#1(lines 109 115) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= |ULTIMATE.start_valid_product_#res#1| 1) (= |ULTIMATE.start_main_~tmp~0#1| 1) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2023-11-06 22:18:27,904 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2023-11-06 22:18:27,904 INFO L899 garLoopResultBuilder]: For program point L203(lines 203 207) no Hoare annotation was computed. [2023-11-06 22:18:27,904 INFO L899 garLoopResultBuilder]: For program point $Ultimate##0(line -1) no Hoare annotation was computed. [2023-11-06 22:18:27,904 INFO L895 garLoopResultBuilder]: At program point select_helpers_returnLabel#1(lines 530 536) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2023-11-06 22:18:27,905 INFO L895 garLoopResultBuilder]: At program point L203-2(lines 195 208) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (not (= 0 ~systemActive~0)))) (or (and (<= 1 ~methaneLevelCritical~0) .cse0 .cse1 .cse2 .cse3) (and (not (= ~pumpRunning~0 0)) .cse0 .cse1 .cse2 .cse3) (and (= ~methaneLevelCritical~0 0) .cse0 .cse1 .cse2 .cse3))) [2023-11-06 22:18:27,905 INFO L899 garLoopResultBuilder]: For program point L166(lines 165 212) no Hoare annotation was computed. [2023-11-06 22:18:27,905 INFO L899 garLoopResultBuilder]: For program point L195(lines 195 208) no Hoare annotation was computed. [2023-11-06 22:18:27,905 INFO L895 garLoopResultBuilder]: At program point L187(line 187) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (not (= 0 ~systemActive~0)))) (or (and (<= 1 ~methaneLevelCritical~0) .cse0 .cse1 .cse2 .cse3) (and (not (= ~pumpRunning~0 0)) .cse0 .cse1 .cse2 .cse3) (and (= ~methaneLevelCritical~0 0) .cse0 .cse1 .cse2 .cse3))) [2023-11-06 22:18:27,905 INFO L902 garLoopResultBuilder]: At program point L216(lines 155 220) the Hoare annotation is: true [2023-11-06 22:18:27,905 INFO L899 garLoopResultBuilder]: For program point L175(lines 175 181) no Hoare annotation was computed. [2023-11-06 22:18:27,906 INFO L899 garLoopResultBuilder]: For program point L175-1(lines 175 181) no Hoare annotation was computed. [2023-11-06 22:18:27,906 INFO L895 garLoopResultBuilder]: At program point valid_product_returnLabel#1(lines 537 545) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= |ULTIMATE.start_valid_product_#res#1| 1) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2023-11-06 22:18:27,906 INFO L899 garLoopResultBuilder]: For program point L167(lines 167 171) no Hoare annotation was computed. [2023-11-06 22:18:27,906 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 423 434) no Hoare annotation was computed. [2023-11-06 22:18:27,906 INFO L899 garLoopResultBuilder]: For program point L427-1(lines 423 434) no Hoare annotation was computed. [2023-11-06 22:18:27,907 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 423 434) the Hoare annotation is: (let ((.cse0 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse1 (= 0 ~systemActive~0))) (and (or (= ~pumpRunning~0 0) .cse0 .cse1) (or .cse0 .cse1 (< ~methaneLevelCritical~0 1)) (or (< 1 |old(~waterLevel~0)|) (not (= ~methaneLevelCritical~0 0)) .cse0 .cse1))) [2023-11-06 22:18:27,909 INFO L445 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:18:27,911 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2023-11-06 22:18:27,962 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 06.11 10:18:27 BoogieIcfgContainer [2023-11-06 22:18:27,963 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2023-11-06 22:18:27,963 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2023-11-06 22:18:27,963 INFO L270 PluginConnector]: Initializing Witness Printer... [2023-11-06 22:18:27,964 INFO L274 PluginConnector]: Witness Printer initialized [2023-11-06 22:18:27,964 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 06.11 10:18:17" (3/4) ... [2023-11-06 22:18:27,966 INFO L137 WitnessPrinter]: Generating witness for correct program [2023-11-06 22:18:27,977 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2023-11-06 22:18:27,977 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2023-11-06 22:18:27,977 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2023-11-06 22:18:27,977 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2023-11-06 22:18:27,977 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2023-11-06 22:18:27,978 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2023-11-06 22:18:27,987 INFO L939 BoogieBacktranslator]: Reduced CFG by removing 17 nodes and edges [2023-11-06 22:18:27,987 INFO L939 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2023-11-06 22:18:27,988 INFO L939 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2023-11-06 22:18:27,989 INFO L939 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2023-11-06 22:18:27,989 INFO L939 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2023-11-06 22:18:28,017 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (\result == 1)) && (waterLevel == 1)) && !((0 == systemActive))) [2023-11-06 22:18:28,018 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (\result == 1)) && (tmp == 1)) && (waterLevel == 1)) && !((0 == systemActive))) [2023-11-06 22:18:28,018 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((methaneLevelCritical == 0) && (\result == 1)) && (tmp == 1)) && (waterLevel <= 1)) && (splverifierCounter == 0)) && !((0 == systemActive))) || (((((1 <= methaneLevelCritical) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && !((0 == systemActive)))) || ((((!((pumpRunning == 0)) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && !((0 == systemActive)))) [2023-11-06 22:18:28,019 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((1 < \old(waterLevel)) || (waterLevel <= 1)) || (\old(pumpRunning) == 0)) || (0 == systemActive)) && ((!((\old(pumpRunning) == 0)) || !((methaneLevelCritical == 0))) || (0 == systemActive))) && ((!((\old(pumpRunning) == 0)) || (0 == systemActive)) || (methaneLevelCritical < 1))) && ((!((pumpRunning == 0)) || (\old(pumpRunning) == 0)) || (0 == systemActive))) [2023-11-06 22:18:28,020 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) || !((\old(pumpRunning) == 0))) || !((methaneLevelCritical == 0))) || ((((waterLevel <= 1) && (\result == 0)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive)))) || (0 == systemActive)) && ((((1 < \old(waterLevel)) || ((waterLevel <= 1) && !((0 == systemActive)))) || (\old(pumpRunning) == 0)) || (0 == systemActive))) && ((((!((\old(pumpRunning) == 0)) || ((((\result == 1) && (tmp == 1)) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || (((waterLevel <= 1) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive)))) || (0 == systemActive)) || (methaneLevelCritical < 1))) && ((!((pumpRunning == 0)) || (\old(pumpRunning) == 0)) || (0 == systemActive))) [2023-11-06 22:18:28,020 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!((\old(pumpRunning) == 0)) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive)))) || !((methaneLevelCritical == 0))) || ((((waterLevel <= 1) && (\result == 0)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive)))) || (0 == systemActive)) && ((((1 < \old(waterLevel)) || ((waterLevel <= 1) && !((0 == systemActive)))) || (\old(pumpRunning) == 0)) || (0 == systemActive))) && ((!((pumpRunning == 0)) || (\old(pumpRunning) == 0)) || (0 == systemActive))) && ((((((!((\old(pumpRunning) == 0)) || ((((\result == 1) && (\result == 0)) && (\old(waterLevel) == waterLevel)) && !((tmp == 0)))) || (((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) && !((tmp == 0))) && !((0 == systemActive)))) || (((!((pumpRunning == 0)) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive)))) || (0 == systemActive)) || ((((\result == 1) && !((pumpRunning == 0))) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || (methaneLevelCritical < 1))) [2023-11-06 22:18:28,021 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((1 <= methaneLevelCritical) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && !((0 == systemActive))) || ((((!((pumpRunning == 0)) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && !((0 == systemActive)))) || (((((methaneLevelCritical == 0) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && !((0 == systemActive)))) [2023-11-06 22:18:28,021 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((pumpRunning == 0) && (waterLevel <= 1)) && (\result == 0)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive))) || !((methaneLevelCritical == 0))) || (0 == systemActive)) && (((((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive))) || (((((\result == 1) && (pumpRunning == 0)) && (tmp == 1)) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || (0 == systemActive)) || (methaneLevelCritical < 1))) && ((\old(pumpRunning) == 0) || (0 == systemActive))) [2023-11-06 22:18:28,022 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((((((waterLevel <= 1) && (\result == 0)) && (\old(waterLevel) == waterLevel)) && (\result <= 1)) && !((0 == systemActive))) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) && (\result <= 1))) || !((\old(pumpRunning) == 0))) || !((methaneLevelCritical == 0))) || (0 == systemActive)) && ((((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || (((waterLevel == 1) && (\result == 1)) && !((0 == systemActive)))) || !((methaneLevelCritical == 0))) || (0 == systemActive))) && (((((1 < \old(waterLevel)) || !((\old(pumpRunning) == 0))) || ((((!((pumpRunning == 0)) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) && (\result <= 1)) && !((0 == systemActive)))) || (0 == systemActive)) || (methaneLevelCritical < 1))) && ((((!((\old(pumpRunning) == 0)) || ((((!((pumpRunning == 0)) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) && (\result <= 1)) && !((0 == systemActive)))) || (0 == systemActive)) || ((((\result == 1) && !((pumpRunning == 0))) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || (methaneLevelCritical < 1))) && ((((1 < \old(waterLevel)) || (((waterLevel <= 1) && (\result <= 1)) && !((0 == systemActive)))) || (\old(pumpRunning) == 0)) || (0 == systemActive))) && ((((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || (((waterLevel == 1) && (\result == 1)) && !((0 == systemActive)))) || (0 == systemActive)) || (methaneLevelCritical < 1))) && ((!((pumpRunning == 0)) || (\old(pumpRunning) == 0)) || (0 == systemActive))) [2023-11-06 22:18:28,022 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) || !((methaneLevelCritical == 0))) || (0 == systemActive)) && ((((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) || (0 == systemActive)) || (((pumpRunning == 0) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || (methaneLevelCritical < 1))) && ((\old(pumpRunning) == 0) || (0 == systemActive))) [2023-11-06 22:18:28,022 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!((methaneLevelCritical == 0)) || (((((!((pumpRunning == 0)) && (waterLevel <= 1)) && (\result == 0)) && (tmp == 0)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive)))) || (0 == systemActive)) && ((((((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) || (((((\result == 1) && (pumpRunning == 0)) && (tmp == 1)) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || (((((\result == 1) && (tmp == 1)) && (tmp == 0)) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || ((((waterLevel <= 1) && (tmp == 0)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive)))) || (0 == systemActive)) || (methaneLevelCritical < 1))) && ((\old(pumpRunning) == 0) || (0 == systemActive))) [2023-11-06 22:18:28,022 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!((methaneLevelCritical == 0)) || (((((!((pumpRunning == 0)) && (waterLevel <= 1)) && (\result == 0)) && (tmp == 0)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive)))) || (0 == systemActive)) && ((\old(pumpRunning) == 0) || (0 == systemActive))) && (((((((!((pumpRunning == 0)) && (waterLevel <= 1)) && (tmp == 0)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive))) || ((((((\result == 1) && !((pumpRunning == 0))) && (tmp == 1)) && (tmp == 0)) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || (0 == systemActive)) || (methaneLevelCritical < 1))) [2023-11-06 22:18:28,023 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive))) || !((methaneLevelCritical == 0))) || (0 == systemActive)) && ((\old(pumpRunning) == 0) || (0 == systemActive))) && (((((((((\result == 1) && (pumpRunning == 0)) && (tmp == 0)) && (\result == 0)) && (\old(waterLevel) == waterLevel)) && (tmp___0 == 1)) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive)))) || (0 == systemActive)) || (methaneLevelCritical < 1))) [2023-11-06 22:18:28,023 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!((\old(pumpRunning) == 0)) || (0 == systemActive)) || (methaneLevelCritical < 1)) || (((((\result == 1) && !((pumpRunning == 0))) && !((\result == 0))) && (\result == 0)) && (\old(waterLevel) == waterLevel))) && ((!((\old(pumpRunning) == 0)) || !((methaneLevelCritical == 0))) || (0 == systemActive))) && (((1 < \old(waterLevel)) || (\old(pumpRunning) == 0)) || (0 == systemActive))) && (((!((pumpRunning == 0)) && !((\result == 0))) || (\old(pumpRunning) == 0)) || (0 == systemActive))) && (((1 < \old(waterLevel)) || (0 == systemActive)) || (methaneLevelCritical < 1))) [2023-11-06 22:18:28,023 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((0 == systemActive) || (methaneLevelCritical < 1)) && ((\old(pumpRunning) == 0) || (0 == systemActive))) && (!((methaneLevelCritical == 0)) || (0 == systemActive))) [2023-11-06 22:18:28,055 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (\result == 1)) && (waterLevel == 1)) && !((0 == systemActive))) [2023-11-06 22:18:28,055 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (\result == 1)) && (tmp == 1)) && (waterLevel == 1)) && !((0 == systemActive))) [2023-11-06 22:18:28,055 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((methaneLevelCritical == 0) && (\result == 1)) && (tmp == 1)) && (waterLevel <= 1)) && (splverifierCounter == 0)) && !((0 == systemActive))) || (((((1 <= methaneLevelCritical) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && !((0 == systemActive)))) || ((((!((pumpRunning == 0)) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && !((0 == systemActive)))) [2023-11-06 22:18:28,056 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((1 < \old(waterLevel)) || (waterLevel <= 1)) || (\old(pumpRunning) == 0)) || (0 == systemActive)) && ((!((\old(pumpRunning) == 0)) || !((methaneLevelCritical == 0))) || (0 == systemActive))) && ((!((\old(pumpRunning) == 0)) || (0 == systemActive)) || (methaneLevelCritical < 1))) && ((!((pumpRunning == 0)) || (\old(pumpRunning) == 0)) || (0 == systemActive))) [2023-11-06 22:18:28,056 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) || !((\old(pumpRunning) == 0))) || !((methaneLevelCritical == 0))) || ((((waterLevel <= 1) && (\result == 0)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive)))) || (0 == systemActive)) && ((((1 < \old(waterLevel)) || ((waterLevel <= 1) && !((0 == systemActive)))) || (\old(pumpRunning) == 0)) || (0 == systemActive))) && ((((!((\old(pumpRunning) == 0)) || ((((\result == 1) && (tmp == 1)) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || (((waterLevel <= 1) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive)))) || (0 == systemActive)) || (methaneLevelCritical < 1))) && ((!((pumpRunning == 0)) || (\old(pumpRunning) == 0)) || (0 == systemActive))) [2023-11-06 22:18:28,056 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!((\old(pumpRunning) == 0)) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive)))) || !((methaneLevelCritical == 0))) || ((((waterLevel <= 1) && (\result == 0)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive)))) || (0 == systemActive)) && ((((1 < \old(waterLevel)) || ((waterLevel <= 1) && !((0 == systemActive)))) || (\old(pumpRunning) == 0)) || (0 == systemActive))) && ((!((pumpRunning == 0)) || (\old(pumpRunning) == 0)) || (0 == systemActive))) && ((((((!((\old(pumpRunning) == 0)) || ((((\result == 1) && (\result == 0)) && (\old(waterLevel) == waterLevel)) && !((tmp == 0)))) || (((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) && !((tmp == 0))) && !((0 == systemActive)))) || (((!((pumpRunning == 0)) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive)))) || (0 == systemActive)) || ((((\result == 1) && !((pumpRunning == 0))) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || (methaneLevelCritical < 1))) [2023-11-06 22:18:28,057 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((1 <= methaneLevelCritical) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && !((0 == systemActive))) || ((((!((pumpRunning == 0)) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && !((0 == systemActive)))) || (((((methaneLevelCritical == 0) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && !((0 == systemActive)))) [2023-11-06 22:18:28,057 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((pumpRunning == 0) && (waterLevel <= 1)) && (\result == 0)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive))) || !((methaneLevelCritical == 0))) || (0 == systemActive)) && (((((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive))) || (((((\result == 1) && (pumpRunning == 0)) && (tmp == 1)) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || (0 == systemActive)) || (methaneLevelCritical < 1))) && ((\old(pumpRunning) == 0) || (0 == systemActive))) [2023-11-06 22:18:28,057 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((((((waterLevel <= 1) && (\result == 0)) && (\old(waterLevel) == waterLevel)) && (\result <= 1)) && !((0 == systemActive))) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) && (\result <= 1))) || !((\old(pumpRunning) == 0))) || !((methaneLevelCritical == 0))) || (0 == systemActive)) && ((((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || (((waterLevel == 1) && (\result == 1)) && !((0 == systemActive)))) || !((methaneLevelCritical == 0))) || (0 == systemActive))) && (((((1 < \old(waterLevel)) || !((\old(pumpRunning) == 0))) || ((((!((pumpRunning == 0)) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) && (\result <= 1)) && !((0 == systemActive)))) || (0 == systemActive)) || (methaneLevelCritical < 1))) && ((((!((\old(pumpRunning) == 0)) || ((((!((pumpRunning == 0)) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) && (\result <= 1)) && !((0 == systemActive)))) || (0 == systemActive)) || ((((\result == 1) && !((pumpRunning == 0))) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || (methaneLevelCritical < 1))) && ((((1 < \old(waterLevel)) || (((waterLevel <= 1) && (\result <= 1)) && !((0 == systemActive)))) || (\old(pumpRunning) == 0)) || (0 == systemActive))) && ((((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || (((waterLevel == 1) && (\result == 1)) && !((0 == systemActive)))) || (0 == systemActive)) || (methaneLevelCritical < 1))) && ((!((pumpRunning == 0)) || (\old(pumpRunning) == 0)) || (0 == systemActive))) [2023-11-06 22:18:28,057 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) || !((methaneLevelCritical == 0))) || (0 == systemActive)) && ((((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) || (0 == systemActive)) || (((pumpRunning == 0) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || (methaneLevelCritical < 1))) && ((\old(pumpRunning) == 0) || (0 == systemActive))) [2023-11-06 22:18:28,058 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!((methaneLevelCritical == 0)) || (((((!((pumpRunning == 0)) && (waterLevel <= 1)) && (\result == 0)) && (tmp == 0)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive)))) || (0 == systemActive)) && ((((((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) || (((((\result == 1) && (pumpRunning == 0)) && (tmp == 1)) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || (((((\result == 1) && (tmp == 1)) && (tmp == 0)) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || ((((waterLevel <= 1) && (tmp == 0)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive)))) || (0 == systemActive)) || (methaneLevelCritical < 1))) && ((\old(pumpRunning) == 0) || (0 == systemActive))) [2023-11-06 22:18:28,058 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!((methaneLevelCritical == 0)) || (((((!((pumpRunning == 0)) && (waterLevel <= 1)) && (\result == 0)) && (tmp == 0)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive)))) || (0 == systemActive)) && ((\old(pumpRunning) == 0) || (0 == systemActive))) && (((((((!((pumpRunning == 0)) && (waterLevel <= 1)) && (tmp == 0)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive))) || ((((((\result == 1) && !((pumpRunning == 0))) && (tmp == 1)) && (tmp == 0)) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || (0 == systemActive)) || (methaneLevelCritical < 1))) [2023-11-06 22:18:28,058 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive))) || !((methaneLevelCritical == 0))) || (0 == systemActive)) && ((\old(pumpRunning) == 0) || (0 == systemActive))) && (((((((((\result == 1) && (pumpRunning == 0)) && (tmp == 0)) && (\result == 0)) && (\old(waterLevel) == waterLevel)) && (tmp___0 == 1)) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive)))) || (0 == systemActive)) || (methaneLevelCritical < 1))) [2023-11-06 22:18:28,058 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!((\old(pumpRunning) == 0)) || (0 == systemActive)) || (methaneLevelCritical < 1)) || (((((\result == 1) && !((pumpRunning == 0))) && !((\result == 0))) && (\result == 0)) && (\old(waterLevel) == waterLevel))) && ((!((\old(pumpRunning) == 0)) || !((methaneLevelCritical == 0))) || (0 == systemActive))) && (((1 < \old(waterLevel)) || (\old(pumpRunning) == 0)) || (0 == systemActive))) && (((!((pumpRunning == 0)) && !((\result == 0))) || (\old(pumpRunning) == 0)) || (0 == systemActive))) && (((1 < \old(waterLevel)) || (0 == systemActive)) || (methaneLevelCritical < 1))) [2023-11-06 22:18:28,058 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((0 == systemActive) || (methaneLevelCritical < 1)) && ((\old(pumpRunning) == 0) || (0 == systemActive))) && (!((methaneLevelCritical == 0)) || (0 == systemActive))) [2023-11-06 22:18:28,073 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_788a1512-0fbe-437c-a3de-f5ec19c93461/bin/uautomizer-verify-WvqO1wxjHP/witness.graphml.graphml [2023-11-06 22:18:28,073 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_788a1512-0fbe-437c-a3de-f5ec19c93461/bin/uautomizer-verify-WvqO1wxjHP/witness.graphml.yaml [2023-11-06 22:18:28,074 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2023-11-06 22:18:28,074 INFO L158 Benchmark]: Toolchain (without parser) took 11272.90ms. Allocated memory was 136.3MB in the beginning and 197.1MB in the end (delta: 60.8MB). Free memory was 104.0MB in the beginning and 116.2MB in the end (delta: -12.2MB). Peak memory consumption was 50.4MB. Max. memory is 16.1GB. [2023-11-06 22:18:28,075 INFO L158 Benchmark]: CDTParser took 0.38ms. Allocated memory is still 107.0MB. Free memory is still 59.8MB. There was no memory consumed. Max. memory is 16.1GB. [2023-11-06 22:18:28,075 INFO L158 Benchmark]: CACSL2BoogieTranslator took 464.82ms. Allocated memory is still 136.3MB. Free memory was 103.7MB in the beginning and 84.8MB in the end (delta: 18.9MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2023-11-06 22:18:28,076 INFO L158 Benchmark]: Boogie Procedure Inliner took 64.62ms. Allocated memory is still 136.3MB. Free memory was 84.8MB in the beginning and 82.3MB in the end (delta: 2.5MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2023-11-06 22:18:28,076 INFO L158 Benchmark]: Boogie Preprocessor took 67.32ms. Allocated memory is still 136.3MB. Free memory was 82.3MB in the beginning and 80.8MB in the end (delta: 1.5MB). There was no memory consumed. Max. memory is 16.1GB. [2023-11-06 22:18:28,077 INFO L158 Benchmark]: RCFGBuilder took 480.95ms. Allocated memory is still 136.3MB. Free memory was 80.8MB in the beginning and 103.8MB in the end (delta: -23.1MB). Peak memory consumption was 21.3MB. Max. memory is 16.1GB. [2023-11-06 22:18:28,077 INFO L158 Benchmark]: TraceAbstraction took 10076.12ms. Allocated memory was 136.3MB in the beginning and 197.1MB in the end (delta: 60.8MB). Free memory was 103.3MB in the beginning and 123.5MB in the end (delta: -20.3MB). Peak memory consumption was 113.0MB. Max. memory is 16.1GB. [2023-11-06 22:18:28,078 INFO L158 Benchmark]: Witness Printer took 110.61ms. Allocated memory is still 197.1MB. Free memory was 123.5MB in the beginning and 116.2MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2023-11-06 22:18:28,081 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.38ms. Allocated memory is still 107.0MB. Free memory is still 59.8MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 464.82ms. Allocated memory is still 136.3MB. Free memory was 103.7MB in the beginning and 84.8MB in the end (delta: 18.9MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 64.62ms. Allocated memory is still 136.3MB. Free memory was 84.8MB in the beginning and 82.3MB in the end (delta: 2.5MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 67.32ms. Allocated memory is still 136.3MB. Free memory was 82.3MB in the beginning and 80.8MB in the end (delta: 1.5MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 480.95ms. Allocated memory is still 136.3MB. Free memory was 80.8MB in the beginning and 103.8MB in the end (delta: -23.1MB). Peak memory consumption was 21.3MB. Max. memory is 16.1GB. * TraceAbstraction took 10076.12ms. Allocated memory was 136.3MB in the beginning and 197.1MB in the end (delta: 60.8MB). Free memory was 103.3MB in the beginning and 123.5MB in the end (delta: -20.3MB). Peak memory consumption was 113.0MB. Max. memory is 16.1GB. * Witness Printer took 110.61ms. Allocated memory is still 197.1MB. Free memory was 123.5MB in the beginning and 116.2MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [49] - GenericResultAtLocation [Line: 153]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [153] - GenericResultAtLocation [Line: 221]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [221] - GenericResultAtLocation [Line: 407]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [407] - GenericResultAtLocation [Line: 502]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [502] - GenericResultAtLocation [Line: 511]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [511] - GenericResultAtLocation [Line: 546]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [546] - GenericResultAtLocation [Line: 912]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification3_spec.i","") [912] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 507]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 82 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 10.0s, OverallIterations: 11, TraceHistogramMax: 2, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 2.4s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 4.7s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 980 SdHoareTripleChecker+Valid, 1.1s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 952 mSDsluCounter, 3074 SdHoareTripleChecker+Invalid, 0.9s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2191 mSDsCounter, 148 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1125 IncrementalHoareTripleChecker+Invalid, 1273 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 148 mSolverCounterUnsat, 883 mSDtfsCounter, 1125 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 205 GetRequests, 122 SyntacticMatches, 0 SemanticMatches, 83 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 119 ImplicationChecksByTransitivity, 0.6s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=680occurred in iteration=9, InterpolantAutomatonStates: 84, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.5s AutomataMinimizationTime, 11 MinimizatonAttempts, 177 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 38 LocationsWithAnnotation, 1167 PreInvPairs, 1425 NumberOfFragments, 1687 HoareAnnotationTreeSize, 1167 FomulaSimplifications, 1785 FormulaSimplificationTreeSizeReduction, 0.5s HoareSimplificationTime, 38 FomulaSimplificationsInter, 9371 FormulaSimplificationTreeSizeReductionInter, 4.1s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.5s InterpolantComputationTime, 507 NumberOfCodeBlocks, 507 NumberOfCodeBlocksAsserted, 12 NumberOfCheckSat, 495 ConstructedInterpolants, 0 QuantifiedInterpolants, 946 SizeOfPredicates, 4 NumberOfNonLiveVariables, 224 ConjunctsInSsa, 15 ConjunctsInUnsatCore, 12 InterpolantComputations, 11 PerfectInterpolantSequences, 10/12 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 411]: Loop Invariant Derived loop invariant: (((((((1 < \old(waterLevel)) || (waterLevel <= 1)) || (\old(pumpRunning) == 0)) || (0 == systemActive)) && ((!((\old(pumpRunning) == 0)) || !((methaneLevelCritical == 0))) || (0 == systemActive))) && ((!((\old(pumpRunning) == 0)) || (0 == systemActive)) || (methaneLevelCritical < 1))) && ((!((pumpRunning == 0)) || (\old(pumpRunning) == 0)) || (0 == systemActive))) - InvariantResult [Line: 109]: Loop Invariant Derived loop invariant: ((((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (\result == 1)) && (tmp == 1)) && (waterLevel == 1)) && !((0 == systemActive))) - InvariantResult [Line: 52]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 399]: Loop Invariant Derived loop invariant: (((((((1 <= methaneLevelCritical) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && !((0 == systemActive))) || ((((!((pumpRunning == 0)) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && !((0 == systemActive)))) || (((((methaneLevelCritical == 0) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && !((0 == systemActive)))) - InvariantResult [Line: 503]: Loop Invariant Derived loop invariant: ((((0 == systemActive) || (methaneLevelCritical < 1)) && ((\old(pumpRunning) == 0) || (0 == systemActive))) && (!((methaneLevelCritical == 0)) || (0 == systemActive))) - InvariantResult [Line: 523]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel == 1)) && !((0 == systemActive))) - InvariantResult [Line: 155]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 479]: Loop Invariant Derived loop invariant: (((((((((((((((waterLevel <= 1) && (\result == 0)) && (\old(waterLevel) == waterLevel)) && (\result <= 1)) && !((0 == systemActive))) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) && (\result <= 1))) || !((\old(pumpRunning) == 0))) || !((methaneLevelCritical == 0))) || (0 == systemActive)) && ((((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || (((waterLevel == 1) && (\result == 1)) && !((0 == systemActive)))) || !((methaneLevelCritical == 0))) || (0 == systemActive))) && (((((1 < \old(waterLevel)) || !((\old(pumpRunning) == 0))) || ((((!((pumpRunning == 0)) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) && (\result <= 1)) && !((0 == systemActive)))) || (0 == systemActive)) || (methaneLevelCritical < 1))) && ((((!((\old(pumpRunning) == 0)) || ((((!((pumpRunning == 0)) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) && (\result <= 1)) && !((0 == systemActive)))) || (0 == systemActive)) || ((((\result == 1) && !((pumpRunning == 0))) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || (methaneLevelCritical < 1))) && ((((1 < \old(waterLevel)) || (((waterLevel <= 1) && (\result <= 1)) && !((0 == systemActive)))) || (\old(pumpRunning) == 0)) || (0 == systemActive))) && ((((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || (((waterLevel == 1) && (\result == 1)) && !((0 == systemActive)))) || (0 == systemActive)) || (methaneLevelCritical < 1))) && ((!((pumpRunning == 0)) || (\old(pumpRunning) == 0)) || (0 == systemActive))) - InvariantResult [Line: 537]: Loop Invariant Derived loop invariant: (((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (\result == 1)) && (waterLevel == 1)) && !((0 == systemActive))) - InvariantResult [Line: 913]: Loop Invariant Derived loop invariant: (((((((!((\old(pumpRunning) == 0)) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive)))) || !((methaneLevelCritical == 0))) || ((((waterLevel <= 1) && (\result == 0)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive)))) || (0 == systemActive)) && ((((1 < \old(waterLevel)) || ((waterLevel <= 1) && !((0 == systemActive)))) || (\old(pumpRunning) == 0)) || (0 == systemActive))) && ((!((pumpRunning == 0)) || (\old(pumpRunning) == 0)) || (0 == systemActive))) && ((((((!((\old(pumpRunning) == 0)) || ((((\result == 1) && (\result == 0)) && (\old(waterLevel) == waterLevel)) && !((tmp == 0)))) || (((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) && !((tmp == 0))) && !((0 == systemActive)))) || (((!((pumpRunning == 0)) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive)))) || (0 == systemActive)) || ((((\result == 1) && !((pumpRunning == 0))) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || (methaneLevelCritical < 1))) - InvariantResult [Line: 324]: Loop Invariant Derived loop invariant: (((((((((pumpRunning == 0) && (waterLevel <= 1)) && (\result == 0)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive))) || !((methaneLevelCritical == 0))) || (0 == systemActive)) && (((((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive))) || (((((\result == 1) && (pumpRunning == 0)) && (tmp == 1)) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || (0 == systemActive)) || (methaneLevelCritical < 1))) && ((\old(pumpRunning) == 0) || (0 == systemActive))) - InvariantResult [Line: 265]: Loop Invariant Derived loop invariant: ((((((((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) || !((\old(pumpRunning) == 0))) || !((methaneLevelCritical == 0))) || ((((waterLevel <= 1) && (\result == 0)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive)))) || (0 == systemActive)) && ((((1 < \old(waterLevel)) || ((waterLevel <= 1) && !((0 == systemActive)))) || (\old(pumpRunning) == 0)) || (0 == systemActive))) && ((((!((\old(pumpRunning) == 0)) || ((((\result == 1) && (tmp == 1)) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || (((waterLevel <= 1) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive)))) || (0 == systemActive)) || (methaneLevelCritical < 1))) && ((!((pumpRunning == 0)) || (\old(pumpRunning) == 0)) || (0 == systemActive))) - InvariantResult [Line: 290]: Loop Invariant Derived loop invariant: ((((!((methaneLevelCritical == 0)) || (((((!((pumpRunning == 0)) && (waterLevel <= 1)) && (\result == 0)) && (tmp == 0)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive)))) || (0 == systemActive)) && ((\old(pumpRunning) == 0) || (0 == systemActive))) && (((((((!((pumpRunning == 0)) && (waterLevel <= 1)) && (tmp == 0)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive))) || ((((((\result == 1) && !((pumpRunning == 0))) && (tmp == 1)) && (tmp == 0)) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || (0 == systemActive)) || (methaneLevelCritical < 1))) - InvariantResult [Line: 530]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel == 1)) && !((0 == systemActive))) - InvariantResult [Line: 164]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 488]: Loop Invariant Derived loop invariant: (((((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) || !((methaneLevelCritical == 0))) || (0 == systemActive)) && ((((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) || (0 == systemActive)) || (((pumpRunning == 0) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || (methaneLevelCritical < 1))) && ((\old(pumpRunning) == 0) || (0 == systemActive))) - InvariantResult [Line: 165]: Loop Invariant Derived loop invariant: ((((((((methaneLevelCritical == 0) && (\result == 1)) && (tmp == 1)) && (waterLevel <= 1)) && (splverifierCounter == 0)) && !((0 == systemActive))) || (((((1 <= methaneLevelCritical) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && !((0 == systemActive)))) || ((((!((pumpRunning == 0)) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && !((0 == systemActive)))) - InvariantResult [Line: 130]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 335]: Loop Invariant Derived loop invariant: (((((((!((\old(pumpRunning) == 0)) || (0 == systemActive)) || (methaneLevelCritical < 1)) || (((((\result == 1) && !((pumpRunning == 0))) && !((\result == 0))) && (\result == 0)) && (\old(waterLevel) == waterLevel))) && ((!((\old(pumpRunning) == 0)) || !((methaneLevelCritical == 0))) || (0 == systemActive))) && (((1 < \old(waterLevel)) || (\old(pumpRunning) == 0)) || (0 == systemActive))) && (((!((pumpRunning == 0)) && !((\result == 0))) || (\old(pumpRunning) == 0)) || (0 == systemActive))) && (((1 < \old(waterLevel)) || (0 == systemActive)) || (methaneLevelCritical < 1))) - InvariantResult [Line: 299]: Loop Invariant Derived loop invariant: ((((!((methaneLevelCritical == 0)) || (((((!((pumpRunning == 0)) && (waterLevel <= 1)) && (\result == 0)) && (tmp == 0)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive)))) || (0 == systemActive)) && ((((((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) || (((((\result == 1) && (pumpRunning == 0)) && (tmp == 1)) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || (((((\result == 1) && (tmp == 1)) && (tmp == 0)) && (\result == 0)) && (\old(waterLevel) == waterLevel))) || ((((waterLevel <= 1) && (tmp == 0)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive)))) || (0 == systemActive)) || (methaneLevelCritical < 1))) && ((\old(pumpRunning) == 0) || (0 == systemActive))) - InvariantResult [Line: 62]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 380]: Loop Invariant Derived loop invariant: ((((((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive))) || !((methaneLevelCritical == 0))) || (0 == systemActive)) && ((\old(pumpRunning) == 0) || (0 == systemActive))) && (((((((((\result == 1) && (pumpRunning == 0)) && (tmp == 0)) && (\result == 0)) && (\old(waterLevel) == waterLevel)) && (tmp___0 == 1)) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (\old(waterLevel) == waterLevel)) && !((0 == systemActive)))) || (0 == systemActive)) || (methaneLevelCritical < 1))) - InvariantResult [Line: 117]: Loop Invariant Derived loop invariant: 1 RESULT: Ultimate proved your program to be correct! [2023-11-06 22:18:28,133 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_788a1512-0fbe-437c-a3de-f5ec19c93461/bin/uautomizer-verify-WvqO1wxjHP/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE