./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product34.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version e7bb482b Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_815ca28d-f25b-4454-9b03-369d7313dd96/bin/uautomizer-verify-WvqO1wxjHP/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_815ca28d-f25b-4454-9b03-369d7313dd96/bin/uautomizer-verify-WvqO1wxjHP/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_815ca28d-f25b-4454-9b03-369d7313dd96/bin/uautomizer-verify-WvqO1wxjHP/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_815ca28d-f25b-4454-9b03-369d7313dd96/bin/uautomizer-verify-WvqO1wxjHP/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product34.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_815ca28d-f25b-4454-9b03-369d7313dd96/bin/uautomizer-verify-WvqO1wxjHP/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_815ca28d-f25b-4454-9b03-369d7313dd96/bin/uautomizer-verify-WvqO1wxjHP --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 86e7038cbd7079ed991c0d8924416f9d170b15a53536a052f3097e1f394171ef --- Real Ultimate output --- This is Ultimate 0.2.3-dev-e7bb482 [2023-11-06 22:39:00,320 INFO L188 SettingsManager]: Resetting all preferences to default values... [2023-11-06 22:39:00,390 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_815ca28d-f25b-4454-9b03-369d7313dd96/bin/uautomizer-verify-WvqO1wxjHP/config/svcomp-Reach-32bit-Automizer_Default.epf [2023-11-06 22:39:00,395 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2023-11-06 22:39:00,396 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2023-11-06 22:39:00,422 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2023-11-06 22:39:00,422 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2023-11-06 22:39:00,423 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2023-11-06 22:39:00,424 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2023-11-06 22:39:00,424 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2023-11-06 22:39:00,425 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2023-11-06 22:39:00,426 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2023-11-06 22:39:00,426 INFO L153 SettingsManager]: * Use SBE=true [2023-11-06 22:39:00,427 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2023-11-06 22:39:00,427 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2023-11-06 22:39:00,428 INFO L153 SettingsManager]: * sizeof long=4 [2023-11-06 22:39:00,429 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2023-11-06 22:39:00,429 INFO L153 SettingsManager]: * sizeof POINTER=4 [2023-11-06 22:39:00,430 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2023-11-06 22:39:00,430 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2023-11-06 22:39:00,431 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2023-11-06 22:39:00,432 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2023-11-06 22:39:00,432 INFO L153 SettingsManager]: * sizeof long double=12 [2023-11-06 22:39:00,433 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2023-11-06 22:39:00,433 INFO L153 SettingsManager]: * Use constant arrays=true [2023-11-06 22:39:00,434 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2023-11-06 22:39:00,435 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2023-11-06 22:39:00,435 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2023-11-06 22:39:00,436 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2023-11-06 22:39:00,436 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2023-11-06 22:39:00,437 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2023-11-06 22:39:00,437 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2023-11-06 22:39:00,438 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2023-11-06 22:39:00,438 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2023-11-06 22:39:00,439 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2023-11-06 22:39:00,439 INFO L153 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2023-11-06 22:39:00,440 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2023-11-06 22:39:00,440 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2023-11-06 22:39:00,440 INFO L153 SettingsManager]: * Independence relation used for large block encoding in concurrent analysis=SYNTACTIC [2023-11-06 22:39:00,441 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_815ca28d-f25b-4454-9b03-369d7313dd96/bin/uautomizer-verify-WvqO1wxjHP/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_815ca28d-f25b-4454-9b03-369d7313dd96/bin/uautomizer-verify-WvqO1wxjHP Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 86e7038cbd7079ed991c0d8924416f9d170b15a53536a052f3097e1f394171ef [2023-11-06 22:39:00,700 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2023-11-06 22:39:00,721 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2023-11-06 22:39:00,724 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2023-11-06 22:39:00,725 INFO L270 PluginConnector]: Initializing CDTParser... [2023-11-06 22:39:00,726 INFO L274 PluginConnector]: CDTParser initialized [2023-11-06 22:39:00,727 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_815ca28d-f25b-4454-9b03-369d7313dd96/bin/uautomizer-verify-WvqO1wxjHP/../../sv-benchmarks/c/product-lines/minepump_spec5_product34.cil.c [2023-11-06 22:39:03,837 INFO L533 CDTParser]: Created temporary CDT project at NULL [2023-11-06 22:39:04,107 INFO L384 CDTParser]: Found 1 translation units. [2023-11-06 22:39:04,108 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_815ca28d-f25b-4454-9b03-369d7313dd96/sv-benchmarks/c/product-lines/minepump_spec5_product34.cil.c [2023-11-06 22:39:04,123 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_815ca28d-f25b-4454-9b03-369d7313dd96/bin/uautomizer-verify-WvqO1wxjHP/data/ac0661da5/c0c66c127e674ec5816f0cb5552eb0c4/FLAGa4b4c3876 [2023-11-06 22:39:04,138 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_815ca28d-f25b-4454-9b03-369d7313dd96/bin/uautomizer-verify-WvqO1wxjHP/data/ac0661da5/c0c66c127e674ec5816f0cb5552eb0c4 [2023-11-06 22:39:04,141 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2023-11-06 22:39:04,142 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2023-11-06 22:39:04,144 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2023-11-06 22:39:04,144 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2023-11-06 22:39:04,150 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2023-11-06 22:39:04,151 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 06.11 10:39:04" (1/1) ... [2023-11-06 22:39:04,152 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@2fca9ca7 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:39:04, skipping insertion in model container [2023-11-06 22:39:04,153 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 06.11 10:39:04" (1/1) ... [2023-11-06 22:39:04,203 INFO L177 MainTranslator]: Built tables and reachable declarations [2023-11-06 22:39:04,368 WARN L240 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_815ca28d-f25b-4454-9b03-369d7313dd96/sv-benchmarks/c/product-lines/minepump_spec5_product34.cil.c[2141,2154] [2023-11-06 22:39:04,458 INFO L209 PostProcessor]: Analyzing one entry point: main [2023-11-06 22:39:04,476 INFO L202 MainTranslator]: Completed pre-run [2023-11-06 22:39:04,486 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [49] [2023-11-06 22:39:04,488 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [87] [2023-11-06 22:39:04,488 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [96] [2023-11-06 22:39:04,488 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [462] [2023-11-06 22:39:04,489 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [563] [2023-11-06 22:39:04,489 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [633] [2023-11-06 22:39:04,489 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [802] [2023-11-06 22:39:04,489 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [851] [2023-11-06 22:39:04,495 WARN L240 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_815ca28d-f25b-4454-9b03-369d7313dd96/sv-benchmarks/c/product-lines/minepump_spec5_product34.cil.c[2141,2154] [2023-11-06 22:39:04,543 INFO L209 PostProcessor]: Analyzing one entry point: main [2023-11-06 22:39:04,562 INFO L206 MainTranslator]: Completed translation [2023-11-06 22:39:04,563 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:39:04 WrapperNode [2023-11-06 22:39:04,563 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2023-11-06 22:39:04,564 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2023-11-06 22:39:04,564 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2023-11-06 22:39:04,565 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2023-11-06 22:39:04,572 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:39:04" (1/1) ... [2023-11-06 22:39:04,587 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:39:04" (1/1) ... [2023-11-06 22:39:04,632 INFO L138 Inliner]: procedures = 55, calls = 97, calls flagged for inlining = 23, calls inlined = 19, statements flattened = 178 [2023-11-06 22:39:04,633 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2023-11-06 22:39:04,633 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2023-11-06 22:39:04,634 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2023-11-06 22:39:04,634 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2023-11-06 22:39:04,644 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:39:04" (1/1) ... [2023-11-06 22:39:04,645 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:39:04" (1/1) ... [2023-11-06 22:39:04,659 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:39:04" (1/1) ... [2023-11-06 22:39:04,661 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:39:04" (1/1) ... [2023-11-06 22:39:04,666 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:39:04" (1/1) ... [2023-11-06 22:39:04,684 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:39:04" (1/1) ... [2023-11-06 22:39:04,686 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:39:04" (1/1) ... [2023-11-06 22:39:04,687 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:39:04" (1/1) ... [2023-11-06 22:39:04,690 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2023-11-06 22:39:04,694 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2023-11-06 22:39:04,694 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2023-11-06 22:39:04,694 INFO L274 PluginConnector]: RCFGBuilder initialized [2023-11-06 22:39:04,695 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:39:04" (1/1) ... [2023-11-06 22:39:04,703 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2023-11-06 22:39:04,715 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_815ca28d-f25b-4454-9b03-369d7313dd96/bin/uautomizer-verify-WvqO1wxjHP/z3 [2023-11-06 22:39:04,732 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_815ca28d-f25b-4454-9b03-369d7313dd96/bin/uautomizer-verify-WvqO1wxjHP/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2023-11-06 22:39:04,772 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_815ca28d-f25b-4454-9b03-369d7313dd96/bin/uautomizer-verify-WvqO1wxjHP/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2023-11-06 22:39:04,785 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2023-11-06 22:39:04,785 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2023-11-06 22:39:04,785 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2023-11-06 22:39:04,786 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2023-11-06 22:39:04,787 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2023-11-06 22:39:04,788 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2023-11-06 22:39:04,788 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2023-11-06 22:39:04,788 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2023-11-06 22:39:04,788 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2023-11-06 22:39:04,788 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2023-11-06 22:39:04,789 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2023-11-06 22:39:04,789 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2023-11-06 22:39:04,789 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2023-11-06 22:39:04,789 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2023-11-06 22:39:04,789 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2023-11-06 22:39:04,790 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2023-11-06 22:39:04,879 INFO L236 CfgBuilder]: Building ICFG [2023-11-06 22:39:04,882 INFO L262 CfgBuilder]: Building CFG for each procedure with an implementation [2023-11-06 22:39:05,239 INFO L277 CfgBuilder]: Performing block encoding [2023-11-06 22:39:05,261 INFO L297 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2023-11-06 22:39:05,262 INFO L302 CfgBuilder]: Removed 2 assume(true) statements. [2023-11-06 22:39:05,264 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 06.11 10:39:05 BoogieIcfgContainer [2023-11-06 22:39:05,265 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2023-11-06 22:39:05,271 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2023-11-06 22:39:05,272 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2023-11-06 22:39:05,276 INFO L274 PluginConnector]: TraceAbstraction initialized [2023-11-06 22:39:05,277 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 06.11 10:39:04" (1/3) ... [2023-11-06 22:39:05,278 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4e8d1c11 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 06.11 10:39:05, skipping insertion in model container [2023-11-06 22:39:05,278 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:39:04" (2/3) ... [2023-11-06 22:39:05,280 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4e8d1c11 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 06.11 10:39:05, skipping insertion in model container [2023-11-06 22:39:05,281 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 06.11 10:39:05" (3/3) ... [2023-11-06 22:39:05,282 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product34.cil.c [2023-11-06 22:39:05,304 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2023-11-06 22:39:05,305 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2023-11-06 22:39:05,396 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2023-11-06 22:39:05,404 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@1b098ff9, mLbeIndependenceSettings=[IndependenceType=SYNTACTIC, AbstractionType=NONE, UseConditional=, UseSemiCommutativity=, Solver=, SolverTimeout=] [2023-11-06 22:39:05,405 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2023-11-06 22:39:05,410 INFO L276 IsEmpty]: Start isEmpty. Operand has 81 states, 63 states have (on average 1.380952380952381) internal successors, (87), 69 states have internal predecessors, (87), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2023-11-06 22:39:05,424 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2023-11-06 22:39:05,424 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:39:05,425 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:39:05,426 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:39:05,434 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:39:05,434 INFO L85 PathProgramCache]: Analyzing trace with hash -1727540319, now seen corresponding path program 1 times [2023-11-06 22:39:05,449 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:39:05,449 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1047616966] [2023-11-06 22:39:05,450 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:39:05,450 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:39:05,622 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:05,745 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2023-11-06 22:39:05,754 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:05,766 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2023-11-06 22:39:05,773 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:05,780 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2023-11-06 22:39:05,781 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:39:05,782 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1047616966] [2023-11-06 22:39:05,782 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1047616966] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:39:05,783 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:39:05,783 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2023-11-06 22:39:05,785 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1537597062] [2023-11-06 22:39:05,786 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:39:05,791 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2023-11-06 22:39:05,791 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:39:05,836 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2023-11-06 22:39:05,837 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2023-11-06 22:39:05,841 INFO L87 Difference]: Start difference. First operand has 81 states, 63 states have (on average 1.380952380952381) internal successors, (87), 69 states have internal predecessors, (87), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2023-11-06 22:39:05,875 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:39:05,875 INFO L93 Difference]: Finished difference Result 153 states and 208 transitions. [2023-11-06 22:39:05,876 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2023-11-06 22:39:05,878 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2023-11-06 22:39:05,878 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:39:05,886 INFO L225 Difference]: With dead ends: 153 [2023-11-06 22:39:05,886 INFO L226 Difference]: Without dead ends: 72 [2023-11-06 22:39:05,890 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2023-11-06 22:39:05,894 INFO L413 NwaCegarLoop]: 101 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 101 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-11-06 22:39:05,895 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 101 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-11-06 22:39:05,911 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 72 states. [2023-11-06 22:39:05,934 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 72 to 72. [2023-11-06 22:39:05,936 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 72 states, 56 states have (on average 1.3035714285714286) internal successors, (73), 61 states have internal predecessors, (73), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2023-11-06 22:39:05,939 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 72 states to 72 states and 92 transitions. [2023-11-06 22:39:05,941 INFO L78 Accepts]: Start accepts. Automaton has 72 states and 92 transitions. Word has length 32 [2023-11-06 22:39:05,941 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:39:05,941 INFO L495 AbstractCegarLoop]: Abstraction has 72 states and 92 transitions. [2023-11-06 22:39:05,942 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2023-11-06 22:39:05,942 INFO L276 IsEmpty]: Start isEmpty. Operand 72 states and 92 transitions. [2023-11-06 22:39:05,945 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2023-11-06 22:39:05,945 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:39:05,945 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:39:05,945 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2023-11-06 22:39:05,946 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:39:05,947 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:39:05,947 INFO L85 PathProgramCache]: Analyzing trace with hash -1451153767, now seen corresponding path program 1 times [2023-11-06 22:39:05,947 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:39:05,947 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1600225719] [2023-11-06 22:39:05,948 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:39:05,948 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:39:05,972 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:06,084 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2023-11-06 22:39:06,089 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:06,100 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2023-11-06 22:39:06,109 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:06,113 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2023-11-06 22:39:06,114 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:39:06,114 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1600225719] [2023-11-06 22:39:06,115 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1600225719] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:39:06,115 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:39:06,115 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2023-11-06 22:39:06,116 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [280056311] [2023-11-06 22:39:06,116 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:39:06,118 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2023-11-06 22:39:06,119 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:39:06,120 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2023-11-06 22:39:06,120 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-11-06 22:39:06,122 INFO L87 Difference]: Start difference. First operand 72 states and 92 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2023-11-06 22:39:06,159 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:39:06,161 INFO L93 Difference]: Finished difference Result 108 states and 138 transitions. [2023-11-06 22:39:06,161 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2023-11-06 22:39:06,162 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2023-11-06 22:39:06,162 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:39:06,166 INFO L225 Difference]: With dead ends: 108 [2023-11-06 22:39:06,168 INFO L226 Difference]: Without dead ends: 63 [2023-11-06 22:39:06,170 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-11-06 22:39:06,172 INFO L413 NwaCegarLoop]: 79 mSDtfsCounter, 13 mSDsluCounter, 62 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 141 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-11-06 22:39:06,176 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [16 Valid, 141 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-11-06 22:39:06,177 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 63 states. [2023-11-06 22:39:06,186 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 63 to 63. [2023-11-06 22:39:06,189 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 63 states, 50 states have (on average 1.32) internal successors, (66), 55 states have internal predecessors, (66), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2023-11-06 22:39:06,197 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 63 states to 63 states and 80 transitions. [2023-11-06 22:39:06,200 INFO L78 Accepts]: Start accepts. Automaton has 63 states and 80 transitions. Word has length 33 [2023-11-06 22:39:06,200 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:39:06,201 INFO L495 AbstractCegarLoop]: Abstraction has 63 states and 80 transitions. [2023-11-06 22:39:06,201 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2023-11-06 22:39:06,202 INFO L276 IsEmpty]: Start isEmpty. Operand 63 states and 80 transitions. [2023-11-06 22:39:06,204 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2023-11-06 22:39:06,206 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:39:06,206 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:39:06,207 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2023-11-06 22:39:06,207 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:39:06,208 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:39:06,208 INFO L85 PathProgramCache]: Analyzing trace with hash -1441161401, now seen corresponding path program 1 times [2023-11-06 22:39:06,208 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:39:06,208 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1501426357] [2023-11-06 22:39:06,209 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:39:06,210 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:39:06,251 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:06,397 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2023-11-06 22:39:06,400 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:06,403 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2023-11-06 22:39:06,405 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:06,407 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2023-11-06 22:39:06,408 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:39:06,408 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1501426357] [2023-11-06 22:39:06,408 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1501426357] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:39:06,408 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:39:06,408 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2023-11-06 22:39:06,409 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [180302020] [2023-11-06 22:39:06,409 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:39:06,409 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2023-11-06 22:39:06,410 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:39:06,410 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2023-11-06 22:39:06,411 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2023-11-06 22:39:06,411 INFO L87 Difference]: Start difference. First operand 63 states and 80 transitions. Second operand has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 6 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2023-11-06 22:39:06,573 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:39:06,573 INFO L93 Difference]: Finished difference Result 118 states and 153 transitions. [2023-11-06 22:39:06,574 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2023-11-06 22:39:06,575 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 6 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2023-11-06 22:39:06,576 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:39:06,577 INFO L225 Difference]: With dead ends: 118 [2023-11-06 22:39:06,578 INFO L226 Difference]: Without dead ends: 63 [2023-11-06 22:39:06,579 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2023-11-06 22:39:06,580 INFO L413 NwaCegarLoop]: 73 mSDtfsCounter, 105 mSDsluCounter, 88 mSDsCounter, 0 mSdLazyCounter, 33 mSolverCounterSat, 12 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 105 SdHoareTripleChecker+Valid, 161 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 12 IncrementalHoareTripleChecker+Valid, 33 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2023-11-06 22:39:06,580 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [105 Valid, 161 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [12 Valid, 33 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2023-11-06 22:39:06,581 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 63 states. [2023-11-06 22:39:06,598 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 63 to 63. [2023-11-06 22:39:06,598 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 63 states, 50 states have (on average 1.3) internal successors, (65), 55 states have internal predecessors, (65), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2023-11-06 22:39:06,599 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 63 states to 63 states and 79 transitions. [2023-11-06 22:39:06,599 INFO L78 Accepts]: Start accepts. Automaton has 63 states and 79 transitions. Word has length 38 [2023-11-06 22:39:06,601 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:39:06,601 INFO L495 AbstractCegarLoop]: Abstraction has 63 states and 79 transitions. [2023-11-06 22:39:06,601 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 5.166666666666667) internal successors, (31), 6 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2023-11-06 22:39:06,601 INFO L276 IsEmpty]: Start isEmpty. Operand 63 states and 79 transitions. [2023-11-06 22:39:06,603 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 44 [2023-11-06 22:39:06,603 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:39:06,603 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:39:06,604 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2023-11-06 22:39:06,604 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:39:06,604 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:39:06,605 INFO L85 PathProgramCache]: Analyzing trace with hash 700709160, now seen corresponding path program 1 times [2023-11-06 22:39:06,605 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:39:06,605 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1708310988] [2023-11-06 22:39:06,605 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:39:06,606 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:39:06,626 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:06,688 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2023-11-06 22:39:06,690 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:06,693 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2023-11-06 22:39:06,695 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:06,696 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 35 [2023-11-06 22:39:06,697 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:06,699 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2023-11-06 22:39:06,700 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:39:06,700 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1708310988] [2023-11-06 22:39:06,700 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1708310988] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:39:06,700 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:39:06,701 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2023-11-06 22:39:06,701 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1319251674] [2023-11-06 22:39:06,701 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:39:06,702 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2023-11-06 22:39:06,702 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:39:06,702 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2023-11-06 22:39:06,703 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-11-06 22:39:06,703 INFO L87 Difference]: Start difference. First operand 63 states and 79 transitions. Second operand has 3 states, 3 states have (on average 11.333333333333334) internal successors, (34), 3 states have internal predecessors, (34), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2023-11-06 22:39:06,731 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:39:06,731 INFO L93 Difference]: Finished difference Result 162 states and 208 transitions. [2023-11-06 22:39:06,732 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2023-11-06 22:39:06,732 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.333333333333334) internal successors, (34), 3 states have internal predecessors, (34), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 43 [2023-11-06 22:39:06,733 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:39:06,734 INFO L225 Difference]: With dead ends: 162 [2023-11-06 22:39:06,734 INFO L226 Difference]: Without dead ends: 107 [2023-11-06 22:39:06,735 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-11-06 22:39:06,737 INFO L413 NwaCegarLoop]: 92 mSDtfsCounter, 47 mSDsluCounter, 55 mSDsCounter, 0 mSdLazyCounter, 7 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 47 SdHoareTripleChecker+Valid, 147 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 7 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-11-06 22:39:06,737 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [47 Valid, 147 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 7 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-11-06 22:39:06,738 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 107 states. [2023-11-06 22:39:06,755 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 107 to 105. [2023-11-06 22:39:06,756 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 105 states, 82 states have (on average 1.2926829268292683) internal successors, (106), 88 states have internal predecessors, (106), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (14), 12 states have call predecessors, (14), 12 states have call successors, (14) [2023-11-06 22:39:06,757 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 105 states to 105 states and 132 transitions. [2023-11-06 22:39:06,760 INFO L78 Accepts]: Start accepts. Automaton has 105 states and 132 transitions. Word has length 43 [2023-11-06 22:39:06,760 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:39:06,760 INFO L495 AbstractCegarLoop]: Abstraction has 105 states and 132 transitions. [2023-11-06 22:39:06,761 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.333333333333334) internal successors, (34), 3 states have internal predecessors, (34), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2023-11-06 22:39:06,761 INFO L276 IsEmpty]: Start isEmpty. Operand 105 states and 132 transitions. [2023-11-06 22:39:06,762 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2023-11-06 22:39:06,765 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:39:06,765 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:39:06,765 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2023-11-06 22:39:06,766 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:39:06,766 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:39:06,766 INFO L85 PathProgramCache]: Analyzing trace with hash 1850730352, now seen corresponding path program 1 times [2023-11-06 22:39:06,767 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:39:06,767 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1898792939] [2023-11-06 22:39:06,767 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:39:06,767 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:39:06,797 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:06,937 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2023-11-06 22:39:06,940 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:06,942 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2023-11-06 22:39:06,944 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:06,949 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2023-11-06 22:39:06,949 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:39:06,950 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1898792939] [2023-11-06 22:39:06,950 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1898792939] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:39:06,950 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:39:06,950 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2023-11-06 22:39:06,953 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [846247031] [2023-11-06 22:39:06,953 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:39:06,955 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2023-11-06 22:39:06,956 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:39:06,958 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2023-11-06 22:39:06,958 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2023-11-06 22:39:06,958 INFO L87 Difference]: Start difference. First operand 105 states and 132 transitions. Second operand has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2023-11-06 22:39:07,033 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:39:07,034 INFO L93 Difference]: Finished difference Result 219 states and 281 transitions. [2023-11-06 22:39:07,035 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2023-11-06 22:39:07,035 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 47 [2023-11-06 22:39:07,036 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:39:07,039 INFO L225 Difference]: With dead ends: 219 [2023-11-06 22:39:07,040 INFO L226 Difference]: Without dead ends: 122 [2023-11-06 22:39:07,044 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2023-11-06 22:39:07,050 INFO L413 NwaCegarLoop]: 92 mSDtfsCounter, 17 mSDsluCounter, 255 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 19 SdHoareTripleChecker+Valid, 347 SdHoareTripleChecker+Invalid, 20 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-11-06 22:39:07,051 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [19 Valid, 347 Invalid, 20 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-11-06 22:39:07,054 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 122 states. [2023-11-06 22:39:07,081 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 122 to 108. [2023-11-06 22:39:07,082 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 108 states, 85 states have (on average 1.2823529411764707) internal successors, (109), 91 states have internal predecessors, (109), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (14), 12 states have call predecessors, (14), 12 states have call successors, (14) [2023-11-06 22:39:07,086 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 108 states to 108 states and 135 transitions. [2023-11-06 22:39:07,087 INFO L78 Accepts]: Start accepts. Automaton has 108 states and 135 transitions. Word has length 47 [2023-11-06 22:39:07,089 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:39:07,089 INFO L495 AbstractCegarLoop]: Abstraction has 108 states and 135 transitions. [2023-11-06 22:39:07,090 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.0) internal successors, (40), 5 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2023-11-06 22:39:07,090 INFO L276 IsEmpty]: Start isEmpty. Operand 108 states and 135 transitions. [2023-11-06 22:39:07,093 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2023-11-06 22:39:07,093 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:39:07,094 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:39:07,100 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2023-11-06 22:39:07,101 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:39:07,102 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:39:07,102 INFO L85 PathProgramCache]: Analyzing trace with hash 262382450, now seen corresponding path program 1 times [2023-11-06 22:39:07,103 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:39:07,103 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [60805075] [2023-11-06 22:39:07,103 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:39:07,104 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:39:07,124 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:07,182 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2023-11-06 22:39:07,184 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:07,185 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2023-11-06 22:39:07,187 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:07,189 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2023-11-06 22:39:07,189 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:39:07,189 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [60805075] [2023-11-06 22:39:07,190 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [60805075] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:39:07,190 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:39:07,190 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2023-11-06 22:39:07,190 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [863690509] [2023-11-06 22:39:07,190 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:39:07,191 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2023-11-06 22:39:07,191 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:39:07,192 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2023-11-06 22:39:07,192 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2023-11-06 22:39:07,192 INFO L87 Difference]: Start difference. First operand 108 states and 135 transitions. Second operand has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2023-11-06 22:39:07,226 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:39:07,226 INFO L93 Difference]: Finished difference Result 227 states and 291 transitions. [2023-11-06 22:39:07,227 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2023-11-06 22:39:07,227 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 47 [2023-11-06 22:39:07,227 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:39:07,228 INFO L225 Difference]: With dead ends: 227 [2023-11-06 22:39:07,229 INFO L226 Difference]: Without dead ends: 127 [2023-11-06 22:39:07,230 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2023-11-06 22:39:07,231 INFO L413 NwaCegarLoop]: 94 mSDtfsCounter, 20 mSDsluCounter, 168 mSDsCounter, 0 mSdLazyCounter, 10 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 22 SdHoareTripleChecker+Valid, 262 SdHoareTripleChecker+Invalid, 10 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 10 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-11-06 22:39:07,231 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [22 Valid, 262 Invalid, 10 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 10 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-11-06 22:39:07,232 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 127 states. [2023-11-06 22:39:07,247 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 127 to 110. [2023-11-06 22:39:07,247 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 110 states, 87 states have (on average 1.2758620689655173) internal successors, (111), 93 states have internal predecessors, (111), 12 states have call successors, (12), 10 states have call predecessors, (12), 10 states have return successors, (14), 12 states have call predecessors, (14), 12 states have call successors, (14) [2023-11-06 22:39:07,248 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 110 states to 110 states and 137 transitions. [2023-11-06 22:39:07,249 INFO L78 Accepts]: Start accepts. Automaton has 110 states and 137 transitions. Word has length 47 [2023-11-06 22:39:07,249 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:39:07,249 INFO L495 AbstractCegarLoop]: Abstraction has 110 states and 137 transitions. [2023-11-06 22:39:07,249 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2023-11-06 22:39:07,250 INFO L276 IsEmpty]: Start isEmpty. Operand 110 states and 137 transitions. [2023-11-06 22:39:07,250 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2023-11-06 22:39:07,251 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:39:07,251 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:39:07,251 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2023-11-06 22:39:07,251 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:39:07,252 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:39:07,252 INFO L85 PathProgramCache]: Analyzing trace with hash -1426561292, now seen corresponding path program 1 times [2023-11-06 22:39:07,252 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:39:07,252 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1990844407] [2023-11-06 22:39:07,253 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:39:07,253 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:39:07,270 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:07,400 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2023-11-06 22:39:07,401 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:07,404 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 39 [2023-11-06 22:39:07,419 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:07,421 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2023-11-06 22:39:07,421 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:39:07,421 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1990844407] [2023-11-06 22:39:07,421 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1990844407] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:39:07,421 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:39:07,421 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2023-11-06 22:39:07,421 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [248690800] [2023-11-06 22:39:07,422 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:39:07,422 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2023-11-06 22:39:07,422 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:39:07,423 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2023-11-06 22:39:07,423 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-11-06 22:39:07,423 INFO L87 Difference]: Start difference. First operand 110 states and 137 transitions. Second operand has 3 states, 3 states have (on average 13.333333333333334) internal successors, (40), 3 states have internal predecessors, (40), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2023-11-06 22:39:07,461 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:39:07,461 INFO L93 Difference]: Finished difference Result 261 states and 329 transitions. [2023-11-06 22:39:07,461 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2023-11-06 22:39:07,462 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 13.333333333333334) internal successors, (40), 3 states have internal predecessors, (40), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 47 [2023-11-06 22:39:07,462 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:39:07,464 INFO L225 Difference]: With dead ends: 261 [2023-11-06 22:39:07,464 INFO L226 Difference]: Without dead ends: 159 [2023-11-06 22:39:07,464 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-11-06 22:39:07,468 INFO L413 NwaCegarLoop]: 83 mSDtfsCounter, 39 mSDsluCounter, 64 mSDsCounter, 0 mSdLazyCounter, 10 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 39 SdHoareTripleChecker+Valid, 147 SdHoareTripleChecker+Invalid, 11 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 10 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-11-06 22:39:07,468 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [39 Valid, 147 Invalid, 11 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 10 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-11-06 22:39:07,471 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 159 states. [2023-11-06 22:39:07,502 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 159 to 157. [2023-11-06 22:39:07,503 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 157 states, 124 states have (on average 1.2580645161290323) internal successors, (156), 131 states have internal predecessors, (156), 18 states have call successors, (18), 15 states have call predecessors, (18), 14 states have return successors, (20), 17 states have call predecessors, (20), 18 states have call successors, (20) [2023-11-06 22:39:07,505 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 157 states to 157 states and 194 transitions. [2023-11-06 22:39:07,506 INFO L78 Accepts]: Start accepts. Automaton has 157 states and 194 transitions. Word has length 47 [2023-11-06 22:39:07,507 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:39:07,508 INFO L495 AbstractCegarLoop]: Abstraction has 157 states and 194 transitions. [2023-11-06 22:39:07,508 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 13.333333333333334) internal successors, (40), 3 states have internal predecessors, (40), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2023-11-06 22:39:07,508 INFO L276 IsEmpty]: Start isEmpty. Operand 157 states and 194 transitions. [2023-11-06 22:39:07,511 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2023-11-06 22:39:07,511 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:39:07,511 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:39:07,511 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2023-11-06 22:39:07,511 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:39:07,512 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:39:07,512 INFO L85 PathProgramCache]: Analyzing trace with hash -316039472, now seen corresponding path program 1 times [2023-11-06 22:39:07,512 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:39:07,512 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [455766525] [2023-11-06 22:39:07,513 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:39:07,513 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:39:07,532 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:07,665 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2023-11-06 22:39:07,670 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:07,673 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 34 [2023-11-06 22:39:07,676 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:07,679 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 41 [2023-11-06 22:39:07,680 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:07,694 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2023-11-06 22:39:07,694 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:39:07,694 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [455766525] [2023-11-06 22:39:07,694 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [455766525] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:39:07,695 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:39:07,695 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2023-11-06 22:39:07,695 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1362956238] [2023-11-06 22:39:07,695 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:39:07,696 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2023-11-06 22:39:07,696 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:39:07,696 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2023-11-06 22:39:07,697 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2023-11-06 22:39:07,697 INFO L87 Difference]: Start difference. First operand 157 states and 194 transitions. Second operand has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2023-11-06 22:39:07,803 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:39:07,803 INFO L93 Difference]: Finished difference Result 307 states and 382 transitions. [2023-11-06 22:39:07,804 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2023-11-06 22:39:07,804 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 49 [2023-11-06 22:39:07,804 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:39:07,806 INFO L225 Difference]: With dead ends: 307 [2023-11-06 22:39:07,807 INFO L226 Difference]: Without dead ends: 158 [2023-11-06 22:39:07,807 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2023-11-06 22:39:07,808 INFO L413 NwaCegarLoop]: 80 mSDtfsCounter, 30 mSDsluCounter, 262 mSDsCounter, 0 mSdLazyCounter, 52 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 31 SdHoareTripleChecker+Valid, 342 SdHoareTripleChecker+Invalid, 55 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 52 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2023-11-06 22:39:07,809 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [31 Valid, 342 Invalid, 55 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 52 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2023-11-06 22:39:07,810 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 158 states. [2023-11-06 22:39:07,828 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 158 to 155. [2023-11-06 22:39:07,828 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 155 states, 122 states have (on average 1.2295081967213115) internal successors, (150), 129 states have internal predecessors, (150), 18 states have call successors, (18), 15 states have call predecessors, (18), 14 states have return successors, (20), 17 states have call predecessors, (20), 18 states have call successors, (20) [2023-11-06 22:39:07,830 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 155 states to 155 states and 188 transitions. [2023-11-06 22:39:07,830 INFO L78 Accepts]: Start accepts. Automaton has 155 states and 188 transitions. Word has length 49 [2023-11-06 22:39:07,830 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:39:07,831 INFO L495 AbstractCegarLoop]: Abstraction has 155 states and 188 transitions. [2023-11-06 22:39:07,831 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.0) internal successors, (42), 5 states have internal predecessors, (42), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2023-11-06 22:39:07,831 INFO L276 IsEmpty]: Start isEmpty. Operand 155 states and 188 transitions. [2023-11-06 22:39:07,832 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 52 [2023-11-06 22:39:07,832 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:39:07,832 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:39:07,833 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2023-11-06 22:39:07,833 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:39:07,833 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:39:07,833 INFO L85 PathProgramCache]: Analyzing trace with hash -1105737062, now seen corresponding path program 1 times [2023-11-06 22:39:07,834 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:39:07,834 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [579827025] [2023-11-06 22:39:07,834 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:39:07,834 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:39:07,849 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:08,035 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2023-11-06 22:39:08,037 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:08,042 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2023-11-06 22:39:08,043 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:08,045 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 43 [2023-11-06 22:39:08,046 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:08,048 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2023-11-06 22:39:08,048 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:39:08,049 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [579827025] [2023-11-06 22:39:08,049 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [579827025] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:39:08,049 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:39:08,049 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2023-11-06 22:39:08,049 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1057718823] [2023-11-06 22:39:08,049 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:39:08,050 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2023-11-06 22:39:08,050 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:39:08,051 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2023-11-06 22:39:08,051 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2023-11-06 22:39:08,051 INFO L87 Difference]: Start difference. First operand 155 states and 188 transitions. Second operand has 8 states, 8 states have (on average 5.25) internal successors, (42), 7 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2023-11-06 22:39:08,489 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:39:08,489 INFO L93 Difference]: Finished difference Result 512 states and 654 transitions. [2023-11-06 22:39:08,490 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 16 states. [2023-11-06 22:39:08,490 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 5.25) internal successors, (42), 7 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 51 [2023-11-06 22:39:08,490 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:39:08,494 INFO L225 Difference]: With dead ends: 512 [2023-11-06 22:39:08,495 INFO L226 Difference]: Without dead ends: 411 [2023-11-06 22:39:08,496 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 27 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 17 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 58 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=95, Invalid=247, Unknown=0, NotChecked=0, Total=342 [2023-11-06 22:39:08,496 INFO L413 NwaCegarLoop]: 106 mSDtfsCounter, 340 mSDsluCounter, 380 mSDsCounter, 0 mSdLazyCounter, 198 mSolverCounterSat, 85 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 350 SdHoareTripleChecker+Valid, 486 SdHoareTripleChecker+Invalid, 283 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 85 IncrementalHoareTripleChecker+Valid, 198 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2023-11-06 22:39:08,497 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [350 Valid, 486 Invalid, 283 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [85 Valid, 198 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2023-11-06 22:39:08,498 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 411 states. [2023-11-06 22:39:08,547 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 411 to 397. [2023-11-06 22:39:08,549 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 397 states, 313 states have (on average 1.2044728434504792) internal successors, (377), 332 states have internal predecessors, (377), 45 states have call successors, (45), 33 states have call predecessors, (45), 38 states have return successors, (64), 43 states have call predecessors, (64), 45 states have call successors, (64) [2023-11-06 22:39:08,552 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 397 states to 397 states and 486 transitions. [2023-11-06 22:39:08,552 INFO L78 Accepts]: Start accepts. Automaton has 397 states and 486 transitions. Word has length 51 [2023-11-06 22:39:08,553 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:39:08,553 INFO L495 AbstractCegarLoop]: Abstraction has 397 states and 486 transitions. [2023-11-06 22:39:08,553 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 5.25) internal successors, (42), 7 states have internal predecessors, (42), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2023-11-06 22:39:08,553 INFO L276 IsEmpty]: Start isEmpty. Operand 397 states and 486 transitions. [2023-11-06 22:39:08,555 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 84 [2023-11-06 22:39:08,555 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:39:08,555 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:39:08,555 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2023-11-06 22:39:08,556 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:39:08,556 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:39:08,556 INFO L85 PathProgramCache]: Analyzing trace with hash -1979077538, now seen corresponding path program 1 times [2023-11-06 22:39:08,556 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:39:08,556 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [48646195] [2023-11-06 22:39:08,557 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:39:08,557 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:39:08,574 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:08,701 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2023-11-06 22:39:08,703 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:08,719 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2023-11-06 22:39:08,724 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:08,761 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2023-11-06 22:39:08,763 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:08,765 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 57 [2023-11-06 22:39:08,768 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:08,792 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 68 [2023-11-06 22:39:08,793 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:08,797 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 75 [2023-11-06 22:39:08,799 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:08,801 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 18 proven. 7 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2023-11-06 22:39:08,802 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:39:08,802 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [48646195] [2023-11-06 22:39:08,802 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [48646195] provided 0 perfect and 1 imperfect interpolant sequences [2023-11-06 22:39:08,802 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [86631260] [2023-11-06 22:39:08,802 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:39:08,802 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-11-06 22:39:08,802 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_815ca28d-f25b-4454-9b03-369d7313dd96/bin/uautomizer-verify-WvqO1wxjHP/z3 [2023-11-06 22:39:08,809 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_815ca28d-f25b-4454-9b03-369d7313dd96/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-11-06 22:39:08,822 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_815ca28d-f25b-4454-9b03-369d7313dd96/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2023-11-06 22:39:08,926 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:39:08,929 INFO L262 TraceCheckSpWp]: Trace formula consists of 297 conjuncts, 8 conjunts are in the unsatisfiable core [2023-11-06 22:39:08,937 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-11-06 22:39:09,161 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 23 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2023-11-06 22:39:09,161 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2023-11-06 22:39:09,395 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 19 proven. 6 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2023-11-06 22:39:09,395 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [86631260] provided 0 perfect and 2 imperfect interpolant sequences [2023-11-06 22:39:09,396 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2023-11-06 22:39:09,396 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 15 [2023-11-06 22:39:09,396 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1705069753] [2023-11-06 22:39:09,396 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2023-11-06 22:39:09,397 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2023-11-06 22:39:09,397 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:39:09,398 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2023-11-06 22:39:09,399 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=35, Invalid=175, Unknown=0, NotChecked=0, Total=210 [2023-11-06 22:39:09,399 INFO L87 Difference]: Start difference. First operand 397 states and 486 transitions. Second operand has 15 states, 15 states have (on average 6.933333333333334) internal successors, (104), 11 states have internal predecessors, (104), 5 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 5 states have call successors, (13) [2023-11-06 22:39:10,111 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:39:10,111 INFO L93 Difference]: Finished difference Result 630 states and 797 transitions. [2023-11-06 22:39:10,111 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2023-11-06 22:39:10,112 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 15 states have (on average 6.933333333333334) internal successors, (104), 11 states have internal predecessors, (104), 5 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 5 states have call successors, (13) Word has length 83 [2023-11-06 22:39:10,112 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:39:10,112 INFO L225 Difference]: With dead ends: 630 [2023-11-06 22:39:10,113 INFO L226 Difference]: Without dead ends: 0 [2023-11-06 22:39:10,115 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 211 GetRequests, 178 SyntacticMatches, 4 SemanticMatches, 29 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 166 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=176, Invalid=754, Unknown=0, NotChecked=0, Total=930 [2023-11-06 22:39:10,116 INFO L413 NwaCegarLoop]: 126 mSDtfsCounter, 244 mSDsluCounter, 784 mSDsCounter, 0 mSdLazyCounter, 535 mSolverCounterSat, 83 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 245 SdHoareTripleChecker+Valid, 910 SdHoareTripleChecker+Invalid, 618 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 83 IncrementalHoareTripleChecker+Valid, 535 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2023-11-06 22:39:10,117 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [245 Valid, 910 Invalid, 618 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [83 Valid, 535 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2023-11-06 22:39:10,118 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2023-11-06 22:39:10,118 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2023-11-06 22:39:10,118 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2023-11-06 22:39:10,118 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2023-11-06 22:39:10,118 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 83 [2023-11-06 22:39:10,118 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:39:10,119 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2023-11-06 22:39:10,119 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 15 states have (on average 6.933333333333334) internal successors, (104), 11 states have internal predecessors, (104), 5 states have call successors, (16), 6 states have call predecessors, (16), 6 states have return successors, (13), 7 states have call predecessors, (13), 5 states have call successors, (13) [2023-11-06 22:39:10,120 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2023-11-06 22:39:10,120 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2023-11-06 22:39:10,125 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2023-11-06 22:39:10,133 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_815ca28d-f25b-4454-9b03-369d7313dd96/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2023-11-06 22:39:10,331 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_815ca28d-f25b-4454-9b03-369d7313dd96/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-11-06 22:39:10,333 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2023-11-06 22:39:13,335 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 670 676) no Hoare annotation was computed. [2023-11-06 22:39:13,336 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 670 676) the Hoare annotation is: true [2023-11-06 22:39:13,336 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(lines 496 507) the Hoare annotation is: true [2023-11-06 22:39:13,336 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 496 507) no Hoare annotation was computed. [2023-11-06 22:39:13,336 INFO L899 garLoopResultBuilder]: For program point L500-1(lines 496 507) no Hoare annotation was computed. [2023-11-06 22:39:13,336 INFO L899 garLoopResultBuilder]: For program point L864(line 864) no Hoare annotation was computed. [2023-11-06 22:39:13,336 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 853 882) no Hoare annotation was computed. [2023-11-06 22:39:13,336 INFO L902 garLoopResultBuilder]: At program point L863-2(lines 863 877) the Hoare annotation is: true [2023-11-06 22:39:13,337 INFO L902 garLoopResultBuilder]: At program point L859(line 859) the Hoare annotation is: true [2023-11-06 22:39:13,337 INFO L899 garLoopResultBuilder]: For program point L859-1(line 859) no Hoare annotation was computed. [2023-11-06 22:39:13,337 INFO L902 garLoopResultBuilder]: At program point L878(lines 853 882) the Hoare annotation is: true [2023-11-06 22:39:13,337 INFO L899 garLoopResultBuilder]: For program point L874(line 874) no Hoare annotation was computed. [2023-11-06 22:39:13,337 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(lines 853 882) the Hoare annotation is: true [2023-11-06 22:39:13,337 INFO L899 garLoopResultBuilder]: For program point L867(lines 867 871) no Hoare annotation was computed. [2023-11-06 22:39:13,337 INFO L902 garLoopResultBuilder]: At program point L867-1(lines 867 871) the Hoare annotation is: true [2023-11-06 22:39:13,338 INFO L895 garLoopResultBuilder]: At program point L832(line 832) the Hoare annotation is: (let ((.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse5 (not (= |old(~waterLevel~0)| 2))) (.cse1 (< |old(~pumpRunning~0)| 1)) (.cse2 (<= 1 ~pumpRunning~0)) (.cse6 (= ~waterLevel~0 1)) (.cse3 (<= 1 ~switchedOnBeforeTS~0))) (and (or (< |old(~switchedOnBeforeTS~0)| 1) .cse0 .cse1 (and .cse2 (<= ~waterLevel~0 2) .cse3) (< 2 |old(~waterLevel~0)|)) (or .cse4 .cse0 .cse5) (or .cse4 (not (= |old(~waterLevel~0)| 1)) .cse0 (and (= ~pumpRunning~0 0) .cse6)) (or .cse0 .cse5 .cse1 (and .cse2 .cse6 .cse3)))) [2023-11-06 22:39:13,338 INFO L899 garLoopResultBuilder]: For program point L832-1(line 832) no Hoare annotation was computed. [2023-11-06 22:39:13,338 INFO L895 garLoopResultBuilder]: At program point L692(line 692) the Hoare annotation is: (let ((.cse5 (= 1 ~systemActive~0))) (let ((.cse2 (< |old(~pumpRunning~0)| 1)) (.cse4 (= ~pumpRunning~0 0)) (.cse6 (= |timeShift_processEnvironment_~tmp~4#1| 0)) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not .cse5)) (.cse1 (not (= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2) (or (< |old(~switchedOnBeforeTS~0)| 1) .cse0 .cse2 (< 2 |old(~waterLevel~0)|)) (or .cse3 (not (= |old(~waterLevel~0)| 1)) (and .cse4 .cse5 .cse6 (= ~waterLevel~0 1)) .cse0) (or (and .cse4 (= 2 ~waterLevel~0) .cse5 .cse6) .cse3 .cse0 .cse1)))) [2023-11-06 22:39:13,338 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 643 669) no Hoare annotation was computed. [2023-11-06 22:39:13,339 INFO L895 garLoopResultBuilder]: At program point isHighWaterSensorDry_returnLabel#1(lines 549 562) the Hoare annotation is: (let ((.cse2 (< |old(~pumpRunning~0)| 1)) (.cse1 (not (= |old(~waterLevel~0)| 2))) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse4 (= ~pumpRunning~0 0))) (and (or .cse0 .cse1 .cse2) (or (< |old(~switchedOnBeforeTS~0)| 1) .cse0 .cse2 (< 2 |old(~waterLevel~0)|)) (or .cse3 .cse0 (and .cse4 (= 2 ~waterLevel~0)) .cse1) (or .cse3 (not (= |old(~waterLevel~0)| 1)) .cse0 (and (= |timeShift_isHighWaterSensorDry_#res#1| 1) .cse4 (= ~waterLevel~0 1))))) [2023-11-06 22:39:13,339 INFO L895 garLoopResultBuilder]: At program point L697(line 697) the Hoare annotation is: (let ((.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse5 (not (= |old(~waterLevel~0)| 2))) (.cse1 (< |old(~pumpRunning~0)| 1)) (.cse2 (<= 1 ~pumpRunning~0)) (.cse3 (<= 1 ~switchedOnBeforeTS~0))) (and (or (< |old(~switchedOnBeforeTS~0)| 1) .cse0 .cse1 (and .cse2 (<= ~waterLevel~0 2) .cse3) (< 2 |old(~waterLevel~0)|)) (or .cse4 .cse0 .cse5) (or .cse4 (not (= |old(~waterLevel~0)| 1)) .cse0) (or .cse0 .cse5 .cse1 (and .cse2 (= ~waterLevel~0 1) .cse3)))) [2023-11-06 22:39:13,339 INFO L895 garLoopResultBuilder]: At program point L697-1(lines 678 702) the Hoare annotation is: (let ((.cse6 (= 1 ~systemActive~0))) (let ((.cse8 (not (= |old(~pumpRunning~0)| 0))) (.cse4 (= ~pumpRunning~0 0)) (.cse7 (= |timeShift_processEnvironment_~tmp~4#1| 0)) (.cse0 (not .cse6)) (.cse9 (not (= |old(~waterLevel~0)| 2))) (.cse1 (< |old(~pumpRunning~0)| 1)) (.cse2 (<= 1 ~pumpRunning~0)) (.cse10 (= ~waterLevel~0 1)) (.cse3 (<= 1 ~switchedOnBeforeTS~0))) (and (or (< |old(~switchedOnBeforeTS~0)| 1) .cse0 .cse1 (and .cse2 (<= ~waterLevel~0 2) .cse3) (< 2 |old(~waterLevel~0)|)) (let ((.cse5 (= 2 ~waterLevel~0))) (or (and .cse4 .cse5 .cse6 .cse7) .cse8 .cse0 (and .cse2 .cse5) .cse9)) (or .cse8 (not (= |old(~waterLevel~0)| 1)) (and .cse4 .cse6 .cse7 .cse10) .cse0) (or .cse0 .cse9 .cse1 (and .cse2 .cse10 .cse3))))) [2023-11-06 22:39:13,340 INFO L895 garLoopResultBuilder]: At program point getWaterLevel_returnLabel#1(lines 540 548) the Hoare annotation is: (let ((.cse1 (< |old(~pumpRunning~0)| 1)) (.cse6 (= ~waterLevel~0 1)) (.cse3 (<= 1 ~switchedOnBeforeTS~0)) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse5 (= ~pumpRunning~0 0)) (.cse7 (not (= |old(~waterLevel~0)| 2))) (.cse2 (<= 1 ~pumpRunning~0))) (and (or (< |old(~switchedOnBeforeTS~0)| 1) .cse0 .cse1 (and .cse2 (<= ~waterLevel~0 2) .cse3) (< 2 |old(~waterLevel~0)|)) (or .cse4 (not (= |old(~waterLevel~0)| 1)) .cse0 (and .cse5 .cse6)) (or .cse0 .cse7 .cse1 (and .cse2 .cse6 .cse3)) (let ((.cse8 (= 2 ~waterLevel~0)) (.cse9 (= 2 |timeShift_getWaterLevel_#res#1|))) (or .cse4 .cse0 (and .cse5 .cse8 .cse9) .cse7 (and .cse2 .cse8 .cse9))))) [2023-11-06 22:39:13,340 INFO L895 garLoopResultBuilder]: At program point L817(line 817) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= ~pumpRunning~0 0)) (.cse3 (not (= 1 ~systemActive~0))) (.cse5 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse6 (= 2 ~waterLevel~0)) (.cse1 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse7 (not (= |old(~waterLevel~0)| 2))) (.cse4 (< |old(~pumpRunning~0)| 1))) (and (or (and .cse0 .cse1 (= ~waterLevel~0 1)) .cse2 (not (= |old(~waterLevel~0)| 1)) .cse3) (or (< |old(~switchedOnBeforeTS~0)| 1) .cse3 .cse4 (and .cse5 .cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (< 2 |old(~waterLevel~0)|)) (or .cse2 .cse3 (and .cse0 .cse6 .cse1) .cse7) (or .cse3 (and .cse5 .cse6 .cse1) .cse7 .cse4))) [2023-11-06 22:39:13,340 INFO L899 garLoopResultBuilder]: For program point L817-1(line 817) no Hoare annotation was computed. [2023-11-06 22:39:13,340 INFO L899 garLoopResultBuilder]: For program point L784(lines 784 788) no Hoare annotation was computed. [2023-11-06 22:39:13,340 INFO L899 garLoopResultBuilder]: For program point L784-2(lines 784 788) no Hoare annotation was computed. [2023-11-06 22:39:13,340 INFO L899 garLoopResultBuilder]: For program point L553(lines 553 559) no Hoare annotation was computed. [2023-11-06 22:39:13,341 INFO L899 garLoopResultBuilder]: For program point L834(lines 834 844) no Hoare annotation was computed. [2023-11-06 22:39:13,341 INFO L899 garLoopResultBuilder]: For program point L830(lines 830 847) no Hoare annotation was computed. [2023-11-06 22:39:13,341 INFO L895 garLoopResultBuilder]: At program point L830-1(lines 822 850) the Hoare annotation is: (let ((.cse6 (= 1 ~systemActive~0))) (let ((.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (= ~pumpRunning~0 0)) (.cse0 (not .cse6)) (.cse11 (not (= |old(~waterLevel~0)| 2))) (.cse1 (< |old(~pumpRunning~0)| 1)) (.cse2 (<= 1 ~pumpRunning~0)) (.cse7 (= ~waterLevel~0 1)) (.cse3 (<= 1 ~switchedOnBeforeTS~0))) (and (or (< |old(~switchedOnBeforeTS~0)| 1) .cse0 .cse1 (and .cse2 (<= ~waterLevel~0 2) .cse3) (< 2 |old(~waterLevel~0)|)) (or .cse4 (and .cse5 .cse6 .cse7) (not (= |old(~waterLevel~0)| 1)) .cse0) (let ((.cse8 (= 2 ~waterLevel~0)) (.cse9 (= 2 |timeShift_getWaterLevel_#res#1|)) (.cse10 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~6#1| 2))) (or .cse4 .cse0 (and .cse2 .cse8 .cse9 .cse10) (and .cse5 .cse8 .cse9 .cse6 .cse10) .cse11)) (or .cse0 .cse11 .cse1 (and .cse2 .cse7 .cse3))))) [2023-11-06 22:39:13,341 INFO L895 garLoopResultBuilder]: At program point activatePump_returnLabel#1(lines 703 710) the Hoare annotation is: (let ((.cse2 (< |old(~pumpRunning~0)| 1)) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2) (or (< |old(~switchedOnBeforeTS~0)| 1) .cse0 .cse2 (< 2 |old(~waterLevel~0)|)) (or .cse3 (not (= |old(~waterLevel~0)| 1)) .cse0) (or .cse3 .cse0 (and (<= 1 ~pumpRunning~0) (= 2 ~waterLevel~0)) .cse1))) [2023-11-06 22:39:13,341 INFO L899 garLoopResultBuilder]: For program point L657-1(lines 657 663) no Hoare annotation was computed. [2023-11-06 22:39:13,341 INFO L899 garLoopResultBuilder]: For program point L686(lines 686 694) no Hoare annotation was computed. [2023-11-06 22:39:13,342 INFO L899 garLoopResultBuilder]: For program point L682(lines 682 699) no Hoare annotation was computed. [2023-11-06 22:39:13,342 INFO L895 garLoopResultBuilder]: At program point __automaton_fail_returnLabel#1(lines 88 95) the Hoare annotation is: (let ((.cse2 (not (= |old(~waterLevel~0)| 2))) (.cse3 (< |old(~pumpRunning~0)| 1)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2) (or .cse1 .cse2 .cse3) (or (< |old(~switchedOnBeforeTS~0)| 1) .cse1 .cse3 (< 2 |old(~waterLevel~0)|)) (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1))) [2023-11-06 22:39:13,342 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 643 669) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= ~pumpRunning~0 0)) (.cse3 (not (= 1 ~systemActive~0))) (.cse5 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse6 (= 2 ~waterLevel~0)) (.cse1 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse7 (not (= |old(~waterLevel~0)| 2))) (.cse4 (< |old(~pumpRunning~0)| 1))) (and (or (and .cse0 .cse1 (= ~waterLevel~0 1)) .cse2 (not (= |old(~waterLevel~0)| 1)) .cse3) (or (< |old(~switchedOnBeforeTS~0)| 1) .cse3 .cse4 (and .cse5 .cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (< 2 |old(~waterLevel~0)|)) (or .cse2 .cse3 (and .cse0 .cse6 .cse1) .cse7) (or .cse3 (and .cse5 .cse6 .cse1) .cse7 .cse4))) [2023-11-06 22:39:13,342 INFO L899 garLoopResultBuilder]: For program point L835(lines 835 841) no Hoare annotation was computed. [2023-11-06 22:39:13,342 INFO L895 garLoopResultBuilder]: At program point isHighWaterLevel_returnLabel#1(lines 775 793) the Hoare annotation is: (let ((.cse2 (< |old(~pumpRunning~0)| 1)) (.cse1 (not (= |old(~waterLevel~0)| 2))) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse4 (= ~pumpRunning~0 0))) (and (or .cse0 .cse1 .cse2) (or (< |old(~switchedOnBeforeTS~0)| 1) .cse0 .cse2 (< 2 |old(~waterLevel~0)|)) (or .cse3 .cse0 (and .cse4 (= 2 ~waterLevel~0)) .cse1) (or .cse3 (not (= |old(~waterLevel~0)| 1)) .cse0 (and .cse4 (= |timeShift_isHighWaterLevel_#res#1| 0) (= |timeShift_isHighWaterLevel_~tmp___0~1#1| 0) (= ~waterLevel~0 1))))) [2023-11-06 22:39:13,343 INFO L899 garLoopResultBuilder]: For program point L476(lines 476 480) no Hoare annotation was computed. [2023-11-06 22:39:13,343 INFO L899 garLoopResultBuilder]: For program point L92(line 92) no Hoare annotation was computed. [2023-11-06 22:39:13,343 INFO L895 garLoopResultBuilder]: At program point L476-2(lines 472 483) the Hoare annotation is: (let ((.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse5 (not (= |old(~waterLevel~0)| 2))) (.cse1 (< |old(~pumpRunning~0)| 1)) (.cse2 (<= 1 ~pumpRunning~0)) (.cse3 (<= 1 ~switchedOnBeforeTS~0))) (and (or (< |old(~switchedOnBeforeTS~0)| 1) .cse0 .cse1 (and .cse2 (<= ~waterLevel~0 2) .cse3) (< 2 |old(~waterLevel~0)|)) (or .cse4 .cse0 .cse5) (or .cse4 (not (= |old(~waterLevel~0)| 1)) .cse0) (or .cse0 .cse5 .cse1 (and .cse2 (= ~waterLevel~0 1) .cse3)))) [2023-11-06 22:39:13,343 INFO L895 garLoopResultBuilder]: At program point __utac_acc__Specification5_spec__2_returnLabel#1(lines 812 821) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= ~pumpRunning~0 0)) (.cse1 (not (= 1 ~systemActive~0))) (.cse4 (not (= |old(~waterLevel~0)| 2))) (.cse7 (< |old(~pumpRunning~0)| 1)) (.cse5 (<= 1 ~pumpRunning~0)) (.cse3 (= 2 ~waterLevel~0)) (.cse6 (<= 1 ~switchedOnBeforeTS~0))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1 (and .cse2 (= ~waterLevel~0 1))) (or .cse0 .cse1 (and .cse2 .cse3) .cse4) (or (< |old(~switchedOnBeforeTS~0)| 1) .cse1 (and .cse5 (= |old(~waterLevel~0)| ~waterLevel~0) .cse6) .cse7 (< 2 |old(~waterLevel~0)|)) (or .cse1 .cse4 .cse7 (and .cse5 .cse3 .cse6)))) [2023-11-06 22:39:13,343 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 643 669) no Hoare annotation was computed. [2023-11-06 22:39:13,343 INFO L899 garLoopResultBuilder]: For program point L650(lines 650 656) no Hoare annotation was computed. [2023-11-06 22:39:13,344 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 92) no Hoare annotation was computed. [2023-11-06 22:39:13,344 INFO L899 garLoopResultBuilder]: For program point L650-2(lines 646 668) no Hoare annotation was computed. [2023-11-06 22:39:13,344 INFO L895 garLoopResultBuilder]: At program point startSystem_returnLabel#1(lines 794 801) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse2 (= 2 ~waterLevel~0)) (.cse1 (= |ULTIMATE.start_main_~tmp~7#1| 1)) (.cse6 (= ~pumpRunning~0 0)) (.cse3 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse4 (= 1 ~systemActive~0)) (.cse5 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse1 .cse3 .cse4 .cse5 (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0)) (and .cse1 .cse6 .cse2 .cse3 .cse4 .cse5) (and .cse1 .cse6 .cse3 .cse4 .cse5 (= ~waterLevel~0 1)))) [2023-11-06 22:39:13,344 INFO L899 garLoopResultBuilder]: For program point L597(lines 597 603) no Hoare annotation was computed. [2023-11-06 22:39:13,344 INFO L899 garLoopResultBuilder]: For program point L597-1(lines 597 603) no Hoare annotation was computed. [2023-11-06 22:39:13,344 INFO L902 garLoopResultBuilder]: At program point runTest_returnLabel#1(lines 914 924) the Hoare annotation is: true [2023-11-06 22:39:13,345 INFO L895 garLoopResultBuilder]: At program point L622(lines 577 624) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse2 (= 2 ~waterLevel~0)) (.cse1 (= |ULTIMATE.start_main_~tmp~7#1| 1)) (.cse6 (= ~pumpRunning~0 0)) (.cse3 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse4 (= 1 ~systemActive~0)) (.cse5 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse1 .cse3 .cse4 .cse5 (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0)) (and .cse1 .cse6 .cse2 .cse3 .cse4 .cse5) (and .cse1 .cse6 .cse3 .cse4 .cse5 (= ~waterLevel~0 1)))) [2023-11-06 22:39:13,345 INFO L895 garLoopResultBuilder]: At program point L589(line 589) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse2 (= 2 ~waterLevel~0)) (.cse1 (= |ULTIMATE.start_main_~tmp~7#1| 1)) (.cse6 (= ~pumpRunning~0 0)) (.cse3 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse4 (= 1 ~systemActive~0)) (.cse5 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse1 .cse3 .cse4 .cse5 (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0)) (and .cse1 .cse6 .cse2 .cse3 .cse4 .cse5) (and .cse1 .cse6 .cse3 .cse4 .cse5 (= ~waterLevel~0 1)))) [2023-11-06 22:39:13,345 INFO L895 garLoopResultBuilder]: At program point select_features_returnLabel#1(lines 64 70) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2023-11-06 22:39:13,345 INFO L902 garLoopResultBuilder]: At program point main_returnLabel#1(lines 925 947) the Hoare annotation is: true [2023-11-06 22:39:13,345 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2023-11-06 22:39:13,345 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2023-11-06 22:39:13,345 INFO L895 garLoopResultBuilder]: At program point setup_returnLabel#1(lines 907 913) the Hoare annotation is: (and (= |ULTIMATE.start_main_~tmp~7#1| 1) (= ~pumpRunning~0 0) (= |ULTIMATE.start_valid_product_#res#1| 1) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2023-11-06 22:39:13,346 INFO L899 garLoopResultBuilder]: For program point L615(lines 615 619) no Hoare annotation was computed. [2023-11-06 22:39:13,346 INFO L895 garLoopResultBuilder]: At program point L615-2(lines 607 620) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse2 (= 2 ~waterLevel~0)) (.cse1 (= |ULTIMATE.start_main_~tmp~7#1| 1)) (.cse6 (= ~pumpRunning~0 0)) (.cse3 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse4 (= 1 ~systemActive~0)) (.cse5 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse1 .cse3 .cse4 .cse5 (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0)) (and .cse1 .cse6 .cse2 .cse3 .cse4 .cse5) (and .cse1 .cse6 .cse3 .cse4 .cse5 (= ~waterLevel~0 1)))) [2023-11-06 22:39:13,346 INFO L899 garLoopResultBuilder]: For program point L578(lines 577 624) no Hoare annotation was computed. [2023-11-06 22:39:13,346 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2023-11-06 22:39:13,346 INFO L899 garLoopResultBuilder]: For program point L607(lines 607 620) no Hoare annotation was computed. [2023-11-06 22:39:13,346 INFO L895 garLoopResultBuilder]: At program point __utac_acc__Specification5_spec__1_returnLabel#1(lines 804 811) the Hoare annotation is: (and (= |ULTIMATE.start_main_~tmp~7#1| 1) (= ~pumpRunning~0 0) (= |ULTIMATE.start_valid_product_#res#1| 1) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2023-11-06 22:39:13,347 INFO L895 garLoopResultBuilder]: At program point L599(line 599) the Hoare annotation is: (let ((.cse0 (<= 1 ~pumpRunning~0)) (.cse2 (= 2 ~waterLevel~0)) (.cse1 (= |ULTIMATE.start_main_~tmp~7#1| 1)) (.cse6 (= ~pumpRunning~0 0)) (.cse3 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse4 (= 1 ~systemActive~0)) (.cse5 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse1 .cse3 .cse4 .cse5 (<= ~waterLevel~0 2) (<= 1 ~switchedOnBeforeTS~0)) (and .cse1 .cse6 .cse2 .cse3 .cse4 .cse5) (and .cse1 .cse6 .cse3 .cse4 .cse5 (= ~waterLevel~0 1)))) [2023-11-06 22:39:13,347 INFO L902 garLoopResultBuilder]: At program point L628(lines 567 632) the Hoare annotation is: true [2023-11-06 22:39:13,347 INFO L899 garLoopResultBuilder]: For program point L587(lines 587 593) no Hoare annotation was computed. [2023-11-06 22:39:13,347 INFO L899 garLoopResultBuilder]: For program point L587-1(lines 587 593) no Hoare annotation was computed. [2023-11-06 22:39:13,347 INFO L899 garLoopResultBuilder]: For program point $Ultimate##0(line -1) no Hoare annotation was computed. [2023-11-06 22:39:13,347 INFO L895 garLoopResultBuilder]: At program point select_helpers_returnLabel#1(lines 71 77) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2023-11-06 22:39:13,347 INFO L899 garLoopResultBuilder]: For program point L579(lines 579 583) no Hoare annotation was computed. [2023-11-06 22:39:13,347 INFO L895 garLoopResultBuilder]: At program point L625(lines 576 626) the Hoare annotation is: false [2023-11-06 22:39:13,348 INFO L895 garLoopResultBuilder]: At program point valid_product_returnLabel#1(lines 78 86) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_valid_product_#res#1| 1) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2023-11-06 22:39:13,348 INFO L899 garLoopResultBuilder]: For program point L935(lines 935 942) no Hoare annotation was computed. [2023-11-06 22:39:13,348 INFO L899 garLoopResultBuilder]: For program point L935-2(lines 935 942) no Hoare annotation was computed. [2023-11-06 22:39:13,348 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 484 495) no Hoare annotation was computed. [2023-11-06 22:39:13,348 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 484 495) the Hoare annotation is: (let ((.cse1 (= 2 ~waterLevel~0)) (.cse3 (not (= |old(~waterLevel~0)| 2))) (.cse4 (not (= ~pumpRunning~0 0))) (.cse0 (< ~pumpRunning~0 1)) (.cse2 (not (= 1 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse1 .cse2 .cse3) (or .cse4 (not (= |old(~waterLevel~0)| 1)) .cse2 (= ~waterLevel~0 1)) (or .cse0 .cse2 (< ~switchedOnBeforeTS~0 1) (= |old(~waterLevel~0)| ~waterLevel~0) (< 2 |old(~waterLevel~0)|)))) [2023-11-06 22:39:13,351 INFO L899 garLoopResultBuilder]: For program point L488-1(lines 484 495) no Hoare annotation was computed. [2023-11-06 22:39:13,353 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 730 738) no Hoare annotation was computed. [2023-11-06 22:39:13,353 INFO L899 garLoopResultBuilder]: For program point isPumpRunningFINAL(lines 730 738) no Hoare annotation was computed. [2023-11-06 22:39:13,353 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(lines 730 738) the Hoare annotation is: true [2023-11-06 22:39:13,356 INFO L445 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:39:13,358 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2023-11-06 22:39:13,438 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 06.11 10:39:13 BoogieIcfgContainer [2023-11-06 22:39:13,438 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2023-11-06 22:39:13,439 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2023-11-06 22:39:13,439 INFO L270 PluginConnector]: Initializing Witness Printer... [2023-11-06 22:39:13,439 INFO L274 PluginConnector]: Witness Printer initialized [2023-11-06 22:39:13,439 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 06.11 10:39:05" (3/4) ... [2023-11-06 22:39:13,441 INFO L137 WitnessPrinter]: Generating witness for correct program [2023-11-06 22:39:13,445 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2023-11-06 22:39:13,445 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2023-11-06 22:39:13,446 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2023-11-06 22:39:13,446 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2023-11-06 22:39:13,446 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2023-11-06 22:39:13,446 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2023-11-06 22:39:13,461 INFO L939 BoogieBacktranslator]: Reduced CFG by removing 16 nodes and edges [2023-11-06 22:39:13,462 INFO L939 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2023-11-06 22:39:13,463 INFO L939 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2023-11-06 22:39:13,463 INFO L939 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2023-11-06 22:39:13,465 INFO L939 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2023-11-06 22:39:13,492 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((pumpRunning == 0) && (\result == 1)) && (1 == systemActive)) && (waterLevel == 1)) [2023-11-06 22:39:13,492 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((tmp == 1) && (pumpRunning == 0)) && (\result == 1)) && (1 == systemActive)) && (waterLevel == 1)) [2023-11-06 22:39:13,493 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((tmp == 1) && (pumpRunning == 0)) && (\result == 1)) && (1 == systemActive)) && (waterLevel == 1)) [2023-11-06 22:39:13,493 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((1 <= pumpRunning) && (tmp == 1)) && (2 == waterLevel)) && (\result == 1)) && (1 == systemActive)) && (splverifierCounter == 0)) || (((((((1 <= pumpRunning) && (tmp == 1)) && (\result == 1)) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || ((((((tmp == 1) && (pumpRunning == 0)) && (2 == waterLevel)) && (\result == 1)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((((tmp == 1) && (pumpRunning == 0)) && (\result == 1)) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel == 1))) [2023-11-06 22:39:13,494 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || ((pumpRunning == 0) && (waterLevel == 1))) && (((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || ((pumpRunning == 0) && (2 == waterLevel))) || !((\old(waterLevel) == 2)))) && (((((\old(switchedOnBeforeTS) < 1) || !((1 == systemActive))) || (((1 <= pumpRunning) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1)) || (2 < \old(waterLevel)))) && (((!((1 == systemActive)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (((1 <= pumpRunning) && (2 == waterLevel)) && (1 <= switchedOnBeforeTS)))) [2023-11-06 22:39:13,494 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((\old(switchedOnBeforeTS) < 1) || !((1 == systemActive))) || (\old(pumpRunning) < 1)) || (((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (2 < \old(waterLevel))) && ((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || !((\old(waterLevel) == 2)))) && ((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive)))) && (((!((1 == systemActive)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (((1 <= pumpRunning) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)))) [2023-11-06 22:39:13,495 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((\old(switchedOnBeforeTS) < 1) || !((1 == systemActive))) || (\old(pumpRunning) < 1)) || (((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (2 < \old(waterLevel))) && (((!((\old(pumpRunning) == 0)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1))) || !((\old(waterLevel) == 1))) || !((1 == systemActive)))) && ((((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (2 == \result)) && (tmp == 2))) || (((((pumpRunning == 0) && (2 == waterLevel)) && (2 == \result)) && (1 == systemActive)) && (tmp == 2))) || !((\old(waterLevel) == 2)))) && (((!((1 == systemActive)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (((1 <= pumpRunning) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)))) [2023-11-06 22:39:13,495 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((1 <= pumpRunning) && (tmp == 1)) && (2 == waterLevel)) && (\result == 1)) && (1 == systemActive)) && (splverifierCounter == 0)) || (((((((1 <= pumpRunning) && (tmp == 1)) && (\result == 1)) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || ((((((tmp == 1) && (pumpRunning == 0)) && (2 == waterLevel)) && (\result == 1)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((((tmp == 1) && (pumpRunning == 0)) && (\result == 1)) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel == 1))) [2023-11-06 22:39:13,495 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((\old(switchedOnBeforeTS) < 1) || !((1 == systemActive))) || (\old(pumpRunning) < 1)) || (((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (2 < \old(waterLevel))) && ((((((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) && (tmp == 0)) || !((\old(pumpRunning) == 0))) || !((1 == systemActive))) || ((1 <= pumpRunning) && (2 == waterLevel))) || !((\old(waterLevel) == 2)))) && (((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || ((((pumpRunning == 0) && (1 == systemActive)) && (tmp == 0)) && (waterLevel == 1))) || !((1 == systemActive)))) && (((!((1 == systemActive)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (((1 <= pumpRunning) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)))) [2023-11-06 22:39:13,496 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || !((\old(waterLevel) == 2))) && ((!((1 == systemActive)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1))) && ((((\old(switchedOnBeforeTS) < 1) || !((1 == systemActive))) || (\old(pumpRunning) < 1)) || (2 < \old(waterLevel)))) && ((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive)))) [2023-11-06 22:39:13,496 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((\old(switchedOnBeforeTS) < 1) || !((1 == systemActive))) || (\old(pumpRunning) < 1)) || (((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (2 < \old(waterLevel))) && (((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || ((pumpRunning == 0) && (waterLevel == 1)))) && (((!((1 == systemActive)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (((1 <= pumpRunning) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)))) && ((((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (2 == \result))) || !((\old(waterLevel) == 2))) || (((1 <= pumpRunning) && (2 == waterLevel)) && (2 == \result)))) [2023-11-06 22:39:13,496 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!((1 == systemActive)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) && ((((\old(switchedOnBeforeTS) < 1) || !((1 == systemActive))) || (\old(pumpRunning) < 1)) || (2 < \old(waterLevel)))) && (((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || ((pumpRunning == 0) && (2 == waterLevel))) || !((\old(waterLevel) == 2)))) && (((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || (((\result == 1) && (pumpRunning == 0)) && (waterLevel == 1)))) [2023-11-06 22:39:13,497 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!((1 == systemActive)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) && ((((\old(switchedOnBeforeTS) < 1) || !((1 == systemActive))) || (\old(pumpRunning) < 1)) || (2 < \old(waterLevel)))) && (((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || ((pumpRunning == 0) && (2 == waterLevel))) || !((\old(waterLevel) == 2)))) && (((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || ((((pumpRunning == 0) && (\result == 0)) && (tmp___0 == 0)) && (waterLevel == 1)))) [2023-11-06 22:39:13,497 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!((1 == systemActive)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) && ((((\old(switchedOnBeforeTS) < 1) || !((1 == systemActive))) || (\old(pumpRunning) < 1)) || (2 < \old(waterLevel)))) && ((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive)))) && (((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || ((1 <= pumpRunning) && (2 == waterLevel))) || !((\old(waterLevel) == 2)))) [2023-11-06 22:39:13,530 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((pumpRunning == 0) && (\result == 1)) && (1 == systemActive)) && (waterLevel == 1)) [2023-11-06 22:39:13,530 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((tmp == 1) && (pumpRunning == 0)) && (\result == 1)) && (1 == systemActive)) && (waterLevel == 1)) [2023-11-06 22:39:13,530 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((tmp == 1) && (pumpRunning == 0)) && (\result == 1)) && (1 == systemActive)) && (waterLevel == 1)) [2023-11-06 22:39:13,530 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((1 <= pumpRunning) && (tmp == 1)) && (2 == waterLevel)) && (\result == 1)) && (1 == systemActive)) && (splverifierCounter == 0)) || (((((((1 <= pumpRunning) && (tmp == 1)) && (\result == 1)) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || ((((((tmp == 1) && (pumpRunning == 0)) && (2 == waterLevel)) && (\result == 1)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((((tmp == 1) && (pumpRunning == 0)) && (\result == 1)) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel == 1))) [2023-11-06 22:39:13,531 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || ((pumpRunning == 0) && (waterLevel == 1))) && (((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || ((pumpRunning == 0) && (2 == waterLevel))) || !((\old(waterLevel) == 2)))) && (((((\old(switchedOnBeforeTS) < 1) || !((1 == systemActive))) || (((1 <= pumpRunning) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1)) || (2 < \old(waterLevel)))) && (((!((1 == systemActive)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (((1 <= pumpRunning) && (2 == waterLevel)) && (1 <= switchedOnBeforeTS)))) [2023-11-06 22:39:13,531 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((\old(switchedOnBeforeTS) < 1) || !((1 == systemActive))) || (\old(pumpRunning) < 1)) || (((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (2 < \old(waterLevel))) && ((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || !((\old(waterLevel) == 2)))) && ((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive)))) && (((!((1 == systemActive)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (((1 <= pumpRunning) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)))) [2023-11-06 22:39:13,532 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((\old(switchedOnBeforeTS) < 1) || !((1 == systemActive))) || (\old(pumpRunning) < 1)) || (((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (2 < \old(waterLevel))) && (((!((\old(pumpRunning) == 0)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1))) || !((\old(waterLevel) == 1))) || !((1 == systemActive)))) && ((((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (2 == \result)) && (tmp == 2))) || (((((pumpRunning == 0) && (2 == waterLevel)) && (2 == \result)) && (1 == systemActive)) && (tmp == 2))) || !((\old(waterLevel) == 2)))) && (((!((1 == systemActive)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (((1 <= pumpRunning) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)))) [2023-11-06 22:39:13,532 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((1 <= pumpRunning) && (tmp == 1)) && (2 == waterLevel)) && (\result == 1)) && (1 == systemActive)) && (splverifierCounter == 0)) || (((((((1 <= pumpRunning) && (tmp == 1)) && (\result == 1)) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || ((((((tmp == 1) && (pumpRunning == 0)) && (2 == waterLevel)) && (\result == 1)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((((tmp == 1) && (pumpRunning == 0)) && (\result == 1)) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel == 1))) [2023-11-06 22:39:13,532 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((\old(switchedOnBeforeTS) < 1) || !((1 == systemActive))) || (\old(pumpRunning) < 1)) || (((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (2 < \old(waterLevel))) && ((((((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) && (tmp == 0)) || !((\old(pumpRunning) == 0))) || !((1 == systemActive))) || ((1 <= pumpRunning) && (2 == waterLevel))) || !((\old(waterLevel) == 2)))) && (((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || ((((pumpRunning == 0) && (1 == systemActive)) && (tmp == 0)) && (waterLevel == 1))) || !((1 == systemActive)))) && (((!((1 == systemActive)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (((1 <= pumpRunning) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)))) [2023-11-06 22:39:13,532 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || !((\old(waterLevel) == 2))) && ((!((1 == systemActive)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1))) && ((((\old(switchedOnBeforeTS) < 1) || !((1 == systemActive))) || (\old(pumpRunning) < 1)) || (2 < \old(waterLevel)))) && ((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive)))) [2023-11-06 22:39:13,532 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((\old(switchedOnBeforeTS) < 1) || !((1 == systemActive))) || (\old(pumpRunning) < 1)) || (((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (2 < \old(waterLevel))) && (((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || ((pumpRunning == 0) && (waterLevel == 1)))) && (((!((1 == systemActive)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (((1 <= pumpRunning) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)))) && ((((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (2 == \result))) || !((\old(waterLevel) == 2))) || (((1 <= pumpRunning) && (2 == waterLevel)) && (2 == \result)))) [2023-11-06 22:39:13,533 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!((1 == systemActive)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) && ((((\old(switchedOnBeforeTS) < 1) || !((1 == systemActive))) || (\old(pumpRunning) < 1)) || (2 < \old(waterLevel)))) && (((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || ((pumpRunning == 0) && (2 == waterLevel))) || !((\old(waterLevel) == 2)))) && (((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || (((\result == 1) && (pumpRunning == 0)) && (waterLevel == 1)))) [2023-11-06 22:39:13,533 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!((1 == systemActive)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) && ((((\old(switchedOnBeforeTS) < 1) || !((1 == systemActive))) || (\old(pumpRunning) < 1)) || (2 < \old(waterLevel)))) && (((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || ((pumpRunning == 0) && (2 == waterLevel))) || !((\old(waterLevel) == 2)))) && (((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || ((((pumpRunning == 0) && (\result == 0)) && (tmp___0 == 0)) && (waterLevel == 1)))) [2023-11-06 22:39:13,533 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!((1 == systemActive)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) && ((((\old(switchedOnBeforeTS) < 1) || !((1 == systemActive))) || (\old(pumpRunning) < 1)) || (2 < \old(waterLevel)))) && ((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive)))) && (((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || ((1 <= pumpRunning) && (2 == waterLevel))) || !((\old(waterLevel) == 2)))) [2023-11-06 22:39:13,547 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_815ca28d-f25b-4454-9b03-369d7313dd96/bin/uautomizer-verify-WvqO1wxjHP/witness.graphml.graphml [2023-11-06 22:39:13,548 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_815ca28d-f25b-4454-9b03-369d7313dd96/bin/uautomizer-verify-WvqO1wxjHP/witness.graphml.yaml [2023-11-06 22:39:13,548 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2023-11-06 22:39:13,549 INFO L158 Benchmark]: Toolchain (without parser) took 9406.33ms. Allocated memory was 125.8MB in the beginning and 197.1MB in the end (delta: 71.3MB). Free memory was 85.7MB in the beginning and 114.7MB in the end (delta: -29.0MB). Peak memory consumption was 45.4MB. Max. memory is 16.1GB. [2023-11-06 22:39:13,549 INFO L158 Benchmark]: CDTParser took 0.25ms. Allocated memory is still 125.8MB. Free memory is still 98.0MB. There was no memory consumed. Max. memory is 16.1GB. [2023-11-06 22:39:13,549 INFO L158 Benchmark]: CACSL2BoogieTranslator took 419.51ms. Allocated memory is still 125.8MB. Free memory was 85.3MB in the beginning and 66.0MB in the end (delta: 19.3MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2023-11-06 22:39:13,550 INFO L158 Benchmark]: Boogie Procedure Inliner took 68.63ms. Allocated memory is still 125.8MB. Free memory was 66.0MB in the beginning and 63.9MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2023-11-06 22:39:13,550 INFO L158 Benchmark]: Boogie Preprocessor took 59.62ms. Allocated memory is still 125.8MB. Free memory was 63.9MB in the beginning and 62.6MB in the end (delta: 1.3MB). There was no memory consumed. Max. memory is 16.1GB. [2023-11-06 22:39:13,551 INFO L158 Benchmark]: RCFGBuilder took 571.72ms. Allocated memory was 125.8MB in the beginning and 163.6MB in the end (delta: 37.7MB). Free memory was 62.6MB in the beginning and 134.9MB in the end (delta: -72.3MB). Peak memory consumption was 21.2MB. Max. memory is 16.1GB. [2023-11-06 22:39:13,551 INFO L158 Benchmark]: TraceAbstraction took 8166.83ms. Allocated memory was 163.6MB in the beginning and 197.1MB in the end (delta: 33.6MB). Free memory was 134.0MB in the beginning and 122.1MB in the end (delta: 12.0MB). Peak memory consumption was 95.5MB. Max. memory is 16.1GB. [2023-11-06 22:39:13,551 INFO L158 Benchmark]: Witness Printer took 109.60ms. Allocated memory is still 197.1MB. Free memory was 122.1MB in the beginning and 114.7MB in the end (delta: 7.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2023-11-06 22:39:13,553 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.25ms. Allocated memory is still 125.8MB. Free memory is still 98.0MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 419.51ms. Allocated memory is still 125.8MB. Free memory was 85.3MB in the beginning and 66.0MB in the end (delta: 19.3MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 68.63ms. Allocated memory is still 125.8MB. Free memory was 66.0MB in the beginning and 63.9MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 59.62ms. Allocated memory is still 125.8MB. Free memory was 63.9MB in the beginning and 62.6MB in the end (delta: 1.3MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 571.72ms. Allocated memory was 125.8MB in the beginning and 163.6MB in the end (delta: 37.7MB). Free memory was 62.6MB in the beginning and 134.9MB in the end (delta: -72.3MB). Peak memory consumption was 21.2MB. Max. memory is 16.1GB. * TraceAbstraction took 8166.83ms. Allocated memory was 163.6MB in the beginning and 197.1MB in the end (delta: 33.6MB). Free memory was 134.0MB in the beginning and 122.1MB in the end (delta: 12.0MB). Peak memory consumption was 95.5MB. Max. memory is 16.1GB. * Witness Printer took 109.60ms. Allocated memory is still 197.1MB. Free memory was 122.1MB in the beginning and 114.7MB in the end (delta: 7.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [49] - GenericResultAtLocation [Line: 87]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [87] - GenericResultAtLocation [Line: 96]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [96] - GenericResultAtLocation [Line: 462]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [462] - GenericResultAtLocation [Line: 563]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [563] - GenericResultAtLocation [Line: 633]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [633] - GenericResultAtLocation [Line: 802]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [802] - GenericResultAtLocation [Line: 851]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [851] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 92]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 81 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 8.0s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 1.8s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 3.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 874 SdHoareTripleChecker+Valid, 0.8s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 855 mSDsluCounter, 3044 SdHoareTripleChecker+Invalid, 0.7s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2118 mSDsCounter, 190 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 863 IncrementalHoareTripleChecker+Invalid, 1053 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 190 mSolverCounterUnsat, 926 mSDtfsCounter, 863 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 313 GetRequests, 239 SyntacticMatches, 4 SemanticMatches, 70 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 228 ImplicationChecksByTransitivity, 0.6s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=397occurred in iteration=9, InterpolantAutomatonStates: 72, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.3s AutomataMinimizationTime, 10 MinimizatonAttempts, 52 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 37 LocationsWithAnnotation, 612 PreInvPairs, 717 NumberOfFragments, 1694 HoareAnnotationTreeSize, 612 FomulaSimplifications, 1554 FormulaSimplificationTreeSizeReduction, 0.2s HoareSimplificationTime, 37 FomulaSimplificationsInter, 1989 FormulaSimplificationTreeSizeReductionInter, 2.7s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 1.9s InterpolantComputationTime, 553 NumberOfCodeBlocks, 553 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 624 ConstructedInterpolants, 0 QuantifiedInterpolants, 1257 SizeOfPredicates, 3 NumberOfNonLiveVariables, 297 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 97/117 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 804]: Loop Invariant Derived loop invariant: (((((tmp == 1) && (pumpRunning == 0)) && (\result == 1)) && (1 == systemActive)) && (waterLevel == 1)) - InvariantResult [Line: 907]: Loop Invariant Derived loop invariant: (((((tmp == 1) && (pumpRunning == 0)) && (\result == 1)) && (1 == systemActive)) && (waterLevel == 1)) - InvariantResult [Line: 794]: Loop Invariant Derived loop invariant: (((((((((1 <= pumpRunning) && (tmp == 1)) && (2 == waterLevel)) && (\result == 1)) && (1 == systemActive)) && (splverifierCounter == 0)) || (((((((1 <= pumpRunning) && (tmp == 1)) && (\result == 1)) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || ((((((tmp == 1) && (pumpRunning == 0)) && (2 == waterLevel)) && (\result == 1)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((((tmp == 1) && (pumpRunning == 0)) && (\result == 1)) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel == 1))) - InvariantResult [Line: 88]: Loop Invariant Derived loop invariant: (((((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || !((\old(waterLevel) == 2))) && ((!((1 == systemActive)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1))) && ((((\old(switchedOnBeforeTS) < 1) || !((1 == systemActive))) || (\old(pumpRunning) < 1)) || (2 < \old(waterLevel)))) && ((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive)))) - InvariantResult [Line: 703]: Loop Invariant Derived loop invariant: (((((!((1 == systemActive)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) && ((((\old(switchedOnBeforeTS) < 1) || !((1 == systemActive))) || (\old(pumpRunning) < 1)) || (2 < \old(waterLevel)))) && ((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive)))) && (((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || ((1 <= pumpRunning) && (2 == waterLevel))) || !((\old(waterLevel) == 2)))) - InvariantResult [Line: 64]: Loop Invariant Derived loop invariant: (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1)) - InvariantResult [Line: 576]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 540]: Loop Invariant Derived loop invariant: ((((((((\old(switchedOnBeforeTS) < 1) || !((1 == systemActive))) || (\old(pumpRunning) < 1)) || (((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (2 < \old(waterLevel))) && (((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || ((pumpRunning == 0) && (waterLevel == 1)))) && (((!((1 == systemActive)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (((1 <= pumpRunning) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)))) && ((((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (2 == \result))) || !((\old(waterLevel) == 2))) || (((1 <= pumpRunning) && (2 == waterLevel)) && (2 == \result)))) - InvariantResult [Line: 78]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0) && (\result == 1)) && (1 == systemActive)) && (waterLevel == 1)) - InvariantResult [Line: 71]: Loop Invariant Derived loop invariant: (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1)) - InvariantResult [Line: 549]: Loop Invariant Derived loop invariant: (((((!((1 == systemActive)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) && ((((\old(switchedOnBeforeTS) < 1) || !((1 == systemActive))) || (\old(pumpRunning) < 1)) || (2 < \old(waterLevel)))) && (((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || ((pumpRunning == 0) && (2 == waterLevel))) || !((\old(waterLevel) == 2)))) && (((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || (((\result == 1) && (pumpRunning == 0)) && (waterLevel == 1)))) - InvariantResult [Line: 812]: Loop Invariant Derived loop invariant: ((((((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || ((pumpRunning == 0) && (waterLevel == 1))) && (((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || ((pumpRunning == 0) && (2 == waterLevel))) || !((\old(waterLevel) == 2)))) && (((((\old(switchedOnBeforeTS) < 1) || !((1 == systemActive))) || (((1 <= pumpRunning) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1)) || (2 < \old(waterLevel)))) && (((!((1 == systemActive)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (((1 <= pumpRunning) && (2 == waterLevel)) && (1 <= switchedOnBeforeTS)))) - InvariantResult [Line: 678]: Loop Invariant Derived loop invariant: ((((((((\old(switchedOnBeforeTS) < 1) || !((1 == systemActive))) || (\old(pumpRunning) < 1)) || (((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (2 < \old(waterLevel))) && ((((((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) && (tmp == 0)) || !((\old(pumpRunning) == 0))) || !((1 == systemActive))) || ((1 <= pumpRunning) && (2 == waterLevel))) || !((\old(waterLevel) == 2)))) && (((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || ((((pumpRunning == 0) && (1 == systemActive)) && (tmp == 0)) && (waterLevel == 1))) || !((1 == systemActive)))) && (((!((1 == systemActive)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (((1 <= pumpRunning) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)))) - InvariantResult [Line: 853]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 925]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 577]: Loop Invariant Derived loop invariant: (((((((((1 <= pumpRunning) && (tmp == 1)) && (2 == waterLevel)) && (\result == 1)) && (1 == systemActive)) && (splverifierCounter == 0)) || (((((((1 <= pumpRunning) && (tmp == 1)) && (\result == 1)) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || ((((((tmp == 1) && (pumpRunning == 0)) && (2 == waterLevel)) && (\result == 1)) && (1 == systemActive)) && (splverifierCounter == 0))) || ((((((tmp == 1) && (pumpRunning == 0)) && (\result == 1)) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel == 1))) - InvariantResult [Line: 472]: Loop Invariant Derived loop invariant: ((((((((\old(switchedOnBeforeTS) < 1) || !((1 == systemActive))) || (\old(pumpRunning) < 1)) || (((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (2 < \old(waterLevel))) && ((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || !((\old(waterLevel) == 2)))) && ((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive)))) && (((!((1 == systemActive)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (((1 <= pumpRunning) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)))) - InvariantResult [Line: 775]: Loop Invariant Derived loop invariant: (((((!((1 == systemActive)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) && ((((\old(switchedOnBeforeTS) < 1) || !((1 == systemActive))) || (\old(pumpRunning) < 1)) || (2 < \old(waterLevel)))) && (((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || ((pumpRunning == 0) && (2 == waterLevel))) || !((\old(waterLevel) == 2)))) && (((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || ((((pumpRunning == 0) && (\result == 0)) && (tmp___0 == 0)) && (waterLevel == 1)))) - InvariantResult [Line: 567]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 914]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 822]: Loop Invariant Derived loop invariant: ((((((((\old(switchedOnBeforeTS) < 1) || !((1 == systemActive))) || (\old(pumpRunning) < 1)) || (((1 <= pumpRunning) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (2 < \old(waterLevel))) && (((!((\old(pumpRunning) == 0)) || (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1))) || !((\old(waterLevel) == 1))) || !((1 == systemActive)))) && ((((!((\old(pumpRunning) == 0)) || !((1 == systemActive))) || ((((1 <= pumpRunning) && (2 == waterLevel)) && (2 == \result)) && (tmp == 2))) || (((((pumpRunning == 0) && (2 == waterLevel)) && (2 == \result)) && (1 == systemActive)) && (tmp == 2))) || !((\old(waterLevel) == 2)))) && (((!((1 == systemActive)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (((1 <= pumpRunning) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)))) - InvariantResult [Line: 863]: Loop Invariant Derived loop invariant: 1 RESULT: Ultimate proved your program to be correct! [2023-11-06 22:39:13,602 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_815ca28d-f25b-4454-9b03-369d7313dd96/bin/uautomizer-verify-WvqO1wxjHP/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE