./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version e7bb482b Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_189815de-5ccd-4f72-9cd5-cb51eb849edf/bin/uautomizer-verify-WvqO1wxjHP/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_189815de-5ccd-4f72-9cd5-cb51eb849edf/bin/uautomizer-verify-WvqO1wxjHP/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_189815de-5ccd-4f72-9cd5-cb51eb849edf/bin/uautomizer-verify-WvqO1wxjHP/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_189815de-5ccd-4f72-9cd5-cb51eb849edf/bin/uautomizer-verify-WvqO1wxjHP/config/AutomizerReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_189815de-5ccd-4f72-9cd5-cb51eb849edf/bin/uautomizer-verify-WvqO1wxjHP/config/svcomp-Reach-32bit-Automizer_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_189815de-5ccd-4f72-9cd5-cb51eb849edf/bin/uautomizer-verify-WvqO1wxjHP --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Automizer --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash db9cad3d4bb6f197e1ca94da7e6c4fb3038f74aed96fd168a277cfa6f57caad2 --- Real Ultimate output --- This is Ultimate 0.2.3-dev-e7bb482 [2023-11-06 22:08:28,962 INFO L188 SettingsManager]: Resetting all preferences to default values... [2023-11-06 22:08:29,093 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_189815de-5ccd-4f72-9cd5-cb51eb849edf/bin/uautomizer-verify-WvqO1wxjHP/config/svcomp-Reach-32bit-Automizer_Default.epf [2023-11-06 22:08:29,104 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2023-11-06 22:08:29,105 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2023-11-06 22:08:29,146 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2023-11-06 22:08:29,146 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2023-11-06 22:08:29,147 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2023-11-06 22:08:29,148 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2023-11-06 22:08:29,153 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2023-11-06 22:08:29,154 INFO L151 SettingsManager]: Preferences of BlockEncodingV2 differ from their defaults: [2023-11-06 22:08:29,155 INFO L153 SettingsManager]: * Create parallel compositions if possible=false [2023-11-06 22:08:29,155 INFO L153 SettingsManager]: * Use SBE=true [2023-11-06 22:08:29,157 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2023-11-06 22:08:29,158 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2023-11-06 22:08:29,158 INFO L153 SettingsManager]: * sizeof long=4 [2023-11-06 22:08:29,158 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2023-11-06 22:08:29,159 INFO L153 SettingsManager]: * sizeof POINTER=4 [2023-11-06 22:08:29,159 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2023-11-06 22:08:29,160 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2023-11-06 22:08:29,160 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2023-11-06 22:08:29,161 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2023-11-06 22:08:29,161 INFO L153 SettingsManager]: * sizeof long double=12 [2023-11-06 22:08:29,161 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2023-11-06 22:08:29,162 INFO L153 SettingsManager]: * Use constant arrays=true [2023-11-06 22:08:29,163 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2023-11-06 22:08:29,163 INFO L153 SettingsManager]: * Size of a code block=SequenceOfStatements [2023-11-06 22:08:29,164 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2023-11-06 22:08:29,164 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2023-11-06 22:08:29,164 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2023-11-06 22:08:29,166 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2023-11-06 22:08:29,166 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2023-11-06 22:08:29,166 INFO L153 SettingsManager]: * Trace refinement strategy=CAMEL [2023-11-06 22:08:29,167 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2023-11-06 22:08:29,167 INFO L153 SettingsManager]: * Automaton type used in concurrency analysis=PETRI_NET [2023-11-06 22:08:29,167 INFO L153 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2023-11-06 22:08:29,167 INFO L153 SettingsManager]: * Order on configurations for Petri net unfoldings=DBO [2023-11-06 22:08:29,167 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2023-11-06 22:08:29,168 INFO L153 SettingsManager]: * Independence relation used for large block encoding in concurrent analysis=SYNTACTIC [2023-11-06 22:08:29,168 INFO L153 SettingsManager]: * Looper check in Petri net analysis=SEMANTIC WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_189815de-5ccd-4f72-9cd5-cb51eb849edf/bin/uautomizer-verify-WvqO1wxjHP/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_189815de-5ccd-4f72-9cd5-cb51eb849edf/bin/uautomizer-verify-WvqO1wxjHP Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Automizer Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> db9cad3d4bb6f197e1ca94da7e6c4fb3038f74aed96fd168a277cfa6f57caad2 [2023-11-06 22:08:29,468 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2023-11-06 22:08:29,499 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2023-11-06 22:08:29,502 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2023-11-06 22:08:29,503 INFO L270 PluginConnector]: Initializing CDTParser... [2023-11-06 22:08:29,504 INFO L274 PluginConnector]: CDTParser initialized [2023-11-06 22:08:29,505 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_189815de-5ccd-4f72-9cd5-cb51eb849edf/bin/uautomizer-verify-WvqO1wxjHP/../../sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c [2023-11-06 22:08:32,671 INFO L533 CDTParser]: Created temporary CDT project at NULL [2023-11-06 22:08:32,954 INFO L384 CDTParser]: Found 1 translation units. [2023-11-06 22:08:32,954 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_189815de-5ccd-4f72-9cd5-cb51eb849edf/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c [2023-11-06 22:08:32,971 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_189815de-5ccd-4f72-9cd5-cb51eb849edf/bin/uautomizer-verify-WvqO1wxjHP/data/066a64c5d/2f800ac4231c4b2e90e035ba93bdf601/FLAG02c9f8c6b [2023-11-06 22:08:32,986 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_189815de-5ccd-4f72-9cd5-cb51eb849edf/bin/uautomizer-verify-WvqO1wxjHP/data/066a64c5d/2f800ac4231c4b2e90e035ba93bdf601 [2023-11-06 22:08:32,989 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2023-11-06 22:08:32,991 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2023-11-06 22:08:32,992 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2023-11-06 22:08:32,993 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2023-11-06 22:08:32,998 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2023-11-06 22:08:32,999 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 06.11 10:08:32" (1/1) ... [2023-11-06 22:08:33,000 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@4a9c59c7 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:08:33, skipping insertion in model container [2023-11-06 22:08:33,001 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 06.11 10:08:32" (1/1) ... [2023-11-06 22:08:33,058 INFO L177 MainTranslator]: Built tables and reachable declarations [2023-11-06 22:08:33,353 WARN L240 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_189815de-5ccd-4f72-9cd5-cb51eb849edf/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c[14935,14948] [2023-11-06 22:08:33,404 INFO L209 PostProcessor]: Analyzing one entry point: main [2023-11-06 22:08:33,422 INFO L202 MainTranslator]: Completed pre-run [2023-11-06 22:08:33,432 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2023-11-06 22:08:33,434 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [160] [2023-11-06 22:08:33,434 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [211] [2023-11-06 22:08:33,435 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [577] [2023-11-06 22:08:33,435 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [680] [2023-11-06 22:08:33,435 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [689] [2023-11-06 22:08:33,435 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [757] [2023-11-06 22:08:33,436 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [985] [2023-11-06 22:08:33,516 WARN L240 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_189815de-5ccd-4f72-9cd5-cb51eb849edf/sv-benchmarks/c/product-lines/minepump_spec5_product58.cil.c[14935,14948] [2023-11-06 22:08:33,542 INFO L209 PostProcessor]: Analyzing one entry point: main [2023-11-06 22:08:33,567 INFO L206 MainTranslator]: Completed translation [2023-11-06 22:08:33,567 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:08:33 WrapperNode [2023-11-06 22:08:33,567 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2023-11-06 22:08:33,569 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2023-11-06 22:08:33,569 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2023-11-06 22:08:33,569 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2023-11-06 22:08:33,576 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:08:33" (1/1) ... [2023-11-06 22:08:33,590 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:08:33" (1/1) ... [2023-11-06 22:08:33,620 INFO L138 Inliner]: procedures = 59, calls = 104, calls flagged for inlining = 28, calls inlined = 25, statements flattened = 235 [2023-11-06 22:08:33,621 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2023-11-06 22:08:33,621 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2023-11-06 22:08:33,622 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2023-11-06 22:08:33,622 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2023-11-06 22:08:33,636 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:08:33" (1/1) ... [2023-11-06 22:08:33,637 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:08:33" (1/1) ... [2023-11-06 22:08:33,652 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:08:33" (1/1) ... [2023-11-06 22:08:33,652 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:08:33" (1/1) ... [2023-11-06 22:08:33,660 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:08:33" (1/1) ... [2023-11-06 22:08:33,672 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:08:33" (1/1) ... [2023-11-06 22:08:33,674 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:08:33" (1/1) ... [2023-11-06 22:08:33,676 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:08:33" (1/1) ... [2023-11-06 22:08:33,679 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2023-11-06 22:08:33,680 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2023-11-06 22:08:33,680 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2023-11-06 22:08:33,680 INFO L274 PluginConnector]: RCFGBuilder initialized [2023-11-06 22:08:33,681 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:08:33" (1/1) ... [2023-11-06 22:08:33,690 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2023-11-06 22:08:33,706 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_189815de-5ccd-4f72-9cd5-cb51eb849edf/bin/uautomizer-verify-WvqO1wxjHP/z3 [2023-11-06 22:08:33,720 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_189815de-5ccd-4f72-9cd5-cb51eb849edf/bin/uautomizer-verify-WvqO1wxjHP/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2023-11-06 22:08:33,763 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_189815de-5ccd-4f72-9cd5-cb51eb849edf/bin/uautomizer-verify-WvqO1wxjHP/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2023-11-06 22:08:33,776 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2023-11-06 22:08:33,776 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2023-11-06 22:08:33,776 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2023-11-06 22:08:33,777 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2023-11-06 22:08:33,778 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2023-11-06 22:08:33,778 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2023-11-06 22:08:33,779 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2023-11-06 22:08:33,779 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2023-11-06 22:08:33,779 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2023-11-06 22:08:33,779 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2023-11-06 22:08:33,780 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2023-11-06 22:08:33,780 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2023-11-06 22:08:33,780 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2023-11-06 22:08:33,780 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2023-11-06 22:08:33,780 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2023-11-06 22:08:33,781 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2023-11-06 22:08:33,781 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2023-11-06 22:08:33,781 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2023-11-06 22:08:33,912 INFO L236 CfgBuilder]: Building ICFG [2023-11-06 22:08:33,915 INFO L262 CfgBuilder]: Building CFG for each procedure with an implementation [2023-11-06 22:08:34,346 INFO L277 CfgBuilder]: Performing block encoding [2023-11-06 22:08:34,358 INFO L297 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2023-11-06 22:08:34,358 INFO L302 CfgBuilder]: Removed 2 assume(true) statements. [2023-11-06 22:08:34,360 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 06.11 10:08:34 BoogieIcfgContainer [2023-11-06 22:08:34,361 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2023-11-06 22:08:34,363 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2023-11-06 22:08:34,363 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2023-11-06 22:08:34,367 INFO L274 PluginConnector]: TraceAbstraction initialized [2023-11-06 22:08:34,367 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 06.11 10:08:32" (1/3) ... [2023-11-06 22:08:34,368 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@19c1212c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 06.11 10:08:34, skipping insertion in model container [2023-11-06 22:08:34,368 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 06.11 10:08:33" (2/3) ... [2023-11-06 22:08:34,368 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@19c1212c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 06.11 10:08:34, skipping insertion in model container [2023-11-06 22:08:34,369 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 06.11 10:08:34" (3/3) ... [2023-11-06 22:08:34,370 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product58.cil.c [2023-11-06 22:08:34,396 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2023-11-06 22:08:34,397 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2023-11-06 22:08:34,450 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2023-11-06 22:08:34,456 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=PETRI_NET, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@79ae740a, mLbeIndependenceSettings=[IndependenceType=SYNTACTIC, AbstractionType=NONE, UseConditional=, UseSemiCommutativity=, Solver=, SolverTimeout=] [2023-11-06 22:08:34,456 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2023-11-06 22:08:34,460 INFO L276 IsEmpty]: Start isEmpty. Operand has 97 states, 76 states have (on average 1.368421052631579) internal successors, (104), 84 states have internal predecessors, (104), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2023-11-06 22:08:34,471 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 33 [2023-11-06 22:08:34,472 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:08:34,472 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:08:34,473 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:08:34,479 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:08:34,479 INFO L85 PathProgramCache]: Analyzing trace with hash -716350399, now seen corresponding path program 1 times [2023-11-06 22:08:34,489 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:08:34,489 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [579234627] [2023-11-06 22:08:34,490 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:08:34,490 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:08:34,623 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:34,709 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 13 [2023-11-06 22:08:34,713 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:34,720 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 24 [2023-11-06 22:08:34,723 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:34,727 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2023-11-06 22:08:34,728 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:08:34,728 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [579234627] [2023-11-06 22:08:34,729 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [579234627] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:08:34,729 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:08:34,729 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2023-11-06 22:08:34,739 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [308619085] [2023-11-06 22:08:34,739 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:08:34,744 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2023-11-06 22:08:34,744 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:08:34,775 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2023-11-06 22:08:34,776 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2023-11-06 22:08:34,778 INFO L87 Difference]: Start difference. First operand has 97 states, 76 states have (on average 1.368421052631579) internal successors, (104), 84 states have internal predecessors, (104), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2023-11-06 22:08:34,821 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:08:34,823 INFO L93 Difference]: Finished difference Result 185 states and 250 transitions. [2023-11-06 22:08:34,824 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2023-11-06 22:08:34,826 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 32 [2023-11-06 22:08:34,827 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:08:34,841 INFO L225 Difference]: With dead ends: 185 [2023-11-06 22:08:34,841 INFO L226 Difference]: Without dead ends: 88 [2023-11-06 22:08:34,847 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2023-11-06 22:08:34,854 INFO L413 NwaCegarLoop]: 122 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 0 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 122 SdHoareTripleChecker+Invalid, 0 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 0 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-11-06 22:08:34,855 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 122 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 0 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-11-06 22:08:34,879 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 88 states. [2023-11-06 22:08:34,922 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 88 to 88. [2023-11-06 22:08:34,924 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 88 states, 69 states have (on average 1.3043478260869565) internal successors, (90), 76 states have internal predecessors, (90), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2023-11-06 22:08:34,927 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 88 states to 88 states and 113 transitions. [2023-11-06 22:08:34,929 INFO L78 Accepts]: Start accepts. Automaton has 88 states and 113 transitions. Word has length 32 [2023-11-06 22:08:34,930 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:08:34,930 INFO L495 AbstractCegarLoop]: Abstraction has 88 states and 113 transitions. [2023-11-06 22:08:34,930 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 12.0) internal successors, (24), 2 states have internal predecessors, (24), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2023-11-06 22:08:34,930 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 113 transitions. [2023-11-06 22:08:34,933 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2023-11-06 22:08:34,934 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:08:34,934 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:08:34,934 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2023-11-06 22:08:34,935 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:08:34,935 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:08:34,936 INFO L85 PathProgramCache]: Analyzing trace with hash 407802526, now seen corresponding path program 1 times [2023-11-06 22:08:34,936 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:08:34,936 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1578704297] [2023-11-06 22:08:34,936 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:08:34,937 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:08:34,985 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:35,146 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 14 [2023-11-06 22:08:35,151 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:35,154 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 25 [2023-11-06 22:08:35,156 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:35,159 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2023-11-06 22:08:35,159 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:08:35,159 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1578704297] [2023-11-06 22:08:35,160 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1578704297] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:08:35,160 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:08:35,160 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2023-11-06 22:08:35,160 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [635223050] [2023-11-06 22:08:35,160 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:08:35,162 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2023-11-06 22:08:35,162 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:08:35,163 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2023-11-06 22:08:35,163 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-11-06 22:08:35,163 INFO L87 Difference]: Start difference. First operand 88 states and 113 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2023-11-06 22:08:35,213 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:08:35,216 INFO L93 Difference]: Finished difference Result 140 states and 180 transitions. [2023-11-06 22:08:35,216 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2023-11-06 22:08:35,217 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 33 [2023-11-06 22:08:35,217 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:08:35,218 INFO L225 Difference]: With dead ends: 140 [2023-11-06 22:08:35,223 INFO L226 Difference]: Without dead ends: 79 [2023-11-06 22:08:35,224 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-11-06 22:08:35,227 INFO L413 NwaCegarLoop]: 100 mSDtfsCounter, 13 mSDsluCounter, 83 mSDsCounter, 0 mSdLazyCounter, 1 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 16 SdHoareTripleChecker+Valid, 183 SdHoareTripleChecker+Invalid, 1 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 1 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-11-06 22:08:35,230 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [16 Valid, 183 Invalid, 1 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 1 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-11-06 22:08:35,232 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 79 states. [2023-11-06 22:08:35,242 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 79 to 79. [2023-11-06 22:08:35,247 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 79 states, 63 states have (on average 1.3174603174603174) internal successors, (83), 70 states have internal predecessors, (83), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2023-11-06 22:08:35,249 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 79 states to 79 states and 101 transitions. [2023-11-06 22:08:35,250 INFO L78 Accepts]: Start accepts. Automaton has 79 states and 101 transitions. Word has length 33 [2023-11-06 22:08:35,250 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:08:35,250 INFO L495 AbstractCegarLoop]: Abstraction has 79 states and 101 transitions. [2023-11-06 22:08:35,250 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2023-11-06 22:08:35,250 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 101 transitions. [2023-11-06 22:08:35,252 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2023-11-06 22:08:35,252 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:08:35,252 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:08:35,252 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2023-11-06 22:08:35,253 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:08:35,253 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:08:35,253 INFO L85 PathProgramCache]: Analyzing trace with hash -1999351370, now seen corresponding path program 1 times [2023-11-06 22:08:35,253 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:08:35,253 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [481081504] [2023-11-06 22:08:35,254 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:08:35,254 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:08:35,305 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:35,494 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2023-11-06 22:08:35,497 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:35,501 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 30 [2023-11-06 22:08:35,503 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:35,505 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2023-11-06 22:08:35,506 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:08:35,506 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [481081504] [2023-11-06 22:08:35,506 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [481081504] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:08:35,507 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:08:35,507 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2023-11-06 22:08:35,507 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [287667988] [2023-11-06 22:08:35,507 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:08:35,508 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2023-11-06 22:08:35,508 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:08:35,509 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2023-11-06 22:08:35,509 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2023-11-06 22:08:35,510 INFO L87 Difference]: Start difference. First operand 79 states and 101 transitions. Second operand has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2023-11-06 22:08:35,600 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:08:35,601 INFO L93 Difference]: Finished difference Result 150 states and 195 transitions. [2023-11-06 22:08:35,601 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2023-11-06 22:08:35,601 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 38 [2023-11-06 22:08:35,602 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:08:35,603 INFO L225 Difference]: With dead ends: 150 [2023-11-06 22:08:35,603 INFO L226 Difference]: Without dead ends: 79 [2023-11-06 22:08:35,604 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2023-11-06 22:08:35,606 INFO L413 NwaCegarLoop]: 94 mSDtfsCounter, 124 mSDsluCounter, 154 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 124 SdHoareTripleChecker+Valid, 248 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-11-06 22:08:35,606 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [124 Valid, 248 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-11-06 22:08:35,607 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 79 states. [2023-11-06 22:08:35,620 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 79 to 79. [2023-11-06 22:08:35,621 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 79 states, 63 states have (on average 1.3015873015873016) internal successors, (82), 70 states have internal predecessors, (82), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2023-11-06 22:08:35,622 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 79 states to 79 states and 100 transitions. [2023-11-06 22:08:35,623 INFO L78 Accepts]: Start accepts. Automaton has 79 states and 100 transitions. Word has length 38 [2023-11-06 22:08:35,624 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:08:35,624 INFO L495 AbstractCegarLoop]: Abstraction has 79 states and 100 transitions. [2023-11-06 22:08:35,624 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.2) internal successors, (31), 5 states have internal predecessors, (31), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2023-11-06 22:08:35,625 INFO L276 IsEmpty]: Start isEmpty. Operand 79 states and 100 transitions. [2023-11-06 22:08:35,626 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2023-11-06 22:08:35,626 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:08:35,627 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:08:35,627 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2023-11-06 22:08:35,627 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:08:35,628 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:08:35,628 INFO L85 PathProgramCache]: Analyzing trace with hash 879947394, now seen corresponding path program 1 times [2023-11-06 22:08:35,628 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:08:35,628 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [347095669] [2023-11-06 22:08:35,628 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:08:35,629 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:08:35,657 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:35,695 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2023-11-06 22:08:35,696 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:35,698 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 38 [2023-11-06 22:08:35,700 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:35,705 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2023-11-06 22:08:35,705 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:08:35,705 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [347095669] [2023-11-06 22:08:35,706 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [347095669] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:08:35,706 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:08:35,706 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2023-11-06 22:08:35,706 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1396948910] [2023-11-06 22:08:35,709 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:08:35,710 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2023-11-06 22:08:35,710 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:08:35,711 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2023-11-06 22:08:35,711 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-11-06 22:08:35,711 INFO L87 Difference]: Start difference. First operand 79 states and 100 transitions. Second operand has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2023-11-06 22:08:35,789 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:08:35,789 INFO L93 Difference]: Finished difference Result 199 states and 258 transitions. [2023-11-06 22:08:35,790 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2023-11-06 22:08:35,790 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 46 [2023-11-06 22:08:35,791 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:08:35,792 INFO L225 Difference]: With dead ends: 199 [2023-11-06 22:08:35,793 INFO L226 Difference]: Without dead ends: 128 [2023-11-06 22:08:35,794 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-11-06 22:08:35,795 INFO L413 NwaCegarLoop]: 104 mSDtfsCounter, 80 mSDsluCounter, 67 mSDsCounter, 0 mSdLazyCounter, 9 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 80 SdHoareTripleChecker+Valid, 171 SdHoareTripleChecker+Invalid, 15 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 9 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2023-11-06 22:08:35,796 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [80 Valid, 171 Invalid, 15 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 9 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2023-11-06 22:08:35,797 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 128 states. [2023-11-06 22:08:35,818 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 128 to 126. [2023-11-06 22:08:35,819 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 126 states, 99 states have (on average 1.2828282828282829) internal successors, (127), 107 states have internal predecessors, (127), 14 states have call successors, (14), 12 states have call predecessors, (14), 12 states have return successors, (18), 14 states have call predecessors, (18), 14 states have call successors, (18) [2023-11-06 22:08:35,821 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 126 states to 126 states and 159 transitions. [2023-11-06 22:08:35,821 INFO L78 Accepts]: Start accepts. Automaton has 126 states and 159 transitions. Word has length 46 [2023-11-06 22:08:35,821 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:08:35,822 INFO L495 AbstractCegarLoop]: Abstraction has 126 states and 159 transitions. [2023-11-06 22:08:35,822 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 13.0) internal successors, (39), 3 states have internal predecessors, (39), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2023-11-06 22:08:35,822 INFO L276 IsEmpty]: Start isEmpty. Operand 126 states and 159 transitions. [2023-11-06 22:08:35,824 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2023-11-06 22:08:35,824 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:08:35,825 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:08:35,825 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2023-11-06 22:08:35,825 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:08:35,826 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:08:35,826 INFO L85 PathProgramCache]: Analyzing trace with hash -2106872253, now seen corresponding path program 1 times [2023-11-06 22:08:35,826 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:08:35,827 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [375631426] [2023-11-06 22:08:35,827 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:08:35,827 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:08:35,849 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:36,028 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2023-11-06 22:08:36,031 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:36,039 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2023-11-06 22:08:36,055 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:36,072 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 8 [2023-11-06 22:08:36,074 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:36,077 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 46 [2023-11-06 22:08:36,081 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:36,104 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 2 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2023-11-06 22:08:36,104 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:08:36,105 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [375631426] [2023-11-06 22:08:36,105 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [375631426] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:08:36,106 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:08:36,106 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2023-11-06 22:08:36,107 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1839069422] [2023-11-06 22:08:36,108 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:08:36,110 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2023-11-06 22:08:36,111 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:08:36,111 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2023-11-06 22:08:36,112 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2023-11-06 22:08:36,112 INFO L87 Difference]: Start difference. First operand 126 states and 159 transitions. Second operand has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2023-11-06 22:08:36,444 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:08:36,444 INFO L93 Difference]: Finished difference Result 272 states and 345 transitions. [2023-11-06 22:08:36,445 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2023-11-06 22:08:36,445 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 54 [2023-11-06 22:08:36,447 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:08:36,453 INFO L225 Difference]: With dead ends: 272 [2023-11-06 22:08:36,453 INFO L226 Difference]: Without dead ends: 154 [2023-11-06 22:08:36,458 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 24 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 25 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=53, Invalid=157, Unknown=0, NotChecked=0, Total=210 [2023-11-06 22:08:36,460 INFO L413 NwaCegarLoop]: 83 mSDtfsCounter, 140 mSDsluCounter, 334 mSDsCounter, 0 mSdLazyCounter, 169 mSolverCounterSat, 30 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 146 SdHoareTripleChecker+Valid, 417 SdHoareTripleChecker+Invalid, 199 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 30 IncrementalHoareTripleChecker+Valid, 169 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2023-11-06 22:08:36,461 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [146 Valid, 417 Invalid, 199 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [30 Valid, 169 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2023-11-06 22:08:36,462 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 154 states. [2023-11-06 22:08:36,519 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 154 to 148. [2023-11-06 22:08:36,520 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 148 states, 116 states have (on average 1.2586206896551724) internal successors, (146), 124 states have internal predecessors, (146), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2023-11-06 22:08:36,523 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 148 states to 148 states and 185 transitions. [2023-11-06 22:08:36,524 INFO L78 Accepts]: Start accepts. Automaton has 148 states and 185 transitions. Word has length 54 [2023-11-06 22:08:36,526 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:08:36,526 INFO L495 AbstractCegarLoop]: Abstraction has 148 states and 185 transitions. [2023-11-06 22:08:36,526 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.428571428571429) internal successors, (45), 5 states have internal predecessors, (45), 2 states have call successors, (5), 2 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2023-11-06 22:08:36,531 INFO L276 IsEmpty]: Start isEmpty. Operand 148 states and 185 transitions. [2023-11-06 22:08:36,533 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2023-11-06 22:08:36,534 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:08:36,534 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:08:36,534 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2023-11-06 22:08:36,535 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:08:36,535 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:08:36,535 INFO L85 PathProgramCache]: Analyzing trace with hash 1055316791, now seen corresponding path program 1 times [2023-11-06 22:08:36,536 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:08:36,536 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2138732021] [2023-11-06 22:08:36,536 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:08:36,536 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:08:36,563 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:36,670 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2023-11-06 22:08:36,671 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:36,694 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2023-11-06 22:08:36,699 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:36,765 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2023-11-06 22:08:36,766 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:36,771 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2023-11-06 22:08:36,771 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:08:36,771 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2138732021] [2023-11-06 22:08:36,771 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2138732021] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:08:36,772 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:08:36,772 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2023-11-06 22:08:36,772 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1164062421] [2023-11-06 22:08:36,772 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:08:36,773 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2023-11-06 22:08:36,773 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:08:36,774 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2023-11-06 22:08:36,774 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2023-11-06 22:08:36,774 INFO L87 Difference]: Start difference. First operand 148 states and 185 transitions. Second operand has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2023-11-06 22:08:36,975 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:08:36,975 INFO L93 Difference]: Finished difference Result 298 states and 383 transitions. [2023-11-06 22:08:36,976 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2023-11-06 22:08:36,976 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 56 [2023-11-06 22:08:36,977 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:08:36,979 INFO L225 Difference]: With dead ends: 298 [2023-11-06 22:08:36,980 INFO L226 Difference]: Without dead ends: 158 [2023-11-06 22:08:36,981 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=29, Invalid=61, Unknown=0, NotChecked=0, Total=90 [2023-11-06 22:08:36,987 INFO L413 NwaCegarLoop]: 84 mSDtfsCounter, 66 mSDsluCounter, 276 mSDsCounter, 0 mSdLazyCounter, 124 mSolverCounterSat, 17 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 69 SdHoareTripleChecker+Valid, 360 SdHoareTripleChecker+Invalid, 141 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 17 IncrementalHoareTripleChecker+Valid, 124 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2023-11-06 22:08:36,990 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [69 Valid, 360 Invalid, 141 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [17 Valid, 124 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2023-11-06 22:08:36,993 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 158 states. [2023-11-06 22:08:37,042 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 158 to 151. [2023-11-06 22:08:37,043 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 151 states, 119 states have (on average 1.2521008403361344) internal successors, (149), 127 states have internal predecessors, (149), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2023-11-06 22:08:37,045 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 151 states to 151 states and 188 transitions. [2023-11-06 22:08:37,045 INFO L78 Accepts]: Start accepts. Automaton has 151 states and 188 transitions. Word has length 56 [2023-11-06 22:08:37,046 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:08:37,046 INFO L495 AbstractCegarLoop]: Abstraction has 151 states and 188 transitions. [2023-11-06 22:08:37,046 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 7.833333333333333) internal successors, (47), 5 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2023-11-06 22:08:37,046 INFO L276 IsEmpty]: Start isEmpty. Operand 151 states and 188 transitions. [2023-11-06 22:08:37,052 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2023-11-06 22:08:37,052 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:08:37,052 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:08:37,052 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2023-11-06 22:08:37,053 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:08:37,053 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:08:37,053 INFO L85 PathProgramCache]: Analyzing trace with hash -750121543, now seen corresponding path program 1 times [2023-11-06 22:08:37,053 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:08:37,054 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [737223513] [2023-11-06 22:08:37,054 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:08:37,055 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:08:37,077 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:37,180 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2023-11-06 22:08:37,186 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:37,192 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2023-11-06 22:08:37,199 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:37,239 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2023-11-06 22:08:37,241 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:37,244 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2023-11-06 22:08:37,244 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:08:37,245 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [737223513] [2023-11-06 22:08:37,247 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [737223513] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:08:37,247 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:08:37,247 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2023-11-06 22:08:37,247 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1160529631] [2023-11-06 22:08:37,248 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:08:37,249 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2023-11-06 22:08:37,249 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:08:37,250 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2023-11-06 22:08:37,250 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2023-11-06 22:08:37,250 INFO L87 Difference]: Start difference. First operand 151 states and 188 transitions. Second operand has 7 states, 7 states have (on average 6.714285714285714) internal successors, (47), 6 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2023-11-06 22:08:37,479 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:08:37,479 INFO L93 Difference]: Finished difference Result 304 states and 388 transitions. [2023-11-06 22:08:37,480 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2023-11-06 22:08:37,480 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 6.714285714285714) internal successors, (47), 6 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 56 [2023-11-06 22:08:37,482 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:08:37,484 INFO L225 Difference]: With dead ends: 304 [2023-11-06 22:08:37,484 INFO L226 Difference]: Without dead ends: 161 [2023-11-06 22:08:37,485 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 19 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=30, Invalid=80, Unknown=0, NotChecked=0, Total=110 [2023-11-06 22:08:37,491 INFO L413 NwaCegarLoop]: 83 mSDtfsCounter, 107 mSDsluCounter, 316 mSDsCounter, 0 mSdLazyCounter, 156 mSolverCounterSat, 22 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 111 SdHoareTripleChecker+Valid, 399 SdHoareTripleChecker+Invalid, 178 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 22 IncrementalHoareTripleChecker+Valid, 156 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2023-11-06 22:08:37,491 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [111 Valid, 399 Invalid, 178 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [22 Valid, 156 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2023-11-06 22:08:37,494 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 161 states. [2023-11-06 22:08:37,520 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 161 to 153. [2023-11-06 22:08:37,521 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 153 states, 121 states have (on average 1.2479338842975207) internal successors, (151), 129 states have internal predecessors, (151), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (23), 17 states have call predecessors, (23), 16 states have call successors, (23) [2023-11-06 22:08:37,523 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 153 states to 153 states and 190 transitions. [2023-11-06 22:08:37,524 INFO L78 Accepts]: Start accepts. Automaton has 153 states and 190 transitions. Word has length 56 [2023-11-06 22:08:37,524 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:08:37,524 INFO L495 AbstractCegarLoop]: Abstraction has 153 states and 190 transitions. [2023-11-06 22:08:37,525 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 6.714285714285714) internal successors, (47), 6 states have internal predecessors, (47), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2023-11-06 22:08:37,525 INFO L276 IsEmpty]: Start isEmpty. Operand 153 states and 190 transitions. [2023-11-06 22:08:37,527 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 57 [2023-11-06 22:08:37,527 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:08:37,528 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:08:37,528 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2023-11-06 22:08:37,528 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:08:37,528 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:08:37,529 INFO L85 PathProgramCache]: Analyzing trace with hash -609572933, now seen corresponding path program 1 times [2023-11-06 22:08:37,529 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:08:37,529 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2080260849] [2023-11-06 22:08:37,529 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:08:37,529 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:08:37,547 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:37,610 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 19 [2023-11-06 22:08:37,613 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:37,618 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 28 [2023-11-06 22:08:37,624 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:37,643 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 48 [2023-11-06 22:08:37,645 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:37,650 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2023-11-06 22:08:37,650 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:08:37,651 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2080260849] [2023-11-06 22:08:37,651 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2080260849] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:08:37,652 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:08:37,652 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2023-11-06 22:08:37,652 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [540587886] [2023-11-06 22:08:37,652 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:08:37,653 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2023-11-06 22:08:37,654 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:08:37,655 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2023-11-06 22:08:37,655 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2023-11-06 22:08:37,655 INFO L87 Difference]: Start difference. First operand 153 states and 190 transitions. Second operand has 5 states, 5 states have (on average 9.4) internal successors, (47), 4 states have internal predecessors, (47), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2023-11-06 22:08:37,909 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:08:37,909 INFO L93 Difference]: Finished difference Result 430 states and 556 transitions. [2023-11-06 22:08:37,909 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2023-11-06 22:08:37,910 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 9.4) internal successors, (47), 4 states have internal predecessors, (47), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 56 [2023-11-06 22:08:37,910 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:08:37,913 INFO L225 Difference]: With dead ends: 430 [2023-11-06 22:08:37,914 INFO L226 Difference]: Without dead ends: 285 [2023-11-06 22:08:37,915 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 10 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2023-11-06 22:08:37,916 INFO L413 NwaCegarLoop]: 125 mSDtfsCounter, 215 mSDsluCounter, 170 mSDsCounter, 0 mSdLazyCounter, 127 mSolverCounterSat, 62 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 222 SdHoareTripleChecker+Valid, 295 SdHoareTripleChecker+Invalid, 189 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 62 IncrementalHoareTripleChecker+Valid, 127 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2023-11-06 22:08:37,917 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [222 Valid, 295 Invalid, 189 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [62 Valid, 127 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2023-11-06 22:08:37,918 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 285 states. [2023-11-06 22:08:37,962 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 285 to 283. [2023-11-06 22:08:37,963 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 283 states, 219 states have (on average 1.2191780821917808) internal successors, (267), 231 states have internal predecessors, (267), 34 states have call successors, (34), 28 states have call predecessors, (34), 29 states have return successors, (53), 34 states have call predecessors, (53), 34 states have call successors, (53) [2023-11-06 22:08:37,968 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 283 states to 283 states and 354 transitions. [2023-11-06 22:08:37,968 INFO L78 Accepts]: Start accepts. Automaton has 283 states and 354 transitions. Word has length 56 [2023-11-06 22:08:37,968 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:08:37,969 INFO L495 AbstractCegarLoop]: Abstraction has 283 states and 354 transitions. [2023-11-06 22:08:37,969 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 9.4) internal successors, (47), 4 states have internal predecessors, (47), 2 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2023-11-06 22:08:37,969 INFO L276 IsEmpty]: Start isEmpty. Operand 283 states and 354 transitions. [2023-11-06 22:08:37,971 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2023-11-06 22:08:37,971 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:08:37,972 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:08:37,972 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2023-11-06 22:08:37,972 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:08:37,972 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:08:37,972 INFO L85 PathProgramCache]: Analyzing trace with hash 1449050389, now seen corresponding path program 1 times [2023-11-06 22:08:37,973 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:08:37,973 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2032549902] [2023-11-06 22:08:37,973 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:08:37,973 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:08:37,988 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:38,212 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2023-11-06 22:08:38,214 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:38,221 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 23 [2023-11-06 22:08:38,222 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:38,235 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 32 [2023-11-06 22:08:38,239 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:38,267 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 52 [2023-11-06 22:08:38,268 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:38,272 INFO L134 CoverageAnalysis]: Checked inductivity of 3 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2023-11-06 22:08:38,273 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:08:38,273 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2032549902] [2023-11-06 22:08:38,273 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2032549902] provided 1 perfect and 0 imperfect interpolant sequences [2023-11-06 22:08:38,273 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-11-06 22:08:38,273 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2023-11-06 22:08:38,274 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1813567525] [2023-11-06 22:08:38,274 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-11-06 22:08:38,275 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2023-11-06 22:08:38,275 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:08:38,276 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2023-11-06 22:08:38,276 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=70, Unknown=0, NotChecked=0, Total=90 [2023-11-06 22:08:38,277 INFO L87 Difference]: Start difference. First operand 283 states and 354 transitions. Second operand has 10 states, 10 states have (on average 4.9) internal successors, (49), 8 states have internal predecessors, (49), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2023-11-06 22:08:39,027 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:08:39,027 INFO L93 Difference]: Finished difference Result 748 states and 981 transitions. [2023-11-06 22:08:39,028 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2023-11-06 22:08:39,028 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 10 states have (on average 4.9) internal successors, (49), 8 states have internal predecessors, (49), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 60 [2023-11-06 22:08:39,030 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:08:39,034 INFO L225 Difference]: With dead ends: 748 [2023-11-06 22:08:39,035 INFO L226 Difference]: Without dead ends: 524 [2023-11-06 22:08:39,037 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 42 GetRequests, 11 SyntacticMatches, 0 SemanticMatches, 31 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 255 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=250, Invalid=806, Unknown=0, NotChecked=0, Total=1056 [2023-11-06 22:08:39,039 INFO L413 NwaCegarLoop]: 102 mSDtfsCounter, 644 mSDsluCounter, 436 mSDsCounter, 0 mSdLazyCounter, 416 mSolverCounterSat, 191 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 649 SdHoareTripleChecker+Valid, 538 SdHoareTripleChecker+Invalid, 607 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 191 IncrementalHoareTripleChecker+Valid, 416 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2023-11-06 22:08:39,040 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [649 Valid, 538 Invalid, 607 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [191 Valid, 416 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2023-11-06 22:08:39,041 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 524 states. [2023-11-06 22:08:39,132 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 524 to 440. [2023-11-06 22:08:39,134 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 440 states, 342 states have (on average 1.2076023391812865) internal successors, (413), 363 states have internal predecessors, (413), 51 states have call successors, (51), 39 states have call predecessors, (51), 46 states have return successors, (83), 52 states have call predecessors, (83), 51 states have call successors, (83) [2023-11-06 22:08:39,139 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 440 states to 440 states and 547 transitions. [2023-11-06 22:08:39,139 INFO L78 Accepts]: Start accepts. Automaton has 440 states and 547 transitions. Word has length 60 [2023-11-06 22:08:39,140 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:08:39,140 INFO L495 AbstractCegarLoop]: Abstraction has 440 states and 547 transitions. [2023-11-06 22:08:39,140 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 10 states have (on average 4.9) internal successors, (49), 8 states have internal predecessors, (49), 3 states have call successors, (5), 4 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2023-11-06 22:08:39,140 INFO L276 IsEmpty]: Start isEmpty. Operand 440 states and 547 transitions. [2023-11-06 22:08:39,142 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 103 [2023-11-06 22:08:39,142 INFO L187 NwaCegarLoop]: Found error trace [2023-11-06 22:08:39,142 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:08:39,143 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2023-11-06 22:08:39,143 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-11-06 22:08:39,143 INFO L145 PredicateUnifier]: Initialized classic predicate unifier [2023-11-06 22:08:39,143 INFO L85 PathProgramCache]: Analyzing trace with hash -1477759876, now seen corresponding path program 1 times [2023-11-06 22:08:39,144 INFO L118 FreeRefinementEngine]: Executing refinement strategy CAMEL [2023-11-06 22:08:39,144 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1706048419] [2023-11-06 22:08:39,144 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:08:39,144 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-11-06 22:08:39,177 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:39,343 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 12 [2023-11-06 22:08:39,345 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:39,359 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 21 [2023-11-06 22:08:39,365 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:39,390 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 1 [2023-11-06 22:08:39,391 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:39,402 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 10 [2023-11-06 22:08:39,406 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:39,432 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 66 [2023-11-06 22:08:39,433 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:39,454 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 82 [2023-11-06 22:08:39,455 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:39,457 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 2 [2023-11-06 22:08:39,458 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:39,460 INFO L376 atingTraceCheckCraig]: Compute interpolants for subsequence at non-pending call position 94 [2023-11-06 22:08:39,461 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:39,463 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 18 proven. 9 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2023-11-06 22:08:39,463 INFO L136 FreeRefinementEngine]: Strategy CAMEL found an infeasible trace [2023-11-06 22:08:39,464 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1706048419] [2023-11-06 22:08:39,464 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1706048419] provided 0 perfect and 1 imperfect interpolant sequences [2023-11-06 22:08:39,464 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [711012103] [2023-11-06 22:08:39,464 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-11-06 22:08:39,465 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-11-06 22:08:39,465 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_189815de-5ccd-4f72-9cd5-cb51eb849edf/bin/uautomizer-verify-WvqO1wxjHP/z3 [2023-11-06 22:08:39,468 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_189815de-5ccd-4f72-9cd5-cb51eb849edf/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-11-06 22:08:39,473 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_189815de-5ccd-4f72-9cd5-cb51eb849edf/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2023-11-06 22:08:39,591 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-11-06 22:08:39,621 INFO L262 TraceCheckSpWp]: Trace formula consists of 352 conjuncts, 8 conjunts are in the unsatisfiable core [2023-11-06 22:08:39,630 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-11-06 22:08:39,855 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 25 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2023-11-06 22:08:39,855 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2023-11-06 22:08:40,087 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 19 proven. 8 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2023-11-06 22:08:40,087 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [711012103] provided 0 perfect and 2 imperfect interpolant sequences [2023-11-06 22:08:40,087 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2023-11-06 22:08:40,087 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 6, 6] total 16 [2023-11-06 22:08:40,088 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2114965716] [2023-11-06 22:08:40,088 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2023-11-06 22:08:40,088 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 16 states [2023-11-06 22:08:40,089 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy CAMEL [2023-11-06 22:08:40,090 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 16 interpolants. [2023-11-06 22:08:40,091 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=38, Invalid=202, Unknown=0, NotChecked=0, Total=240 [2023-11-06 22:08:40,091 INFO L87 Difference]: Start difference. First operand 440 states and 547 transitions. Second operand has 16 states, 16 states have (on average 7.9375) internal successors, (127), 11 states have internal predecessors, (127), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) [2023-11-06 22:08:41,169 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-11-06 22:08:41,170 INFO L93 Difference]: Finished difference Result 907 states and 1154 transitions. [2023-11-06 22:08:41,170 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 29 states. [2023-11-06 22:08:41,171 INFO L78 Accepts]: Start accepts. Automaton has has 16 states, 16 states have (on average 7.9375) internal successors, (127), 11 states have internal predecessors, (127), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) Word has length 102 [2023-11-06 22:08:41,171 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-11-06 22:08:41,172 INFO L225 Difference]: With dead ends: 907 [2023-11-06 22:08:41,172 INFO L226 Difference]: Without dead ends: 0 [2023-11-06 22:08:41,175 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 266 GetRequests, 224 SyntacticMatches, 4 SemanticMatches, 38 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 352 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=275, Invalid=1285, Unknown=0, NotChecked=0, Total=1560 [2023-11-06 22:08:41,176 INFO L413 NwaCegarLoop]: 169 mSDtfsCounter, 454 mSDsluCounter, 953 mSDsCounter, 0 mSdLazyCounter, 861 mSolverCounterSat, 133 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 455 SdHoareTripleChecker+Valid, 1122 SdHoareTripleChecker+Invalid, 994 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 133 IncrementalHoareTripleChecker+Valid, 861 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2023-11-06 22:08:41,176 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [455 Valid, 1122 Invalid, 994 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [133 Valid, 861 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2023-11-06 22:08:41,177 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2023-11-06 22:08:41,177 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2023-11-06 22:08:41,177 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2023-11-06 22:08:41,178 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2023-11-06 22:08:41,178 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 102 [2023-11-06 22:08:41,178 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-11-06 22:08:41,178 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2023-11-06 22:08:41,179 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 16 states, 16 states have (on average 7.9375) internal successors, (127), 11 states have internal predecessors, (127), 5 states have call successors, (20), 7 states have call predecessors, (20), 6 states have return successors, (16), 7 states have call predecessors, (16), 5 states have call successors, (16) [2023-11-06 22:08:41,179 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2023-11-06 22:08:41,179 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2023-11-06 22:08:41,182 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2023-11-06 22:08:41,197 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_189815de-5ccd-4f72-9cd5-cb51eb849edf/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2023-11-06 22:08:41,388 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_189815de-5ccd-4f72-9cd5-cb51eb849edf/bin/uautomizer-verify-WvqO1wxjHP/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2023-11-06 22:08:41,390 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2023-11-06 22:08:46,383 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 790 796) no Hoare annotation was computed. [2023-11-06 22:08:46,383 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 790 796) the Hoare annotation is: true [2023-11-06 22:08:46,383 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(lines 84 95) the Hoare annotation is: true [2023-11-06 22:08:46,384 INFO L899 garLoopResultBuilder]: For program point L88-1(lines 84 95) no Hoare annotation was computed. [2023-11-06 22:08:46,384 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 84 95) no Hoare annotation was computed. [2023-11-06 22:08:46,384 INFO L899 garLoopResultBuilder]: For program point L64(lines 64 68) no Hoare annotation was computed. [2023-11-06 22:08:46,384 INFO L899 garLoopResultBuilder]: For program point L770-2(lines 766 788) no Hoare annotation was computed. [2023-11-06 22:08:46,384 INFO L899 garLoopResultBuilder]: For program point L832(lines 832 840) no Hoare annotation was computed. [2023-11-06 22:08:46,384 INFO L895 garLoopResultBuilder]: At program point L192(line 192) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= |old(~waterLevel~0)| 2))) (.cse3 (= ~pumpRunning~0 0)) (.cse8 (< |old(~pumpRunning~0)| 1)) (.cse2 (= 0 ~systemActive~0)) (.cse4 (< 2 |old(~waterLevel~0)|)) (.cse5 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (<= 1 ~switchedOnBeforeTS~0))) (and (or .cse0 .cse1 .cse2) (or .cse0 (and .cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse2 .cse4) (let ((.cse6 (= ~waterLevel~0 1))) (or (and .cse5 .cse6 .cse7) .cse1 .cse8 .cse2 (and .cse3 .cse6 .cse7))) (let ((.cse9 (<= ~waterLevel~0 2))) (or (< |old(~switchedOnBeforeTS~0)| 1) (and .cse3 .cse9 .cse7) .cse8 .cse2 .cse4 (and .cse5 .cse9 .cse7))))) [2023-11-06 22:08:46,385 INFO L899 garLoopResultBuilder]: For program point L192-1(line 192) no Hoare annotation was computed. [2023-11-06 22:08:46,385 INFO L895 garLoopResultBuilder]: At program point L64-2(lines 60 71) the Hoare annotation is: (let ((.cse1 (< 2 |old(~waterLevel~0)|)) (.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse2 (< |old(~pumpRunning~0)| 1)) (.cse0 (= 0 ~systemActive~0))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1) (or (< |old(~switchedOnBeforeTS~0)| 1) .cse2 .cse0 .cse1 (and .cse3 (<= ~waterLevel~0 2) .cse4)) (or (and .cse3 (= ~waterLevel~0 1) .cse4) (not (= |old(~waterLevel~0)| 2)) .cse2 .cse0))) [2023-11-06 22:08:46,385 INFO L899 garLoopResultBuilder]: For program point L828(lines 828 845) no Hoare annotation was computed. [2023-11-06 22:08:46,385 INFO L895 garLoopResultBuilder]: At program point isLowWaterSensorDry_returnLabel#1(lines 151 159) the Hoare annotation is: (let ((.cse1 (< 2 |old(~waterLevel~0)|)) (.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse2 (< |old(~pumpRunning~0)| 1)) (.cse0 (= 0 ~systemActive~0))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1) (or (< |old(~switchedOnBeforeTS~0)| 1) .cse2 .cse0 .cse1 (and .cse3 (<= ~waterLevel~0 2) .cse4)) (or (and .cse3 (= ~waterLevel~0 1) .cse4) (not (= |old(~waterLevel~0)| 2)) .cse2 .cse0))) [2023-11-06 22:08:46,385 INFO L899 garLoopResultBuilder]: For program point timeShiftFINAL(lines 763 789) no Hoare annotation was computed. [2023-11-06 22:08:46,386 INFO L895 garLoopResultBuilder]: At program point getWaterLevel_returnLabel#1(lines 128 136) the Hoare annotation is: (let ((.cse0 (= |old(~waterLevel~0)| 2))) (let ((.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (not .cse0)) (.cse2 (= ~pumpRunning~0 0)) (.cse9 (< |old(~pumpRunning~0)| 1)) (.cse3 (= 0 ~systemActive~0)) (.cse4 (< 2 |old(~waterLevel~0)|)) (.cse6 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse8 (<= 1 ~switchedOnBeforeTS~0))) (and (or (and (<= 1 ~pumpRunning~0) (= 2 ~waterLevel~0) .cse0) .cse1 (and .cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse3 .cse4) (or .cse1 (= 2 |timeShift_getWaterLevel_#res#1|) .cse5 .cse3) (let ((.cse7 (= ~waterLevel~0 1))) (or (and .cse6 .cse7 .cse8) .cse5 .cse9 .cse3 (and .cse2 .cse7 .cse8))) (let ((.cse10 (<= ~waterLevel~0 2))) (or (< |old(~switchedOnBeforeTS~0)| 1) (and .cse2 .cse10 .cse8) .cse9 .cse3 .cse4 (and .cse6 .cse10 .cse8)))))) [2023-11-06 22:08:46,386 INFO L895 garLoopResultBuilder]: At program point L177(line 177) the Hoare annotation is: (let ((.cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse3 (< 2 |old(~waterLevel~0)|)) (.cse5 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse0 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse4 (< |old(~pumpRunning~0)| 1)) (.cse2 (= 0 ~systemActive~0))) (and (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse3) (or (< |old(~switchedOnBeforeTS~0)| 1) .cse4 .cse2 (and .cse5 .cse0 .cse1) .cse3) (or (and .cse5 (= 2 ~waterLevel~0) .cse0) (not (= |old(~waterLevel~0)| 2)) .cse4 .cse2))) [2023-11-06 22:08:46,386 INFO L899 garLoopResultBuilder]: For program point L177-1(line 177) no Hoare annotation was computed. [2023-11-06 22:08:46,386 INFO L899 garLoopResultBuilder]: For program point L685(line 685) no Hoare annotation was computed. [2023-11-06 22:08:46,386 INFO L895 garLoopResultBuilder]: At program point L838(line 838) the Hoare annotation is: (let ((.cse1 (< 2 |old(~waterLevel~0)|)) (.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse2 (< |old(~pumpRunning~0)| 1)) (.cse0 (= 0 ~systemActive~0))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1) (or (< |old(~switchedOnBeforeTS~0)| 1) .cse2 .cse0 .cse1 (and .cse3 (<= ~waterLevel~0 2) .cse4)) (or (and .cse3 (= ~waterLevel~0 1) .cse4) (not (= |old(~waterLevel~0)| 2)) .cse2 .cse0))) [2023-11-06 22:08:46,386 INFO L899 garLoopResultBuilder]: For program point L194(lines 194 204) no Hoare annotation was computed. [2023-11-06 22:08:46,387 INFO L899 garLoopResultBuilder]: For program point L190(lines 190 207) no Hoare annotation was computed. [2023-11-06 22:08:46,387 INFO L895 garLoopResultBuilder]: At program point L190-1(lines 182 210) the Hoare annotation is: (let ((.cse3 (= 0 ~systemActive~0)) (.cse0 (= |old(~waterLevel~0)| 2))) (let ((.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse9 (not .cse0)) (.cse2 (= ~pumpRunning~0 0)) (.cse7 (not .cse3)) (.cse10 (< |old(~pumpRunning~0)| 1)) (.cse4 (< 2 |old(~waterLevel~0)|)) (.cse8 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse6 (<= 1 ~switchedOnBeforeTS~0))) (and (or (and (<= 1 ~pumpRunning~0) (= 2 ~waterLevel~0) .cse0) .cse1 (and .cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse3 .cse4) (let ((.cse5 (= ~waterLevel~0 1))) (or (and .cse2 .cse5 .cse6 .cse7) (and .cse8 .cse5 .cse6) .cse9 .cse10 .cse3)) (or .cse1 (and (= 2 |timeShift_getWaterLevel_#res#1|) (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| 2)) .cse9 .cse3) (let ((.cse11 (<= ~waterLevel~0 2))) (or (< |old(~switchedOnBeforeTS~0)| 1) (and .cse2 .cse11 .cse6 .cse7) .cse10 .cse3 .cse4 (and .cse8 .cse11 .cse6)))))) [2023-11-06 22:08:46,387 INFO L895 garLoopResultBuilder]: At program point L843(line 843) the Hoare annotation is: (let ((.cse1 (< 2 |old(~waterLevel~0)|)) (.cse2 (< |old(~pumpRunning~0)| 1)) (.cse0 (= 0 ~systemActive~0))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse0 .cse1) (or (< |old(~switchedOnBeforeTS~0)| 1) .cse2 .cse0 .cse1) (or (not (= |old(~waterLevel~0)| 2)) .cse2 .cse0))) [2023-11-06 22:08:46,387 INFO L895 garLoopResultBuilder]: At program point L843-1(lines 824 848) the Hoare annotation is: (let ((.cse0 (= |old(~waterLevel~0)| 2)) (.cse1 (= ~pumpRunning~0 0)) (.cse7 (< |old(~pumpRunning~0)| 1)) (.cse2 (= 0 ~systemActive~0)) (.cse3 (< 2 |old(~waterLevel~0)|)) (.cse4 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse6 (<= 1 ~switchedOnBeforeTS~0))) (and (or (and (<= 1 ~pumpRunning~0) (= 2 ~waterLevel~0) .cse0) (not (= |old(~pumpRunning~0)| 0)) (and .cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse2 .cse3) (let ((.cse5 (= ~waterLevel~0 1))) (or (and .cse4 .cse5 .cse6) (not .cse0) .cse7 .cse2 (and .cse1 .cse5 .cse6))) (let ((.cse8 (<= ~waterLevel~0 2))) (or (< |old(~switchedOnBeforeTS~0)| 1) (and .cse1 .cse8 .cse6) .cse7 .cse2 .cse3 (and .cse4 .cse8 .cse6))))) [2023-11-06 22:08:46,388 INFO L895 garLoopResultBuilder]: At program point __automaton_fail_returnLabel#1(lines 681 688) the Hoare annotation is: (let ((.cse1 (< 2 |old(~waterLevel~0)|)) (.cse2 (< |old(~pumpRunning~0)| 1)) (.cse0 (= 0 ~systemActive~0))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1) (or (< |old(~switchedOnBeforeTS~0)| 1) .cse2 .cse0 .cse1) (or (not (= |old(~waterLevel~0)| 2)) .cse2 .cse0))) [2023-11-06 22:08:46,388 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 763 789) the Hoare annotation is: (let ((.cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse3 (< 2 |old(~waterLevel~0)|)) (.cse5 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse0 (= ~switchedOnBeforeTS~0 |old(~switchedOnBeforeTS~0)|)) (.cse4 (< |old(~pumpRunning~0)| 1)) (.cse2 (= 0 ~systemActive~0))) (and (or (and (= ~pumpRunning~0 0) .cse0 .cse1) (not (= |old(~pumpRunning~0)| 0)) .cse2 .cse3) (or (< |old(~switchedOnBeforeTS~0)| 1) .cse4 .cse2 (and .cse5 .cse0 .cse1) .cse3) (or (and .cse5 (= 2 ~waterLevel~0) .cse0) (not (= |old(~waterLevel~0)| 2)) .cse4 .cse2))) [2023-11-06 22:08:46,388 INFO L899 garLoopResultBuilder]: For program point L777-1(lines 777 783) no Hoare annotation was computed. [2023-11-06 22:08:46,388 INFO L899 garLoopResultBuilder]: For program point L967(lines 967 971) no Hoare annotation was computed. [2023-11-06 22:08:46,388 INFO L899 garLoopResultBuilder]: For program point L967-2(lines 967 971) no Hoare annotation was computed. [2023-11-06 22:08:46,388 INFO L899 garLoopResultBuilder]: For program point L195(lines 195 201) no Hoare annotation was computed. [2023-11-06 22:08:46,389 INFO L895 garLoopResultBuilder]: At program point deactivatePump_returnLabel#1(lines 875 882) the Hoare annotation is: (let ((.cse3 (= ~pumpRunning~0 0)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse2 (< |old(~pumpRunning~0)| 1)) (.cse0 (= 0 ~systemActive~0)) (.cse1 (< 2 |old(~waterLevel~0)|))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1) (or (not (= |old(~waterLevel~0)| 2)) .cse2 .cse0 (and .cse3 (= ~waterLevel~0 1) .cse4)) (or (< |old(~switchedOnBeforeTS~0)| 1) (and .cse3 (<= ~waterLevel~0 2) .cse4) .cse2 .cse0 .cse1))) [2023-11-06 22:08:46,389 INFO L895 garLoopResultBuilder]: At program point isLowWaterLevel_returnLabel#1(lines 958 976) the Hoare annotation is: (let ((.cse1 (< 2 |old(~waterLevel~0)|)) (.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse2 (< |old(~pumpRunning~0)| 1)) (.cse0 (= 0 ~systemActive~0))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1) (or (< |old(~switchedOnBeforeTS~0)| 1) .cse2 .cse0 .cse1 (and .cse3 (<= ~waterLevel~0 2) .cse4)) (or (and .cse3 (= ~waterLevel~0 1) .cse4) (not (= |old(~waterLevel~0)| 2)) .cse2 .cse0))) [2023-11-06 22:08:46,389 INFO L895 garLoopResultBuilder]: At program point __utac_acc__Specification5_spec__2_returnLabel#1(lines 172 181) the Hoare annotation is: (let ((.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse0 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse5 (< |old(~pumpRunning~0)| 1)) (.cse1 (= 0 ~systemActive~0)) (.cse2 (< 2 |old(~waterLevel~0)|))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) .cse0) .cse1 .cse2) (or (and .cse3 (= 2 ~waterLevel~0) .cse4) (not (= |old(~waterLevel~0)| 2)) .cse5 .cse1) (or (and .cse3 .cse0 .cse4) (< |old(~switchedOnBeforeTS~0)| 1) .cse5 .cse1 .cse2))) [2023-11-06 22:08:46,389 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 763 789) no Hoare annotation was computed. [2023-11-06 22:08:46,389 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 685) no Hoare annotation was computed. [2023-11-06 22:08:46,389 INFO L899 garLoopResultBuilder]: For program point L770(lines 770 776) no Hoare annotation was computed. [2023-11-06 22:08:46,390 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 580 609) no Hoare annotation was computed. [2023-11-06 22:08:46,390 INFO L902 garLoopResultBuilder]: At program point L605(lines 580 609) the Hoare annotation is: true [2023-11-06 22:08:46,390 INFO L899 garLoopResultBuilder]: For program point L601(line 601) no Hoare annotation was computed. [2023-11-06 22:08:46,390 INFO L899 garLoopResultBuilder]: For program point L594(lines 594 598) no Hoare annotation was computed. [2023-11-06 22:08:46,390 INFO L902 garLoopResultBuilder]: At program point L594-1(lines 594 598) the Hoare annotation is: true [2023-11-06 22:08:46,390 INFO L899 garLoopResultBuilder]: For program point L591(line 591) no Hoare annotation was computed. [2023-11-06 22:08:46,390 INFO L902 garLoopResultBuilder]: At program point L590-2(lines 590 604) the Hoare annotation is: true [2023-11-06 22:08:46,390 INFO L902 garLoopResultBuilder]: At program point L586(line 586) the Hoare annotation is: true [2023-11-06 22:08:46,391 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(lines 580 609) the Hoare annotation is: true [2023-11-06 22:08:46,391 INFO L899 garLoopResultBuilder]: For program point L586-1(line 586) no Hoare annotation was computed. [2023-11-06 22:08:46,391 INFO L895 garLoopResultBuilder]: At program point startSystem_returnLabel#1(lines 977 984) the Hoare annotation is: (let ((.cse5 (<= 1 ~pumpRunning~0)) (.cse0 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse1 (= |ULTIMATE.start_main_~tmp~4#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2)) (.cse4 (not (= 0 ~systemActive~0)))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse5 (= 2 ~waterLevel~0) .cse0 .cse1 .cse2 .cse4) (and .cse5 .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0) .cse4))) [2023-11-06 22:08:46,391 INFO L899 garLoopResultBuilder]: For program point L667(lines 667 674) no Hoare annotation was computed. [2023-11-06 22:08:46,391 INFO L899 garLoopResultBuilder]: For program point L667-2(lines 667 674) no Hoare annotation was computed. [2023-11-06 22:08:46,391 INFO L899 garLoopResultBuilder]: For program point L721(lines 721 727) no Hoare annotation was computed. [2023-11-06 22:08:46,392 INFO L899 garLoopResultBuilder]: For program point L721-1(lines 721 727) no Hoare annotation was computed. [2023-11-06 22:08:46,392 INFO L902 garLoopResultBuilder]: At program point runTest_returnLabel#1(lines 643 653) the Hoare annotation is: true [2023-11-06 22:08:46,392 INFO L895 garLoopResultBuilder]: At program point L746(lines 701 748) the Hoare annotation is: (let ((.cse5 (<= 1 ~pumpRunning~0)) (.cse0 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse1 (= |ULTIMATE.start_main_~tmp~4#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2)) (.cse4 (not (= 0 ~systemActive~0)))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse5 (= 2 ~waterLevel~0) .cse0 .cse1 .cse2 .cse4) (and .cse5 .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0) .cse4))) [2023-11-06 22:08:46,392 INFO L895 garLoopResultBuilder]: At program point select_features_returnLabel#1(lines 997 1003) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2023-11-06 22:08:46,392 INFO L895 garLoopResultBuilder]: At program point L713(line 713) the Hoare annotation is: (let ((.cse5 (<= 1 ~pumpRunning~0)) (.cse0 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse1 (= |ULTIMATE.start_main_~tmp~4#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2)) (.cse4 (not (= 0 ~systemActive~0)))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse5 (= 2 ~waterLevel~0) .cse0 .cse1 .cse2 .cse4) (and .cse5 .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0) .cse4))) [2023-11-06 22:08:46,392 INFO L902 garLoopResultBuilder]: At program point main_returnLabel#1(lines 657 679) the Hoare annotation is: true [2023-11-06 22:08:46,393 INFO L899 garLoopResultBuilder]: For program point L-1(line -1) no Hoare annotation was computed. [2023-11-06 22:08:46,393 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startFINAL(line -1) no Hoare annotation was computed. [2023-11-06 22:08:46,393 INFO L895 garLoopResultBuilder]: At program point setup_returnLabel#1(lines 635 641) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_valid_product_#res#1| 1) (= |ULTIMATE.start_main_~tmp~4#1| 1) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2023-11-06 22:08:46,393 INFO L899 garLoopResultBuilder]: For program point L739(lines 739 743) no Hoare annotation was computed. [2023-11-06 22:08:46,393 INFO L895 garLoopResultBuilder]: At program point L739-2(lines 731 744) the Hoare annotation is: (let ((.cse5 (<= 1 ~pumpRunning~0)) (.cse0 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse1 (= |ULTIMATE.start_main_~tmp~4#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2)) (.cse4 (not (= 0 ~systemActive~0)))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse5 (= 2 ~waterLevel~0) .cse0 .cse1 .cse2 .cse4) (and .cse5 .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0) .cse4))) [2023-11-06 22:08:46,394 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2023-11-06 22:08:46,394 INFO L899 garLoopResultBuilder]: For program point L702(lines 701 748) no Hoare annotation was computed. [2023-11-06 22:08:46,394 INFO L899 garLoopResultBuilder]: For program point L731(lines 731 744) no Hoare annotation was computed. [2023-11-06 22:08:46,394 INFO L895 garLoopResultBuilder]: At program point __utac_acc__Specification5_spec__1_returnLabel#1(lines 164 171) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_valid_product_#res#1| 1) (= |ULTIMATE.start_main_~tmp~4#1| 1) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2023-11-06 22:08:46,394 INFO L895 garLoopResultBuilder]: At program point L723(line 723) the Hoare annotation is: (let ((.cse5 (<= 1 ~pumpRunning~0)) (.cse0 (= |ULTIMATE.start_valid_product_#res#1| 1)) (.cse1 (= |ULTIMATE.start_main_~tmp~4#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= ~waterLevel~0 2)) (.cse4 (not (= 0 ~systemActive~0)))) (or (and (= ~pumpRunning~0 0) .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse5 (= 2 ~waterLevel~0) .cse0 .cse1 .cse2 .cse4) (and .cse5 .cse0 .cse1 .cse2 .cse3 (<= 1 ~switchedOnBeforeTS~0) .cse4))) [2023-11-06 22:08:46,394 INFO L902 garLoopResultBuilder]: At program point L752(lines 691 756) the Hoare annotation is: true [2023-11-06 22:08:46,395 INFO L899 garLoopResultBuilder]: For program point $Ultimate##0(line -1) no Hoare annotation was computed. [2023-11-06 22:08:46,395 INFO L895 garLoopResultBuilder]: At program point select_helpers_returnLabel#1(lines 1004 1010) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2023-11-06 22:08:46,395 INFO L899 garLoopResultBuilder]: For program point L711(lines 711 717) no Hoare annotation was computed. [2023-11-06 22:08:46,395 INFO L899 garLoopResultBuilder]: For program point L711-1(lines 711 717) no Hoare annotation was computed. [2023-11-06 22:08:46,395 INFO L899 garLoopResultBuilder]: For program point L703(lines 703 707) no Hoare annotation was computed. [2023-11-06 22:08:46,396 INFO L895 garLoopResultBuilder]: At program point L749(lines 700 750) the Hoare annotation is: false [2023-11-06 22:08:46,396 INFO L895 garLoopResultBuilder]: At program point valid_product_returnLabel#1(lines 1011 1019) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_valid_product_#res#1| 1) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2023-11-06 22:08:46,396 INFO L899 garLoopResultBuilder]: For program point L865(lines 865 871) no Hoare annotation was computed. [2023-11-06 22:08:46,396 INFO L895 garLoopResultBuilder]: At program point L865-2(lines 858 874) the Hoare annotation is: (let ((.cse0 (< 2 ~waterLevel~0)) (.cse1 (= 0 ~systemActive~0))) (and (or .cse0 (< ~switchedOnBeforeTS~0 1) (< |old(~pumpRunning~0)| 1) .cse1) (let ((.cse2 (= 2 ~waterLevel~0))) (or .cse0 (not (= |old(~pumpRunning~0)| 0)) (and (<= 1 ~pumpRunning~0) .cse2) (and (= ~pumpRunning~0 0) .cse2) .cse1)))) [2023-11-06 22:08:46,396 INFO L899 garLoopResultBuilder]: For program point L948(lines 948 952) no Hoare annotation was computed. [2023-11-06 22:08:46,396 INFO L899 garLoopResultBuilder]: For program point L948-2(lines 948 952) no Hoare annotation was computed. [2023-11-06 22:08:46,397 INFO L899 garLoopResultBuilder]: For program point L141(lines 141 147) no Hoare annotation was computed. [2023-11-06 22:08:46,397 INFO L895 garLoopResultBuilder]: At program point L812(line 812) the Hoare annotation is: (let ((.cse0 (< 2 ~waterLevel~0)) (.cse1 (= 0 ~systemActive~0))) (and (or .cse0 (< ~switchedOnBeforeTS~0 1) (< |old(~pumpRunning~0)| 1) .cse1) (or (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~6#1| 0)) .cse0 (not (= |old(~pumpRunning~0)| 0)) .cse1))) [2023-11-06 22:08:46,397 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 798 822) the Hoare annotation is: (let ((.cse0 (< 2 ~waterLevel~0)) (.cse1 (= 0 ~systemActive~0))) (and (or .cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|) (< ~switchedOnBeforeTS~0 1) (< |old(~pumpRunning~0)| 1) .cse1) (or .cse0 (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) .cse1))) [2023-11-06 22:08:46,397 INFO L899 garLoopResultBuilder]: For program point L806(lines 806 814) no Hoare annotation was computed. [2023-11-06 22:08:46,397 INFO L899 garLoopResultBuilder]: For program point L802(lines 802 819) no Hoare annotation was computed. [2023-11-06 22:08:46,398 INFO L895 garLoopResultBuilder]: At program point isHighWaterSensorDry_returnLabel#1(lines 137 150) the Hoare annotation is: (let ((.cse0 (< 2 ~waterLevel~0)) (.cse1 (= 0 ~systemActive~0))) (and (or .cse0 (< ~switchedOnBeforeTS~0 1) (< |old(~pumpRunning~0)| 1) .cse1) (let ((.cse2 (= ~pumpRunning~0 0))) (or .cse0 (not (= |old(~pumpRunning~0)| 0)) (and .cse2 (not (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1| 0))) (and .cse2 (= 2 ~waterLevel~0)) .cse1)))) [2023-11-06 22:08:46,398 INFO L895 garLoopResultBuilder]: At program point isHighWaterLevel_returnLabel#1(lines 939 957) the Hoare annotation is: (let ((.cse0 (< 2 ~waterLevel~0)) (.cse2 (= 0 ~systemActive~0))) (and (let ((.cse1 (= ~pumpRunning~0 0))) (or .cse0 (not (= |old(~pumpRunning~0)| 0)) (and .cse1 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp___0~2#1| 0) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1| 0) (not (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp~9#1| 0))) (and .cse1 (= 2 ~waterLevel~0)) .cse2)) (or .cse0 (< ~switchedOnBeforeTS~0 1) (< |old(~pumpRunning~0)| 1) .cse2))) [2023-11-06 22:08:46,398 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 798 822) no Hoare annotation was computed. [2023-11-06 22:08:46,398 INFO L895 garLoopResultBuilder]: At program point L817(line 817) the Hoare annotation is: (let ((.cse0 (< 2 ~waterLevel~0)) (.cse1 (= 0 ~systemActive~0))) (and (or .cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|) (< ~switchedOnBeforeTS~0 1) (< |old(~pumpRunning~0)| 1) .cse1) (or .cse0 (not (= |old(~pumpRunning~0)| 0)) .cse1))) [2023-11-06 22:08:46,398 INFO L899 garLoopResultBuilder]: For program point L817-1(lines 798 822) no Hoare annotation was computed. [2023-11-06 22:08:46,399 INFO L895 garLoopResultBuilder]: At program point isMethaneLevelCritical_returnLabel#1(lines 96 104) the Hoare annotation is: (let ((.cse0 (< 2 ~waterLevel~0)) (.cse1 (= 0 ~systemActive~0))) (and (or .cse0 (< ~switchedOnBeforeTS~0 1) (< |old(~pumpRunning~0)| 1) .cse1) (or .cse0 (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) (= 2 ~waterLevel~0)) .cse1))) [2023-11-06 22:08:46,399 INFO L895 garLoopResultBuilder]: At program point isMethaneAlarm_returnLabel#1(lines 883 893) the Hoare annotation is: (let ((.cse0 (< 2 ~waterLevel~0)) (.cse1 (= 0 ~systemActive~0))) (and (or .cse0 (< ~switchedOnBeforeTS~0 1) (< |old(~pumpRunning~0)| 1) .cse1) (or .cse0 (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) (= 2 ~waterLevel~0)) .cse1))) [2023-11-06 22:08:46,399 INFO L895 garLoopResultBuilder]: At program point activatePump__wrappee__lowWaterSensor_returnLabel#1(lines 849 856) the Hoare annotation is: (let ((.cse0 (< 2 ~waterLevel~0)) (.cse1 (= 0 ~systemActive~0))) (and (or .cse0 (< ~switchedOnBeforeTS~0 1) (< |old(~pumpRunning~0)| 1) .cse1) (or .cse0 (not (= |old(~pumpRunning~0)| 0)) (and (<= 1 ~pumpRunning~0) (= 2 ~waterLevel~0)) .cse1))) [2023-11-06 22:08:46,399 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 72 83) no Hoare annotation was computed. [2023-11-06 22:08:46,399 INFO L899 garLoopResultBuilder]: For program point L76-1(lines 72 83) no Hoare annotation was computed. [2023-11-06 22:08:46,399 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 72 83) the Hoare annotation is: (let ((.cse0 (< ~pumpRunning~0 1)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse2 (= 0 ~systemActive~0)) (.cse3 (< 2 |old(~waterLevel~0)|))) (and (or .cse0 (< ~switchedOnBeforeTS~0 1) .cse1 .cse2 .cse3) (or .cse0 (= 2 ~waterLevel~0) (not (= |old(~waterLevel~0)| 2)) .cse2) (or (not (= ~pumpRunning~0 0)) .cse1 .cse2 .cse3))) [2023-11-06 22:08:46,400 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 894 902) no Hoare annotation was computed. [2023-11-06 22:08:46,400 INFO L899 garLoopResultBuilder]: For program point isPumpRunningFINAL(lines 894 902) no Hoare annotation was computed. [2023-11-06 22:08:46,400 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(lines 894 902) the Hoare annotation is: true [2023-11-06 22:08:46,402 INFO L445 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-11-06 22:08:46,405 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2023-11-06 22:08:46,472 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 06.11 10:08:46 BoogieIcfgContainer [2023-11-06 22:08:46,485 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2023-11-06 22:08:46,488 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2023-11-06 22:08:46,488 INFO L270 PluginConnector]: Initializing Witness Printer... [2023-11-06 22:08:46,488 INFO L274 PluginConnector]: Witness Printer initialized [2023-11-06 22:08:46,488 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 06.11 10:08:34" (3/4) ... [2023-11-06 22:08:46,490 INFO L137 WitnessPrinter]: Generating witness for correct program [2023-11-06 22:08:46,494 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2023-11-06 22:08:46,496 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2023-11-06 22:08:46,496 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2023-11-06 22:08:46,496 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2023-11-06 22:08:46,496 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2023-11-06 22:08:46,497 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2023-11-06 22:08:46,497 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2023-11-06 22:08:46,506 INFO L939 BoogieBacktranslator]: Reduced CFG by removing 18 nodes and edges [2023-11-06 22:08:46,509 INFO L939 BoogieBacktranslator]: Reduced CFG by removing 7 nodes and edges [2023-11-06 22:08:46,510 INFO L939 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2023-11-06 22:08:46,510 INFO L939 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2023-11-06 22:08:46,511 INFO L939 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2023-11-06 22:08:46,541 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((pumpRunning == 0) && (\result == 1)) && (waterLevel == 1)) && !((0 == systemActive))) [2023-11-06 22:08:46,542 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((pumpRunning == 0) && (\result == 1)) && (tmp == 1)) && (waterLevel == 1)) && !((0 == systemActive))) [2023-11-06 22:08:46,542 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((pumpRunning == 0) && (\result == 1)) && (tmp == 1)) && (waterLevel == 1)) && !((0 == systemActive))) [2023-11-06 22:08:46,542 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((pumpRunning == 0) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && !((0 == systemActive))) || ((((((1 <= pumpRunning) && (2 == waterLevel)) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && !((0 == systemActive)))) || (((((((1 <= pumpRunning) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && !((0 == systemActive)))) [2023-11-06 22:08:46,544 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!((\old(pumpRunning) == 0)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) || (0 == systemActive)) || (2 < \old(waterLevel))) && ((((((pumpRunning == \old(pumpRunning)) && (2 == waterLevel)) && (1 <= switchedOnBeforeTS)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (0 == systemActive))) && (((((((pumpRunning == \old(pumpRunning)) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS)) || (\old(switchedOnBeforeTS) < 1)) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (2 < \old(waterLevel)))) [2023-11-06 22:08:46,545 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!((\old(pumpRunning) == 0)) || (0 == systemActive)) || (2 < \old(waterLevel))) && (((((\old(switchedOnBeforeTS) < 1) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (2 < \old(waterLevel))) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((((pumpRunning == \old(pumpRunning)) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (0 == systemActive))) [2023-11-06 22:08:46,546 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || !((\old(pumpRunning) == 0))) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) || (0 == systemActive)) || (2 < \old(waterLevel))) && ((((((((pumpRunning == 0) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)) && !((0 == systemActive))) || (((pumpRunning == \old(pumpRunning)) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS))) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (0 == systemActive))) && (((!((\old(pumpRunning) == 0)) || ((2 == \result) && (tmp == 2))) || !((\old(waterLevel) == 2))) || (0 == systemActive))) && ((((((\old(switchedOnBeforeTS) < 1) || ((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && !((0 == systemActive)))) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (2 < \old(waterLevel))) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) [2023-11-06 22:08:46,547 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((pumpRunning == 0) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && !((0 == systemActive))) || ((((((1 <= pumpRunning) && (2 == waterLevel)) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && !((0 == systemActive)))) || (((((((1 <= pumpRunning) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && !((0 == systemActive)))) [2023-11-06 22:08:46,547 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || !((\old(pumpRunning) == 0))) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) || (0 == systemActive)) || (2 < \old(waterLevel))) && (((((((pumpRunning == \old(pumpRunning)) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (((pumpRunning == 0) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)))) && ((((((\old(switchedOnBeforeTS) < 1) || (((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (2 < \old(waterLevel))) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) [2023-11-06 22:08:46,547 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!((\old(pumpRunning) == 0)) || (0 == systemActive)) || (2 < \old(waterLevel))) && ((((\old(switchedOnBeforeTS) < 1) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (2 < \old(waterLevel)))) && ((!((\old(waterLevel) == 2)) || (\old(pumpRunning) < 1)) || (0 == systemActive))) [2023-11-06 22:08:46,548 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || !((\old(pumpRunning) == 0))) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) || (0 == systemActive)) || (2 < \old(waterLevel))) && (((!((\old(pumpRunning) == 0)) || (2 == \result)) || !((\old(waterLevel) == 2))) || (0 == systemActive))) && (((((((pumpRunning == \old(pumpRunning)) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (((pumpRunning == 0) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)))) && ((((((\old(switchedOnBeforeTS) < 1) || (((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (2 < \old(waterLevel))) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) [2023-11-06 22:08:46,549 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!((\old(pumpRunning) == 0)) || (0 == systemActive)) || (2 < \old(waterLevel))) && (((((\old(switchedOnBeforeTS) < 1) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (2 < \old(waterLevel))) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((((pumpRunning == \old(pumpRunning)) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (0 == systemActive))) [2023-11-06 22:08:46,549 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((2 < waterLevel) || (switchedOnBeforeTS < 1)) || (\old(pumpRunning) < 1)) || (0 == systemActive)) && (((((2 < waterLevel) || !((\old(pumpRunning) == 0))) || ((pumpRunning == 0) && !((\result == 0)))) || ((pumpRunning == 0) && (2 == waterLevel))) || (0 == systemActive))) [2023-11-06 22:08:46,550 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!((\old(pumpRunning) == 0)) || (0 == systemActive)) || (2 < \old(waterLevel))) && (((((\old(switchedOnBeforeTS) < 1) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (2 < \old(waterLevel))) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((((pumpRunning == \old(pumpRunning)) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (0 == systemActive))) [2023-11-06 22:08:46,550 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((2 < waterLevel) || !((\old(pumpRunning) == 0))) || ((((pumpRunning == 0) && (tmp___0 == 0)) && (\result == 0)) && !((tmp == 0)))) || ((pumpRunning == 0) && (2 == waterLevel))) || (0 == systemActive)) && ((((2 < waterLevel) || (switchedOnBeforeTS < 1)) || (\old(pumpRunning) < 1)) || (0 == systemActive))) [2023-11-06 22:08:46,554 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!((\old(pumpRunning) == 0)) || (0 == systemActive)) || (2 < \old(waterLevel))) && (((!((\old(waterLevel) == 2)) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (((pumpRunning == 0) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)))) && (((((\old(switchedOnBeforeTS) < 1) || (((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (2 < \old(waterLevel)))) [2023-11-06 22:08:46,555 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((2 < waterLevel) || (switchedOnBeforeTS < 1)) || (\old(pumpRunning) < 1)) || (0 == systemActive)) && ((((2 < waterLevel) || !((\old(pumpRunning) == 0))) || ((pumpRunning == 0) && (2 == waterLevel))) || (0 == systemActive))) [2023-11-06 22:08:46,558 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((2 < waterLevel) || (switchedOnBeforeTS < 1)) || (\old(pumpRunning) < 1)) || (0 == systemActive)) && ((((2 < waterLevel) || !((\old(pumpRunning) == 0))) || ((pumpRunning == 0) && (2 == waterLevel))) || (0 == systemActive))) [2023-11-06 22:08:46,558 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((2 < waterLevel) || (switchedOnBeforeTS < 1)) || (\old(pumpRunning) < 1)) || (0 == systemActive)) && (((((2 < waterLevel) || !((\old(pumpRunning) == 0))) || ((1 <= pumpRunning) && (2 == waterLevel))) || ((pumpRunning == 0) && (2 == waterLevel))) || (0 == systemActive))) [2023-11-06 22:08:46,559 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((2 < waterLevel) || (switchedOnBeforeTS < 1)) || (\old(pumpRunning) < 1)) || (0 == systemActive)) && ((((2 < waterLevel) || !((\old(pumpRunning) == 0))) || ((1 <= pumpRunning) && (2 == waterLevel))) || (0 == systemActive))) [2023-11-06 22:08:46,599 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((pumpRunning == 0) && (\result == 1)) && (waterLevel == 1)) && !((0 == systemActive))) [2023-11-06 22:08:46,600 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((pumpRunning == 0) && (\result == 1)) && (tmp == 1)) && (waterLevel == 1)) && !((0 == systemActive))) [2023-11-06 22:08:46,600 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((pumpRunning == 0) && (\result == 1)) && (tmp == 1)) && (waterLevel == 1)) && !((0 == systemActive))) [2023-11-06 22:08:46,600 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((pumpRunning == 0) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && !((0 == systemActive))) || ((((((1 <= pumpRunning) && (2 == waterLevel)) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && !((0 == systemActive)))) || (((((((1 <= pumpRunning) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && !((0 == systemActive)))) [2023-11-06 22:08:46,601 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!((\old(pumpRunning) == 0)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) || (0 == systemActive)) || (2 < \old(waterLevel))) && ((((((pumpRunning == \old(pumpRunning)) && (2 == waterLevel)) && (1 <= switchedOnBeforeTS)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (0 == systemActive))) && (((((((pumpRunning == \old(pumpRunning)) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS)) || (\old(switchedOnBeforeTS) < 1)) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (2 < \old(waterLevel)))) [2023-11-06 22:08:46,601 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!((\old(pumpRunning) == 0)) || (0 == systemActive)) || (2 < \old(waterLevel))) && (((((\old(switchedOnBeforeTS) < 1) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (2 < \old(waterLevel))) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((((pumpRunning == \old(pumpRunning)) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (0 == systemActive))) [2023-11-06 22:08:46,601 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || !((\old(pumpRunning) == 0))) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) || (0 == systemActive)) || (2 < \old(waterLevel))) && ((((((((pumpRunning == 0) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)) && !((0 == systemActive))) || (((pumpRunning == \old(pumpRunning)) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS))) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (0 == systemActive))) && (((!((\old(pumpRunning) == 0)) || ((2 == \result) && (tmp == 2))) || !((\old(waterLevel) == 2))) || (0 == systemActive))) && ((((((\old(switchedOnBeforeTS) < 1) || ((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && !((0 == systemActive)))) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (2 < \old(waterLevel))) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) [2023-11-06 22:08:46,602 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((pumpRunning == 0) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && !((0 == systemActive))) || ((((((1 <= pumpRunning) && (2 == waterLevel)) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && !((0 == systemActive)))) || (((((((1 <= pumpRunning) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && !((0 == systemActive)))) [2023-11-06 22:08:46,602 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || !((\old(pumpRunning) == 0))) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) || (0 == systemActive)) || (2 < \old(waterLevel))) && (((((((pumpRunning == \old(pumpRunning)) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (((pumpRunning == 0) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)))) && ((((((\old(switchedOnBeforeTS) < 1) || (((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (2 < \old(waterLevel))) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) [2023-11-06 22:08:46,602 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!((\old(pumpRunning) == 0)) || (0 == systemActive)) || (2 < \old(waterLevel))) && ((((\old(switchedOnBeforeTS) < 1) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (2 < \old(waterLevel)))) && ((!((\old(waterLevel) == 2)) || (\old(pumpRunning) < 1)) || (0 == systemActive))) [2023-11-06 22:08:46,602 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || !((\old(pumpRunning) == 0))) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) || (0 == systemActive)) || (2 < \old(waterLevel))) && (((!((\old(pumpRunning) == 0)) || (2 == \result)) || !((\old(waterLevel) == 2))) || (0 == systemActive))) && (((((((pumpRunning == \old(pumpRunning)) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (((pumpRunning == 0) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)))) && ((((((\old(switchedOnBeforeTS) < 1) || (((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (2 < \old(waterLevel))) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) [2023-11-06 22:08:46,603 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!((\old(pumpRunning) == 0)) || (0 == systemActive)) || (2 < \old(waterLevel))) && (((((\old(switchedOnBeforeTS) < 1) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (2 < \old(waterLevel))) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((((pumpRunning == \old(pumpRunning)) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (0 == systemActive))) [2023-11-06 22:08:46,603 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((2 < waterLevel) || (switchedOnBeforeTS < 1)) || (\old(pumpRunning) < 1)) || (0 == systemActive)) && (((((2 < waterLevel) || !((\old(pumpRunning) == 0))) || ((pumpRunning == 0) && !((\result == 0)))) || ((pumpRunning == 0) && (2 == waterLevel))) || (0 == systemActive))) [2023-11-06 22:08:46,603 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!((\old(pumpRunning) == 0)) || (0 == systemActive)) || (2 < \old(waterLevel))) && (((((\old(switchedOnBeforeTS) < 1) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (2 < \old(waterLevel))) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((((pumpRunning == \old(pumpRunning)) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (0 == systemActive))) [2023-11-06 22:08:46,603 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((2 < waterLevel) || !((\old(pumpRunning) == 0))) || ((((pumpRunning == 0) && (tmp___0 == 0)) && (\result == 0)) && !((tmp == 0)))) || ((pumpRunning == 0) && (2 == waterLevel))) || (0 == systemActive)) && ((((2 < waterLevel) || (switchedOnBeforeTS < 1)) || (\old(pumpRunning) < 1)) || (0 == systemActive))) [2023-11-06 22:08:46,604 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!((\old(pumpRunning) == 0)) || (0 == systemActive)) || (2 < \old(waterLevel))) && (((!((\old(waterLevel) == 2)) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (((pumpRunning == 0) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)))) && (((((\old(switchedOnBeforeTS) < 1) || (((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (2 < \old(waterLevel)))) [2023-11-06 22:08:46,604 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((2 < waterLevel) || (switchedOnBeforeTS < 1)) || (\old(pumpRunning) < 1)) || (0 == systemActive)) && ((((2 < waterLevel) || !((\old(pumpRunning) == 0))) || ((pumpRunning == 0) && (2 == waterLevel))) || (0 == systemActive))) [2023-11-06 22:08:46,604 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((2 < waterLevel) || (switchedOnBeforeTS < 1)) || (\old(pumpRunning) < 1)) || (0 == systemActive)) && ((((2 < waterLevel) || !((\old(pumpRunning) == 0))) || ((pumpRunning == 0) && (2 == waterLevel))) || (0 == systemActive))) [2023-11-06 22:08:46,604 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((2 < waterLevel) || (switchedOnBeforeTS < 1)) || (\old(pumpRunning) < 1)) || (0 == systemActive)) && (((((2 < waterLevel) || !((\old(pumpRunning) == 0))) || ((1 <= pumpRunning) && (2 == waterLevel))) || ((pumpRunning == 0) && (2 == waterLevel))) || (0 == systemActive))) [2023-11-06 22:08:46,604 WARN L115 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((2 < waterLevel) || (switchedOnBeforeTS < 1)) || (\old(pumpRunning) < 1)) || (0 == systemActive)) && ((((2 < waterLevel) || !((\old(pumpRunning) == 0))) || ((1 <= pumpRunning) && (2 == waterLevel))) || (0 == systemActive))) [2023-11-06 22:08:46,619 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_189815de-5ccd-4f72-9cd5-cb51eb849edf/bin/uautomizer-verify-WvqO1wxjHP/witness.graphml.graphml [2023-11-06 22:08:46,620 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_189815de-5ccd-4f72-9cd5-cb51eb849edf/bin/uautomizer-verify-WvqO1wxjHP/witness.graphml.yaml [2023-11-06 22:08:46,620 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2023-11-06 22:08:46,621 INFO L158 Benchmark]: Toolchain (without parser) took 13630.10ms. Allocated memory was 140.5MB in the beginning and 213.9MB in the end (delta: 73.4MB). Free memory was 96.0MB in the beginning and 136.7MB in the end (delta: -40.7MB). Peak memory consumption was 33.2MB. Max. memory is 16.1GB. [2023-11-06 22:08:46,621 INFO L158 Benchmark]: CDTParser took 0.19ms. Allocated memory is still 109.1MB. Free memory is still 60.4MB. There was no memory consumed. Max. memory is 16.1GB. [2023-11-06 22:08:46,622 INFO L158 Benchmark]: CACSL2BoogieTranslator took 575.56ms. Allocated memory is still 140.5MB. Free memory was 95.5MB in the beginning and 75.6MB in the end (delta: 19.9MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2023-11-06 22:08:46,622 INFO L158 Benchmark]: Boogie Procedure Inliner took 52.16ms. Allocated memory is still 140.5MB. Free memory was 75.6MB in the beginning and 73.5MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2023-11-06 22:08:46,622 INFO L158 Benchmark]: Boogie Preprocessor took 57.76ms. Allocated memory is still 140.5MB. Free memory was 73.5MB in the beginning and 71.9MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2023-11-06 22:08:46,623 INFO L158 Benchmark]: RCFGBuilder took 680.77ms. Allocated memory is still 140.5MB. Free memory was 71.9MB in the beginning and 105.2MB in the end (delta: -33.3MB). Peak memory consumption was 17.9MB. Max. memory is 16.1GB. [2023-11-06 22:08:46,623 INFO L158 Benchmark]: TraceAbstraction took 12122.42ms. Allocated memory was 140.5MB in the beginning and 213.9MB in the end (delta: 73.4MB). Free memory was 104.4MB in the beginning and 145.1MB in the end (delta: -40.7MB). Peak memory consumption was 120.9MB. Max. memory is 16.1GB. [2023-11-06 22:08:46,624 INFO L158 Benchmark]: Witness Printer took 132.73ms. Allocated memory is still 213.9MB. Free memory was 145.1MB in the beginning and 136.7MB in the end (delta: 8.4MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2023-11-06 22:08:46,626 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.19ms. Allocated memory is still 109.1MB. Free memory is still 60.4MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 575.56ms. Allocated memory is still 140.5MB. Free memory was 95.5MB in the beginning and 75.6MB in the end (delta: 19.9MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 52.16ms. Allocated memory is still 140.5MB. Free memory was 75.6MB in the beginning and 73.5MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 57.76ms. Allocated memory is still 140.5MB. Free memory was 73.5MB in the beginning and 71.9MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 680.77ms. Allocated memory is still 140.5MB. Free memory was 71.9MB in the beginning and 105.2MB in the end (delta: -33.3MB). Peak memory consumption was 17.9MB. Max. memory is 16.1GB. * TraceAbstraction took 12122.42ms. Allocated memory was 140.5MB in the beginning and 213.9MB in the end (delta: 73.4MB). Free memory was 104.4MB in the beginning and 145.1MB in the end (delta: -40.7MB). Peak memory consumption was 120.9MB. Max. memory is 16.1GB. * Witness Printer took 132.73ms. Allocated memory is still 213.9MB. Free memory was 145.1MB in the beginning and 136.7MB in the end (delta: 8.4MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 160]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [160] - GenericResultAtLocation [Line: 211]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [211] - GenericResultAtLocation [Line: 577]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [577] - GenericResultAtLocation [Line: 680]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [680] - GenericResultAtLocation [Line: 689]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [689] - GenericResultAtLocation [Line: 757]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [757] - GenericResultAtLocation [Line: 985]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [985] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 685]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 97 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 12.0s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 3.3s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 5.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1872 SdHoareTripleChecker+Valid, 1.7s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1843 mSDsluCounter, 3855 SdHoareTripleChecker+Invalid, 1.4s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2789 mSDsCounter, 470 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1872 IncrementalHoareTripleChecker+Invalid, 2342 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 470 mSolverCounterUnsat, 1066 mSDtfsCounter, 1872 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 415 GetRequests, 300 SyntacticMatches, 4 SemanticMatches, 111 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 643 ImplicationChecksByTransitivity, 1.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=440occurred in iteration=9, InterpolantAutomatonStates: 105, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 10 MinimizatonAttempts, 109 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 46 LocationsWithAnnotation, 1015 PreInvPairs, 1223 NumberOfFragments, 1729 HoareAnnotationTreeSize, 1015 FomulaSimplifications, 3200 FormulaSimplificationTreeSizeReduction, 0.5s HoareSimplificationTime, 46 FomulaSimplificationsInter, 8378 FormulaSimplificationTreeSizeReductionInter, 4.5s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 2.3s InterpolantComputationTime, 635 NumberOfCodeBlocks, 635 NumberOfCodeBlocksAsserted, 11 NumberOfCheckSat, 725 ConstructedInterpolants, 0 QuantifiedInterpolants, 1359 SizeOfPredicates, 3 NumberOfNonLiveVariables, 352 ConjunctsInSsa, 8 ConjunctsInUnsatCore, 12 InterpolantComputations, 9 PerfectInterpolantSequences, 103/129 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 635]: Loop Invariant Derived loop invariant: (((((pumpRunning == 0) && (\result == 1)) && (tmp == 1)) && (waterLevel == 1)) && !((0 == systemActive))) - InvariantResult [Line: 700]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 849]: Loop Invariant Derived loop invariant: (((((2 < waterLevel) || (switchedOnBeforeTS < 1)) || (\old(pumpRunning) < 1)) || (0 == systemActive)) && ((((2 < waterLevel) || !((\old(pumpRunning) == 0))) || ((1 <= pumpRunning) && (2 == waterLevel))) || (0 == systemActive))) - InvariantResult [Line: 691]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 997]: Loop Invariant Derived loop invariant: (((pumpRunning == 0) && (waterLevel == 1)) && !((0 == systemActive))) - InvariantResult [Line: 958]: Loop Invariant Derived loop invariant: ((((!((\old(pumpRunning) == 0)) || (0 == systemActive)) || (2 < \old(waterLevel))) && (((((\old(switchedOnBeforeTS) < 1) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (2 < \old(waterLevel))) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((((pumpRunning == \old(pumpRunning)) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (0 == systemActive))) - InvariantResult [Line: 824]: Loop Invariant Derived loop invariant: (((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || !((\old(pumpRunning) == 0))) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) || (0 == systemActive)) || (2 < \old(waterLevel))) && (((((((pumpRunning == \old(pumpRunning)) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (((pumpRunning == 0) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)))) && ((((((\old(switchedOnBeforeTS) < 1) || (((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (2 < \old(waterLevel))) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) - InvariantResult [Line: 590]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 137]: Loop Invariant Derived loop invariant: (((((2 < waterLevel) || (switchedOnBeforeTS < 1)) || (\old(pumpRunning) < 1)) || (0 == systemActive)) && (((((2 < waterLevel) || !((\old(pumpRunning) == 0))) || ((pumpRunning == 0) && !((\result == 0)))) || ((pumpRunning == 0) && (2 == waterLevel))) || (0 == systemActive))) - InvariantResult [Line: 151]: Loop Invariant Derived loop invariant: ((((!((\old(pumpRunning) == 0)) || (0 == systemActive)) || (2 < \old(waterLevel))) && (((((\old(switchedOnBeforeTS) < 1) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (2 < \old(waterLevel))) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((((pumpRunning == \old(pumpRunning)) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (0 == systemActive))) - InvariantResult [Line: 939]: Loop Invariant Derived loop invariant: ((((((2 < waterLevel) || !((\old(pumpRunning) == 0))) || ((((pumpRunning == 0) && (tmp___0 == 0)) && (\result == 0)) && !((tmp == 0)))) || ((pumpRunning == 0) && (2 == waterLevel))) || (0 == systemActive)) && ((((2 < waterLevel) || (switchedOnBeforeTS < 1)) || (\old(pumpRunning) < 1)) || (0 == systemActive))) - InvariantResult [Line: 643]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 164]: Loop Invariant Derived loop invariant: (((((pumpRunning == 0) && (\result == 1)) && (tmp == 1)) && (waterLevel == 1)) && !((0 == systemActive))) - InvariantResult [Line: 701]: Loop Invariant Derived loop invariant: ((((((((pumpRunning == 0) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && !((0 == systemActive))) || ((((((1 <= pumpRunning) && (2 == waterLevel)) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && !((0 == systemActive)))) || (((((((1 <= pumpRunning) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && !((0 == systemActive)))) - InvariantResult [Line: 580]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 977]: Loop Invariant Derived loop invariant: ((((((((pumpRunning == 0) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && !((0 == systemActive))) || ((((((1 <= pumpRunning) && (2 == waterLevel)) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && !((0 == systemActive)))) || (((((((1 <= pumpRunning) && (\result == 1)) && (tmp == 1)) && (splverifierCounter == 0)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && !((0 == systemActive)))) - InvariantResult [Line: 681]: Loop Invariant Derived loop invariant: ((((!((\old(pumpRunning) == 0)) || (0 == systemActive)) || (2 < \old(waterLevel))) && ((((\old(switchedOnBeforeTS) < 1) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (2 < \old(waterLevel)))) && ((!((\old(waterLevel) == 2)) || (\old(pumpRunning) < 1)) || (0 == systemActive))) - InvariantResult [Line: 128]: Loop Invariant Derived loop invariant: ((((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || !((\old(pumpRunning) == 0))) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) || (0 == systemActive)) || (2 < \old(waterLevel))) && (((!((\old(pumpRunning) == 0)) || (2 == \result)) || !((\old(waterLevel) == 2))) || (0 == systemActive))) && (((((((pumpRunning == \old(pumpRunning)) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (((pumpRunning == 0) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)))) && ((((((\old(switchedOnBeforeTS) < 1) || (((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (2 < \old(waterLevel))) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) - InvariantResult [Line: 1011]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0) && (\result == 1)) && (waterLevel == 1)) && !((0 == systemActive))) - InvariantResult [Line: 182]: Loop Invariant Derived loop invariant: ((((((((((1 <= pumpRunning) && (2 == waterLevel)) && (\old(waterLevel) == 2)) || !((\old(pumpRunning) == 0))) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) || (0 == systemActive)) || (2 < \old(waterLevel))) && ((((((((pumpRunning == 0) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)) && !((0 == systemActive))) || (((pumpRunning == \old(pumpRunning)) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS))) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (0 == systemActive))) && (((!((\old(pumpRunning) == 0)) || ((2 == \result) && (tmp == 2))) || !((\old(waterLevel) == 2))) || (0 == systemActive))) && ((((((\old(switchedOnBeforeTS) < 1) || ((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && !((0 == systemActive)))) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (2 < \old(waterLevel))) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) - InvariantResult [Line: 1004]: Loop Invariant Derived loop invariant: (((pumpRunning == 0) && (waterLevel == 1)) && !((0 == systemActive))) - InvariantResult [Line: 96]: Loop Invariant Derived loop invariant: (((((2 < waterLevel) || (switchedOnBeforeTS < 1)) || (\old(pumpRunning) < 1)) || (0 == systemActive)) && ((((2 < waterLevel) || !((\old(pumpRunning) == 0))) || ((pumpRunning == 0) && (2 == waterLevel))) || (0 == systemActive))) - InvariantResult [Line: 172]: Loop Invariant Derived loop invariant: (((((!((\old(pumpRunning) == 0)) || ((pumpRunning == 0) && (\old(waterLevel) == waterLevel))) || (0 == systemActive)) || (2 < \old(waterLevel))) && ((((((pumpRunning == \old(pumpRunning)) && (2 == waterLevel)) && (1 <= switchedOnBeforeTS)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (0 == systemActive))) && (((((((pumpRunning == \old(pumpRunning)) && (\old(waterLevel) == waterLevel)) && (1 <= switchedOnBeforeTS)) || (\old(switchedOnBeforeTS) < 1)) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (2 < \old(waterLevel)))) - InvariantResult [Line: 60]: Loop Invariant Derived loop invariant: ((((!((\old(pumpRunning) == 0)) || (0 == systemActive)) || (2 < \old(waterLevel))) && (((((\old(switchedOnBeforeTS) < 1) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (2 < \old(waterLevel))) || (((pumpRunning == \old(pumpRunning)) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)))) && ((((((pumpRunning == \old(pumpRunning)) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)) || !((\old(waterLevel) == 2))) || (\old(pumpRunning) < 1)) || (0 == systemActive))) - InvariantResult [Line: 883]: Loop Invariant Derived loop invariant: (((((2 < waterLevel) || (switchedOnBeforeTS < 1)) || (\old(pumpRunning) < 1)) || (0 == systemActive)) && ((((2 < waterLevel) || !((\old(pumpRunning) == 0))) || ((pumpRunning == 0) && (2 == waterLevel))) || (0 == systemActive))) - InvariantResult [Line: 858]: Loop Invariant Derived loop invariant: (((((2 < waterLevel) || (switchedOnBeforeTS < 1)) || (\old(pumpRunning) < 1)) || (0 == systemActive)) && (((((2 < waterLevel) || !((\old(pumpRunning) == 0))) || ((1 <= pumpRunning) && (2 == waterLevel))) || ((pumpRunning == 0) && (2 == waterLevel))) || (0 == systemActive))) - InvariantResult [Line: 657]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 875]: Loop Invariant Derived loop invariant: ((((!((\old(pumpRunning) == 0)) || (0 == systemActive)) || (2 < \old(waterLevel))) && (((!((\old(waterLevel) == 2)) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (((pumpRunning == 0) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)))) && (((((\old(switchedOnBeforeTS) < 1) || (((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS))) || (\old(pumpRunning) < 1)) || (0 == systemActive)) || (2 < \old(waterLevel)))) RESULT: Ultimate proved your program to be correct! [2023-11-06 22:08:46,663 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_189815de-5ccd-4f72-9cd5-cb51eb849edf/bin/uautomizer-verify-WvqO1wxjHP/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE