./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec1_product57.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 5e519f3a Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec1_product57.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash d0f26fc8ab0bdaf05de905c05e583bc491c727ef99c3d3df87bba160b541b55a --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-5e519f3 [2022-11-03 01:49:52,591 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-03 01:49:52,594 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-03 01:49:52,644 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-03 01:49:52,645 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-03 01:49:52,650 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-03 01:49:52,652 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-03 01:49:52,656 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-03 01:49:52,658 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-03 01:49:52,664 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-03 01:49:52,665 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-03 01:49:52,667 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-03 01:49:52,668 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-03 01:49:52,671 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-03 01:49:52,672 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-03 01:49:52,675 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-03 01:49:52,676 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-03 01:49:52,678 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-03 01:49:52,679 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-03 01:49:52,691 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-03 01:49:52,693 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-03 01:49:52,695 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-03 01:49:52,699 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-03 01:49:52,700 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-03 01:49:52,710 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-03 01:49:52,710 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-03 01:49:52,711 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-03 01:49:52,712 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-03 01:49:52,712 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-03 01:49:52,713 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-03 01:49:52,714 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-03 01:49:52,715 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-03 01:49:52,715 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-03 01:49:52,716 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-03 01:49:52,718 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-03 01:49:52,718 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-03 01:49:52,719 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-03 01:49:52,719 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-03 01:49:52,719 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-03 01:49:52,720 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-03 01:49:52,721 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-03 01:49:52,726 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-03 01:49:52,780 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-03 01:49:52,780 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-03 01:49:52,781 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-03 01:49:52,781 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-03 01:49:52,782 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-03 01:49:52,782 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-03 01:49:52,783 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-03 01:49:52,783 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-03 01:49:52,783 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-03 01:49:52,783 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-03 01:49:52,784 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-03 01:49:52,785 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-03 01:49:52,785 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-03 01:49:52,785 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-03 01:49:52,785 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-03 01:49:52,785 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-03 01:49:52,786 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-03 01:49:52,786 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-03 01:49:52,787 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-03 01:49:52,787 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-03 01:49:52,787 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-03 01:49:52,787 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-03 01:49:52,787 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-03 01:49:52,788 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-03 01:49:52,788 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-03 01:49:52,788 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-03 01:49:52,788 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-03 01:49:52,790 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-03 01:49:52,790 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-03 01:49:52,790 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-03 01:49:52,791 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-03 01:49:52,791 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-03 01:49:52,791 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 01:49:52,792 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-03 01:49:52,792 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-03 01:49:52,792 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-03 01:49:52,792 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-03 01:49:52,793 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-03 01:49:52,793 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-03 01:49:52,793 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-03 01:49:52,794 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-03 01:49:52,794 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> d0f26fc8ab0bdaf05de905c05e583bc491c727ef99c3d3df87bba160b541b55a [2022-11-03 01:49:53,154 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-03 01:49:53,190 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-03 01:49:53,193 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-03 01:49:53,195 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-03 01:49:53,196 INFO L275 PluginConnector]: CDTParser initialized [2022-11-03 01:49:53,198 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/../../sv-benchmarks/c/product-lines/minepump_spec1_product57.cil.c [2022-11-03 01:49:53,280 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/data/adf977998/bda2670311d546da8d576e8f75b7fbe1/FLAGef199a61f [2022-11-03 01:49:53,942 INFO L306 CDTParser]: Found 1 translation units. [2022-11-03 01:49:53,943 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/sv-benchmarks/c/product-lines/minepump_spec1_product57.cil.c [2022-11-03 01:49:53,962 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/data/adf977998/bda2670311d546da8d576e8f75b7fbe1/FLAGef199a61f [2022-11-03 01:49:54,208 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/data/adf977998/bda2670311d546da8d576e8f75b7fbe1 [2022-11-03 01:49:54,211 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-03 01:49:54,213 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-03 01:49:54,218 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-03 01:49:54,218 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-03 01:49:54,223 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-03 01:49:54,224 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 01:49:54" (1/1) ... [2022-11-03 01:49:54,225 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@1d540cad and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:49:54, skipping insertion in model container [2022-11-03 01:49:54,226 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 01:49:54" (1/1) ... [2022-11-03 01:49:54,235 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-03 01:49:54,284 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-03 01:49:54,765 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/sv-benchmarks/c/product-lines/minepump_spec1_product57.cil.c[18661,18674] [2022-11-03 01:49:54,774 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 01:49:54,788 INFO L203 MainTranslator]: Completed pre-run [2022-11-03 01:49:54,889 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/sv-benchmarks/c/product-lines/minepump_spec1_product57.cil.c[18661,18674] [2022-11-03 01:49:54,896 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 01:49:54,920 INFO L208 MainTranslator]: Completed translation [2022-11-03 01:49:54,920 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:49:54 WrapperNode [2022-11-03 01:49:54,920 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-03 01:49:54,922 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-03 01:49:54,922 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-03 01:49:54,922 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-03 01:49:54,931 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:49:54" (1/1) ... [2022-11-03 01:49:54,949 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:49:54" (1/1) ... [2022-11-03 01:49:54,980 INFO L138 Inliner]: procedures = 56, calls = 156, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 268 [2022-11-03 01:49:54,981 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-03 01:49:54,982 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-03 01:49:54,982 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-03 01:49:54,982 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-03 01:49:54,993 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:49:54" (1/1) ... [2022-11-03 01:49:54,993 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:49:54" (1/1) ... [2022-11-03 01:49:54,996 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:49:54" (1/1) ... [2022-11-03 01:49:54,997 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:49:54" (1/1) ... [2022-11-03 01:49:55,004 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:49:54" (1/1) ... [2022-11-03 01:49:55,010 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:49:54" (1/1) ... [2022-11-03 01:49:55,012 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:49:54" (1/1) ... [2022-11-03 01:49:55,014 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:49:54" (1/1) ... [2022-11-03 01:49:55,017 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-03 01:49:55,018 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-03 01:49:55,018 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-03 01:49:55,018 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-03 01:49:55,019 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:49:54" (1/1) ... [2022-11-03 01:49:55,026 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 01:49:55,041 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 01:49:55,071 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-03 01:49:55,084 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-03 01:49:55,133 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-03 01:49:55,133 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-03 01:49:55,133 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-03 01:49:55,134 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-03 01:49:55,134 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-03 01:49:55,134 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-03 01:49:55,134 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-03 01:49:55,134 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-11-03 01:49:55,135 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-11-03 01:49:55,135 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 01:49:55,135 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 01:49:55,135 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-03 01:49:55,135 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-03 01:49:55,137 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-03 01:49:55,137 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-03 01:49:55,137 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-03 01:49:55,138 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-03 01:49:55,138 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-03 01:49:55,279 INFO L235 CfgBuilder]: Building ICFG [2022-11-03 01:49:55,287 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-03 01:49:55,885 INFO L276 CfgBuilder]: Performing block encoding [2022-11-03 01:49:56,027 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-03 01:49:56,027 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-03 01:49:56,030 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 01:49:56 BoogieIcfgContainer [2022-11-03 01:49:56,030 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-03 01:49:56,033 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-03 01:49:56,033 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-03 01:49:56,038 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-03 01:49:56,039 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.11 01:49:54" (1/3) ... [2022-11-03 01:49:56,040 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@324385a7 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 01:49:56, skipping insertion in model container [2022-11-03 01:49:56,040 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:49:54" (2/3) ... [2022-11-03 01:49:56,040 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@324385a7 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 01:49:56, skipping insertion in model container [2022-11-03 01:49:56,040 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 01:49:56" (3/3) ... [2022-11-03 01:49:56,042 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product57.cil.c [2022-11-03 01:49:56,081 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-03 01:49:56,081 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-03 01:49:56,151 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-03 01:49:56,160 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@57e82af5, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-03 01:49:56,160 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-03 01:49:56,166 INFO L276 IsEmpty]: Start isEmpty. Operand has 57 states, 36 states have (on average 1.4166666666666667) internal successors, (51), 44 states have internal predecessors, (51), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-11-03 01:49:56,176 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 17 [2022-11-03 01:49:56,177 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:49:56,177 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:49:56,178 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:49:56,185 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:49:56,185 INFO L85 PathProgramCache]: Analyzing trace with hash -155139986, now seen corresponding path program 1 times [2022-11-03 01:49:56,200 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:49:56,202 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1734893009] [2022-11-03 01:49:56,202 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:49:56,203 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:49:56,391 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:49:56,509 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 01:49:56,509 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:49:56,511 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1734893009] [2022-11-03 01:49:56,512 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1734893009] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 01:49:56,512 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 01:49:56,512 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-03 01:49:56,514 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1338670597] [2022-11-03 01:49:56,515 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 01:49:56,521 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-03 01:49:56,523 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:49:56,561 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-03 01:49:56,563 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 01:49:56,565 INFO L87 Difference]: Start difference. First operand has 57 states, 36 states have (on average 1.4166666666666667) internal successors, (51), 44 states have internal predecessors, (51), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 6.0) internal successors, (12), 2 states have internal predecessors, (12), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 01:49:56,696 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:49:56,697 INFO L93 Difference]: Finished difference Result 112 states and 151 transitions. [2022-11-03 01:49:56,698 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-03 01:49:56,700 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 6.0) internal successors, (12), 2 states have internal predecessors, (12), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 16 [2022-11-03 01:49:56,700 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:49:56,712 INFO L225 Difference]: With dead ends: 112 [2022-11-03 01:49:56,712 INFO L226 Difference]: Without dead ends: 52 [2022-11-03 01:49:56,718 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 01:49:56,723 INFO L413 NwaCegarLoop]: 55 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 55 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 01:49:56,724 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 55 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 01:49:56,751 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 52 states. [2022-11-03 01:49:56,794 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 52 to 52. [2022-11-03 01:49:56,795 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 52 states, 33 states have (on average 1.303030303030303) internal successors, (43), 40 states have internal predecessors, (43), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-03 01:49:56,799 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 52 states to 52 states and 66 transitions. [2022-11-03 01:49:56,803 INFO L78 Accepts]: Start accepts. Automaton has 52 states and 66 transitions. Word has length 16 [2022-11-03 01:49:56,803 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:49:56,804 INFO L495 AbstractCegarLoop]: Abstraction has 52 states and 66 transitions. [2022-11-03 01:49:56,805 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 6.0) internal successors, (12), 2 states have internal predecessors, (12), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 01:49:56,806 INFO L276 IsEmpty]: Start isEmpty. Operand 52 states and 66 transitions. [2022-11-03 01:49:56,812 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2022-11-03 01:49:56,813 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:49:56,814 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:49:56,814 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-03 01:49:56,815 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:49:56,815 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:49:56,816 INFO L85 PathProgramCache]: Analyzing trace with hash -2134315190, now seen corresponding path program 1 times [2022-11-03 01:49:56,816 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:49:56,816 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2137234269] [2022-11-03 01:49:56,816 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:49:56,817 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:49:56,875 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:49:57,004 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 01:49:57,005 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:49:57,005 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2137234269] [2022-11-03 01:49:57,005 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2137234269] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 01:49:57,006 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 01:49:57,006 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 01:49:57,006 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [752296359] [2022-11-03 01:49:57,006 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 01:49:57,008 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 01:49:57,008 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:49:57,009 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 01:49:57,009 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 01:49:57,010 INFO L87 Difference]: Start difference. First operand 52 states and 66 transitions. Second operand has 3 states, 3 states have (on average 4.333333333333333) internal successors, (13), 3 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 01:49:57,066 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:49:57,066 INFO L93 Difference]: Finished difference Result 81 states and 103 transitions. [2022-11-03 01:49:57,067 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 01:49:57,067 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 4.333333333333333) internal successors, (13), 3 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 17 [2022-11-03 01:49:57,068 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:49:57,069 INFO L225 Difference]: With dead ends: 81 [2022-11-03 01:49:57,069 INFO L226 Difference]: Without dead ends: 44 [2022-11-03 01:49:57,070 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 01:49:57,072 INFO L413 NwaCegarLoop]: 41 mSDtfsCounter, 7 mSDsluCounter, 43 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 10 SdHoareTripleChecker+Valid, 73 SdHoareTripleChecker+Invalid, 25 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-03 01:49:57,073 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [10 Valid, 73 Invalid, 25 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-03 01:49:57,074 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 44 states. [2022-11-03 01:49:57,080 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 44 to 44. [2022-11-03 01:49:57,081 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 44 states, 28 states have (on average 1.3214285714285714) internal successors, (37), 35 states have internal predecessors, (37), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-03 01:49:57,082 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 44 states to 44 states and 55 transitions. [2022-11-03 01:49:57,083 INFO L78 Accepts]: Start accepts. Automaton has 44 states and 55 transitions. Word has length 17 [2022-11-03 01:49:57,083 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:49:57,083 INFO L495 AbstractCegarLoop]: Abstraction has 44 states and 55 transitions. [2022-11-03 01:49:57,084 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 4.333333333333333) internal successors, (13), 3 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 01:49:57,084 INFO L276 IsEmpty]: Start isEmpty. Operand 44 states and 55 transitions. [2022-11-03 01:49:57,085 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2022-11-03 01:49:57,085 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:49:57,089 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:49:57,090 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-03 01:49:57,090 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:49:57,091 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:49:57,091 INFO L85 PathProgramCache]: Analyzing trace with hash -875472090, now seen corresponding path program 1 times [2022-11-03 01:49:57,091 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:49:57,091 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [946353666] [2022-11-03 01:49:57,092 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:49:57,092 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:49:57,130 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:49:57,245 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 01:49:57,249 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:49:57,250 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [946353666] [2022-11-03 01:49:57,250 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [946353666] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 01:49:57,250 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 01:49:57,252 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 01:49:57,253 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1421225850] [2022-11-03 01:49:57,253 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 01:49:57,254 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 01:49:57,255 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:49:57,255 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 01:49:57,256 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 01:49:57,257 INFO L87 Difference]: Start difference. First operand 44 states and 55 transitions. Second operand has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 01:49:57,354 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:49:57,354 INFO L93 Difference]: Finished difference Result 86 states and 109 transitions. [2022-11-03 01:49:57,356 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 01:49:57,356 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 19 [2022-11-03 01:49:57,356 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:49:57,357 INFO L225 Difference]: With dead ends: 86 [2022-11-03 01:49:57,357 INFO L226 Difference]: Without dead ends: 44 [2022-11-03 01:49:57,358 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 01:49:57,359 INFO L413 NwaCegarLoop]: 39 mSDtfsCounter, 44 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 15 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 44 SdHoareTripleChecker+Valid, 39 SdHoareTripleChecker+Invalid, 15 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 15 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 01:49:57,360 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [44 Valid, 39 Invalid, 15 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 15 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 01:49:57,361 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 44 states. [2022-11-03 01:49:57,373 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 44 to 44. [2022-11-03 01:49:57,374 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 44 states, 28 states have (on average 1.2857142857142858) internal successors, (36), 35 states have internal predecessors, (36), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-03 01:49:57,381 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 44 states to 44 states and 54 transitions. [2022-11-03 01:49:57,382 INFO L78 Accepts]: Start accepts. Automaton has 44 states and 54 transitions. Word has length 19 [2022-11-03 01:49:57,382 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:49:57,382 INFO L495 AbstractCegarLoop]: Abstraction has 44 states and 54 transitions. [2022-11-03 01:49:57,383 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.333333333333333) internal successors, (16), 3 states have internal predecessors, (16), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 01:49:57,383 INFO L276 IsEmpty]: Start isEmpty. Operand 44 states and 54 transitions. [2022-11-03 01:49:57,387 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2022-11-03 01:49:57,387 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:49:57,388 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:49:57,388 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-03 01:49:57,388 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:49:57,389 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:49:57,389 INFO L85 PathProgramCache]: Analyzing trace with hash -328650185, now seen corresponding path program 1 times [2022-11-03 01:49:57,389 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:49:57,389 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [349582058] [2022-11-03 01:49:57,390 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:49:57,390 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:49:57,424 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:49:57,526 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 01:49:57,527 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:49:57,527 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [349582058] [2022-11-03 01:49:57,527 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [349582058] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 01:49:57,527 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 01:49:57,527 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 01:49:57,528 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1745476423] [2022-11-03 01:49:57,528 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 01:49:57,528 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 01:49:57,529 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:49:57,529 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 01:49:57,529 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 01:49:57,530 INFO L87 Difference]: Start difference. First operand 44 states and 54 transitions. Second operand has 3 states, 3 states have (on average 6.333333333333333) internal successors, (19), 3 states have internal predecessors, (19), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 01:49:57,613 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:49:57,614 INFO L93 Difference]: Finished difference Result 120 states and 150 transitions. [2022-11-03 01:49:57,615 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 01:49:57,616 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.333333333333333) internal successors, (19), 3 states have internal predecessors, (19), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 22 [2022-11-03 01:49:57,616 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:49:57,617 INFO L225 Difference]: With dead ends: 120 [2022-11-03 01:49:57,618 INFO L226 Difference]: Without dead ends: 78 [2022-11-03 01:49:57,621 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 01:49:57,623 INFO L413 NwaCegarLoop]: 50 mSDtfsCounter, 36 mSDsluCounter, 38 mSDsCounter, 0 mSdLazyCounter, 28 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 36 SdHoareTripleChecker+Valid, 82 SdHoareTripleChecker+Invalid, 32 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 28 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 01:49:57,623 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [36 Valid, 82 Invalid, 32 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 28 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 01:49:57,624 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 78 states. [2022-11-03 01:49:57,643 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 78 to 76. [2022-11-03 01:49:57,644 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 76 states, 50 states have (on average 1.24) internal successors, (62), 57 states have internal predecessors, (62), 13 states have call successors, (13), 12 states have call predecessors, (13), 12 states have return successors, (17), 13 states have call predecessors, (17), 13 states have call successors, (17) [2022-11-03 01:49:57,645 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 76 states to 76 states and 92 transitions. [2022-11-03 01:49:57,645 INFO L78 Accepts]: Start accepts. Automaton has 76 states and 92 transitions. Word has length 22 [2022-11-03 01:49:57,646 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:49:57,646 INFO L495 AbstractCegarLoop]: Abstraction has 76 states and 92 transitions. [2022-11-03 01:49:57,646 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.333333333333333) internal successors, (19), 3 states have internal predecessors, (19), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 01:49:57,647 INFO L276 IsEmpty]: Start isEmpty. Operand 76 states and 92 transitions. [2022-11-03 01:49:57,647 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-11-03 01:49:57,648 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:49:57,648 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:49:57,648 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-03 01:49:57,648 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:49:57,649 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:49:57,649 INFO L85 PathProgramCache]: Analyzing trace with hash 95981869, now seen corresponding path program 1 times [2022-11-03 01:49:57,649 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:49:57,650 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [38279089] [2022-11-03 01:49:57,650 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:49:57,650 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:49:57,686 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:49:57,880 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 01:49:57,880 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:49:57,880 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [38279089] [2022-11-03 01:49:57,881 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [38279089] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 01:49:57,881 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 01:49:57,881 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-03 01:49:57,881 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [697910489] [2022-11-03 01:49:57,881 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 01:49:57,882 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-03 01:49:57,882 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:49:57,883 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-03 01:49:57,883 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-03 01:49:57,883 INFO L87 Difference]: Start difference. First operand 76 states and 92 transitions. Second operand has 6 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-03 01:49:58,088 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:49:58,088 INFO L93 Difference]: Finished difference Result 222 states and 277 transitions. [2022-11-03 01:49:58,089 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-11-03 01:49:58,089 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) Word has length 30 [2022-11-03 01:49:58,090 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:49:58,100 INFO L225 Difference]: With dead ends: 222 [2022-11-03 01:49:58,103 INFO L226 Difference]: Without dead ends: 148 [2022-11-03 01:49:58,104 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-11-03 01:49:58,109 INFO L413 NwaCegarLoop]: 47 mSDtfsCounter, 32 mSDsluCounter, 201 mSDsCounter, 0 mSdLazyCounter, 98 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 35 SdHoareTripleChecker+Valid, 204 SdHoareTripleChecker+Invalid, 100 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 98 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 01:49:58,113 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [35 Valid, 204 Invalid, 100 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 98 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 01:49:58,115 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 148 states. [2022-11-03 01:49:58,167 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 148 to 140. [2022-11-03 01:49:58,170 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 140 states, 93 states have (on average 1.2150537634408602) internal successors, (113), 104 states have internal predecessors, (113), 24 states have call successors, (24), 22 states have call predecessors, (24), 22 states have return successors, (32), 24 states have call predecessors, (32), 24 states have call successors, (32) [2022-11-03 01:49:58,177 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 140 states to 140 states and 169 transitions. [2022-11-03 01:49:58,177 INFO L78 Accepts]: Start accepts. Automaton has 140 states and 169 transitions. Word has length 30 [2022-11-03 01:49:58,178 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:49:58,178 INFO L495 AbstractCegarLoop]: Abstraction has 140 states and 169 transitions. [2022-11-03 01:49:58,179 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-03 01:49:58,179 INFO L276 IsEmpty]: Start isEmpty. Operand 140 states and 169 transitions. [2022-11-03 01:49:58,186 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-11-03 01:49:58,187 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:49:58,187 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:49:58,188 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-03 01:49:58,188 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:49:58,189 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:49:58,189 INFO L85 PathProgramCache]: Analyzing trace with hash -719471641, now seen corresponding path program 1 times [2022-11-03 01:49:58,189 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:49:58,190 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1155057019] [2022-11-03 01:49:58,190 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:49:58,190 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:49:58,229 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:49:58,445 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 01:49:58,445 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:49:58,446 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1155057019] [2022-11-03 01:49:58,446 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1155057019] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 01:49:58,446 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 01:49:58,446 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-03 01:49:58,446 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1840547776] [2022-11-03 01:49:58,446 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 01:49:58,447 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-03 01:49:58,447 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:49:58,448 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-03 01:49:58,448 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-03 01:49:58,448 INFO L87 Difference]: Start difference. First operand 140 states and 169 transitions. Second operand has 5 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-03 01:49:58,717 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:49:58,717 INFO L93 Difference]: Finished difference Result 186 states and 223 transitions. [2022-11-03 01:49:58,718 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2022-11-03 01:49:58,718 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 33 [2022-11-03 01:49:58,719 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:49:58,721 INFO L225 Difference]: With dead ends: 186 [2022-11-03 01:49:58,721 INFO L226 Difference]: Without dead ends: 184 [2022-11-03 01:49:58,722 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=27, Invalid=45, Unknown=0, NotChecked=0, Total=72 [2022-11-03 01:49:58,723 INFO L413 NwaCegarLoop]: 46 mSDtfsCounter, 54 mSDsluCounter, 111 mSDsCounter, 0 mSdLazyCounter, 133 mSolverCounterSat, 28 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 57 SdHoareTripleChecker+Valid, 136 SdHoareTripleChecker+Invalid, 161 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 28 IncrementalHoareTripleChecker+Valid, 133 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-03 01:49:58,724 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [57 Valid, 136 Invalid, 161 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [28 Valid, 133 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-03 01:49:58,725 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 184 states. [2022-11-03 01:49:58,757 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 184 to 174. [2022-11-03 01:49:58,758 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 174 states, 117 states have (on average 1.188034188034188) internal successors, (139), 128 states have internal predecessors, (139), 28 states have call successors, (28), 22 states have call predecessors, (28), 28 states have return successors, (42), 30 states have call predecessors, (42), 28 states have call successors, (42) [2022-11-03 01:49:58,760 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 174 states to 174 states and 209 transitions. [2022-11-03 01:49:58,760 INFO L78 Accepts]: Start accepts. Automaton has 174 states and 209 transitions. Word has length 33 [2022-11-03 01:49:58,760 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:49:58,761 INFO L495 AbstractCegarLoop]: Abstraction has 174 states and 209 transitions. [2022-11-03 01:49:58,761 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-03 01:49:58,761 INFO L276 IsEmpty]: Start isEmpty. Operand 174 states and 209 transitions. [2022-11-03 01:49:58,762 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-11-03 01:49:58,762 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:49:58,762 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:49:58,763 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-03 01:49:58,763 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:49:58,764 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:49:58,764 INFO L85 PathProgramCache]: Analyzing trace with hash 199702295, now seen corresponding path program 1 times [2022-11-03 01:49:58,764 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:49:58,764 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1449723005] [2022-11-03 01:49:58,764 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:49:58,765 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:49:58,797 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:49:59,246 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 01:49:59,247 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:49:59,247 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1449723005] [2022-11-03 01:49:59,247 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1449723005] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 01:49:59,248 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 01:49:59,248 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-11-03 01:49:59,248 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1225542906] [2022-11-03 01:49:59,248 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 01:49:59,249 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-11-03 01:49:59,249 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:49:59,250 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-11-03 01:49:59,251 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2022-11-03 01:49:59,251 INFO L87 Difference]: Start difference. First operand 174 states and 209 transitions. Second operand has 7 states, 7 states have (on average 3.4285714285714284) internal successors, (24), 7 states have internal predecessors, (24), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-03 01:49:59,528 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:49:59,528 INFO L93 Difference]: Finished difference Result 460 states and 554 transitions. [2022-11-03 01:49:59,529 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-11-03 01:49:59,529 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 3.4285714285714284) internal successors, (24), 7 states have internal predecessors, (24), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) Word has length 34 [2022-11-03 01:49:59,530 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:49:59,538 INFO L225 Difference]: With dead ends: 460 [2022-11-03 01:49:59,538 INFO L226 Difference]: Without dead ends: 288 [2022-11-03 01:49:59,541 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=21, Invalid=35, Unknown=0, NotChecked=0, Total=56 [2022-11-03 01:49:59,546 INFO L413 NwaCegarLoop]: 66 mSDtfsCounter, 111 mSDsluCounter, 119 mSDsCounter, 0 mSdLazyCounter, 122 mSolverCounterSat, 33 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 112 SdHoareTripleChecker+Valid, 160 SdHoareTripleChecker+Invalid, 155 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 33 IncrementalHoareTripleChecker+Valid, 122 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-03 01:49:59,547 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [112 Valid, 160 Invalid, 155 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [33 Valid, 122 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-03 01:49:59,551 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 288 states. [2022-11-03 01:49:59,608 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 288 to 242. [2022-11-03 01:49:59,610 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 242 states, 163 states have (on average 1.165644171779141) internal successors, (190), 175 states have internal predecessors, (190), 37 states have call successors, (37), 35 states have call predecessors, (37), 41 states have return successors, (51), 39 states have call predecessors, (51), 37 states have call successors, (51) [2022-11-03 01:49:59,613 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 242 states to 242 states and 278 transitions. [2022-11-03 01:49:59,613 INFO L78 Accepts]: Start accepts. Automaton has 242 states and 278 transitions. Word has length 34 [2022-11-03 01:49:59,616 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:49:59,616 INFO L495 AbstractCegarLoop]: Abstraction has 242 states and 278 transitions. [2022-11-03 01:49:59,616 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 3.4285714285714284) internal successors, (24), 7 states have internal predecessors, (24), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-03 01:49:59,617 INFO L276 IsEmpty]: Start isEmpty. Operand 242 states and 278 transitions. [2022-11-03 01:49:59,619 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2022-11-03 01:49:59,619 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:49:59,620 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:49:59,620 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-03 01:49:59,620 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:49:59,621 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:49:59,621 INFO L85 PathProgramCache]: Analyzing trace with hash -1326519423, now seen corresponding path program 1 times [2022-11-03 01:49:59,622 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:49:59,622 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1757720217] [2022-11-03 01:49:59,622 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:49:59,622 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:49:59,659 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:50:00,135 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-03 01:50:00,136 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:50:00,136 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1757720217] [2022-11-03 01:50:00,136 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1757720217] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 01:50:00,136 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1757056384] [2022-11-03 01:50:00,139 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:50:00,140 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 01:50:00,140 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 01:50:00,143 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 01:50:00,165 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-03 01:50:00,283 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:50:00,287 INFO L263 TraceCheckSpWp]: Trace formula consists of 351 conjuncts, 31 conjunts are in the unsatisfiable core [2022-11-03 01:50:00,303 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 01:50:00,699 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 01:50:00,699 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 01:50:01,228 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-03 01:50:01,229 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1757056384] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 01:50:01,229 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [525254382] [2022-11-03 01:50:01,258 INFO L159 IcfgInterpreter]: Started Sifa with 36 locations of interest [2022-11-03 01:50:01,259 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 01:50:01,265 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 01:50:01,273 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 01:50:01,273 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 01:50:06,933 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 294 for LOIs [2022-11-03 01:50:06,989 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 316 for LOIs [2022-11-03 01:50:10,024 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 311 for LOIs [2022-11-03 01:50:12,596 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 43 for LOIs [2022-11-03 01:50:12,603 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 292 for LOIs [2022-11-03 01:50:12,646 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 01:50:57,849 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '3502#(and (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~6#1|) (= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| ~methaneLevelCritical~0) (= ~head~0.offset 0) (<= 2 ~waterLevel~0) (= 1 ~systemActive~0) (= |old(~pumpRunning~0)| 0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1|) (<= 2 |old(~waterLevel~0)|) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~6#1|) (= ~head~0.base 0) (= |#NULL.offset| 0) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 0)) (<= 0 |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1|) (<= 0 |#StackHeapBarrier|) (<= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 1) (= ~pumpRunning~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 01:50:57,849 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 01:50:57,850 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 01:50:57,850 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 10, 10] total 24 [2022-11-03 01:50:57,850 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [998693785] [2022-11-03 01:50:57,850 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 01:50:57,851 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 24 states [2022-11-03 01:50:57,851 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:50:57,852 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 24 interpolants. [2022-11-03 01:50:57,853 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=328, Invalid=2122, Unknown=0, NotChecked=0, Total=2450 [2022-11-03 01:50:57,853 INFO L87 Difference]: Start difference. First operand 242 states and 278 transitions. Second operand has 24 states, 18 states have (on average 3.1666666666666665) internal successors, (57), 18 states have internal predecessors, (57), 7 states have call successors, (14), 6 states have call predecessors, (14), 10 states have return successors, (13), 11 states have call predecessors, (13), 7 states have call successors, (13) [2022-11-03 01:51:03,841 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:51:03,842 INFO L93 Difference]: Finished difference Result 921 states and 1183 transitions. [2022-11-03 01:51:03,843 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 70 states. [2022-11-03 01:51:03,844 INFO L78 Accepts]: Start accepts. Automaton has has 24 states, 18 states have (on average 3.1666666666666665) internal successors, (57), 18 states have internal predecessors, (57), 7 states have call successors, (14), 6 states have call predecessors, (14), 10 states have return successors, (13), 11 states have call predecessors, (13), 7 states have call successors, (13) Word has length 37 [2022-11-03 01:51:03,844 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:51:03,855 INFO L225 Difference]: With dead ends: 921 [2022-11-03 01:51:03,855 INFO L226 Difference]: Without dead ends: 667 [2022-11-03 01:51:03,863 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 199 GetRequests, 85 SyntacticMatches, 3 SemanticMatches, 111 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4659 ImplicationChecksByTransitivity, 49.0s TimeCoverageRelationStatistics Valid=1502, Invalid=11154, Unknown=0, NotChecked=0, Total=12656 [2022-11-03 01:51:03,867 INFO L413 NwaCegarLoop]: 95 mSDtfsCounter, 812 mSDsluCounter, 457 mSDsCounter, 0 mSdLazyCounter, 2138 mSolverCounterSat, 747 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 817 SdHoareTripleChecker+Valid, 434 SdHoareTripleChecker+Invalid, 2885 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 747 IncrementalHoareTripleChecker+Valid, 2138 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.3s IncrementalHoareTripleChecker+Time [2022-11-03 01:51:03,868 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [817 Valid, 434 Invalid, 2885 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [747 Valid, 2138 Invalid, 0 Unknown, 0 Unchecked, 2.3s Time] [2022-11-03 01:51:03,870 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 667 states. [2022-11-03 01:51:03,994 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 667 to 481. [2022-11-03 01:51:03,997 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 481 states, 322 states have (on average 1.1428571428571428) internal successors, (368), 347 states have internal predecessors, (368), 76 states have call successors, (76), 71 states have call predecessors, (76), 82 states have return successors, (96), 80 states have call predecessors, (96), 76 states have call successors, (96) [2022-11-03 01:51:04,002 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 481 states to 481 states and 540 transitions. [2022-11-03 01:51:04,003 INFO L78 Accepts]: Start accepts. Automaton has 481 states and 540 transitions. Word has length 37 [2022-11-03 01:51:04,004 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:51:04,004 INFO L495 AbstractCegarLoop]: Abstraction has 481 states and 540 transitions. [2022-11-03 01:51:04,005 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 24 states, 18 states have (on average 3.1666666666666665) internal successors, (57), 18 states have internal predecessors, (57), 7 states have call successors, (14), 6 states have call predecessors, (14), 10 states have return successors, (13), 11 states have call predecessors, (13), 7 states have call successors, (13) [2022-11-03 01:51:04,005 INFO L276 IsEmpty]: Start isEmpty. Operand 481 states and 540 transitions. [2022-11-03 01:51:04,013 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 66 [2022-11-03 01:51:04,013 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:51:04,014 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:51:04,052 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-03 01:51:04,238 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable7 [2022-11-03 01:51:04,238 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:51:04,238 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:51:04,239 INFO L85 PathProgramCache]: Analyzing trace with hash 1581672991, now seen corresponding path program 1 times [2022-11-03 01:51:04,239 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:51:04,239 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1615298146] [2022-11-03 01:51:04,239 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:51:04,239 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:51:04,293 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:51:05,017 INFO L134 CoverageAnalysis]: Checked inductivity of 25 backedges. 5 proven. 10 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2022-11-03 01:51:05,017 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:51:05,017 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1615298146] [2022-11-03 01:51:05,017 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1615298146] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 01:51:05,018 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [473410520] [2022-11-03 01:51:05,018 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:51:05,018 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 01:51:05,018 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 01:51:05,022 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 01:51:05,055 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-03 01:51:05,165 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:51:05,168 INFO L263 TraceCheckSpWp]: Trace formula consists of 434 conjuncts, 27 conjunts are in the unsatisfiable core [2022-11-03 01:51:05,172 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 01:51:05,608 INFO L134 CoverageAnalysis]: Checked inductivity of 25 backedges. 13 proven. 10 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 01:51:05,608 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 01:51:06,130 INFO L134 CoverageAnalysis]: Checked inductivity of 25 backedges. 8 proven. 3 refuted. 0 times theorem prover too weak. 14 trivial. 0 not checked. [2022-11-03 01:51:06,130 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [473410520] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 01:51:06,130 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1899714231] [2022-11-03 01:51:06,139 INFO L159 IcfgInterpreter]: Started Sifa with 43 locations of interest [2022-11-03 01:51:06,139 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 01:51:06,140 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 01:51:06,140 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 01:51:06,140 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 01:51:14,118 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 40 for LOIs [2022-11-03 01:51:14,127 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 43 for LOIs [2022-11-03 01:51:14,466 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 37 for LOIs [2022-11-03 01:51:14,717 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 38 for LOIs [2022-11-03 01:51:14,728 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 41 for LOIs [2022-11-03 01:51:14,744 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 40 for LOIs [2022-11-03 01:51:14,750 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 01:51:21,905 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '6207#(and (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~6#1|) (= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| ~methaneLevelCritical~0) (<= 0 (+ |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 2147483648)) (= ~head~0.offset 0) (<= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 2147483647) (= 1 ~systemActive~0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1|) (<= 0 ~head~0.base) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~6#1|) (<= ~head~0.base 0) (= |#NULL.offset| 0) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 0)) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 0)) (<= 0 |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1|) (<= 0 |#StackHeapBarrier|) (<= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 01:51:21,905 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 01:51:21,905 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 01:51:21,905 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 11, 11] total 26 [2022-11-03 01:51:21,906 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [529915144] [2022-11-03 01:51:21,906 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 01:51:21,907 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 26 states [2022-11-03 01:51:21,907 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:51:21,908 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 26 interpolants. [2022-11-03 01:51:21,909 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=319, Invalid=2437, Unknown=0, NotChecked=0, Total=2756 [2022-11-03 01:51:21,909 INFO L87 Difference]: Start difference. First operand 481 states and 540 transitions. Second operand has 26 states, 23 states have (on average 3.739130434782609) internal successors, (86), 21 states have internal predecessors, (86), 11 states have call successors, (23), 10 states have call predecessors, (23), 9 states have return successors, (21), 8 states have call predecessors, (21), 11 states have call successors, (21) [2022-11-03 01:51:24,691 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:51:24,691 INFO L93 Difference]: Finished difference Result 1599 states and 1875 transitions. [2022-11-03 01:51:24,692 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 39 states. [2022-11-03 01:51:24,692 INFO L78 Accepts]: Start accepts. Automaton has has 26 states, 23 states have (on average 3.739130434782609) internal successors, (86), 21 states have internal predecessors, (86), 11 states have call successors, (23), 10 states have call predecessors, (23), 9 states have return successors, (21), 8 states have call predecessors, (21), 11 states have call successors, (21) Word has length 65 [2022-11-03 01:51:24,693 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:51:24,700 INFO L225 Difference]: With dead ends: 1599 [2022-11-03 01:51:24,700 INFO L226 Difference]: Without dead ends: 1249 [2022-11-03 01:51:24,704 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 241 GetRequests, 144 SyntacticMatches, 18 SemanticMatches, 79 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3304 ImplicationChecksByTransitivity, 8.9s TimeCoverageRelationStatistics Valid=859, Invalid=5621, Unknown=0, NotChecked=0, Total=6480 [2022-11-03 01:51:24,705 INFO L413 NwaCegarLoop]: 61 mSDtfsCounter, 758 mSDsluCounter, 451 mSDsCounter, 0 mSdLazyCounter, 1027 mSolverCounterSat, 470 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 762 SdHoareTripleChecker+Valid, 418 SdHoareTripleChecker+Invalid, 1497 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 470 IncrementalHoareTripleChecker+Valid, 1027 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.2s IncrementalHoareTripleChecker+Time [2022-11-03 01:51:24,705 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [762 Valid, 418 Invalid, 1497 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [470 Valid, 1027 Invalid, 0 Unknown, 0 Unchecked, 1.2s Time] [2022-11-03 01:51:24,707 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1249 states. [2022-11-03 01:51:24,849 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1249 to 969. [2022-11-03 01:51:24,851 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 969 states, 652 states have (on average 1.1457055214723926) internal successors, (747), 703 states have internal predecessors, (747), 153 states have call successors, (153), 136 states have call predecessors, (153), 163 states have return successors, (209), 165 states have call predecessors, (209), 153 states have call successors, (209) [2022-11-03 01:51:24,857 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 969 states to 969 states and 1109 transitions. [2022-11-03 01:51:24,858 INFO L78 Accepts]: Start accepts. Automaton has 969 states and 1109 transitions. Word has length 65 [2022-11-03 01:51:24,859 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:51:24,859 INFO L495 AbstractCegarLoop]: Abstraction has 969 states and 1109 transitions. [2022-11-03 01:51:24,859 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 26 states, 23 states have (on average 3.739130434782609) internal successors, (86), 21 states have internal predecessors, (86), 11 states have call successors, (23), 10 states have call predecessors, (23), 9 states have return successors, (21), 8 states have call predecessors, (21), 11 states have call successors, (21) [2022-11-03 01:51:24,860 INFO L276 IsEmpty]: Start isEmpty. Operand 969 states and 1109 transitions. [2022-11-03 01:51:24,864 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 115 [2022-11-03 01:51:24,865 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:51:24,865 INFO L195 NwaCegarLoop]: trace histogram [6, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:51:24,915 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-03 01:51:25,090 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable8 [2022-11-03 01:51:25,090 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:51:25,090 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:51:25,091 INFO L85 PathProgramCache]: Analyzing trace with hash -272289343, now seen corresponding path program 1 times [2022-11-03 01:51:25,091 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:51:25,091 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1861522713] [2022-11-03 01:51:25,091 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:51:25,091 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:51:25,162 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:51:26,693 INFO L134 CoverageAnalysis]: Checked inductivity of 143 backedges. 52 proven. 52 refuted. 0 times theorem prover too weak. 39 trivial. 0 not checked. [2022-11-03 01:51:26,694 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:51:26,694 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1861522713] [2022-11-03 01:51:26,694 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1861522713] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 01:51:26,694 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [277704162] [2022-11-03 01:51:26,694 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:51:26,695 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 01:51:26,695 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 01:51:26,696 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 01:51:26,702 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-11-03 01:51:26,876 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:51:26,880 INFO L263 TraceCheckSpWp]: Trace formula consists of 600 conjuncts, 36 conjunts are in the unsatisfiable core [2022-11-03 01:51:26,886 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 01:51:27,532 INFO L134 CoverageAnalysis]: Checked inductivity of 143 backedges. 81 proven. 42 refuted. 0 times theorem prover too weak. 20 trivial. 0 not checked. [2022-11-03 01:51:27,532 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 01:51:28,654 INFO L134 CoverageAnalysis]: Checked inductivity of 143 backedges. 72 proven. 25 refuted. 0 times theorem prover too weak. 46 trivial. 0 not checked. [2022-11-03 01:51:28,655 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [277704162] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 01:51:28,655 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [534498318] [2022-11-03 01:51:28,661 INFO L159 IcfgInterpreter]: Started Sifa with 43 locations of interest [2022-11-03 01:51:28,662 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 01:51:28,663 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 01:51:28,664 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 01:51:28,664 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 01:51:35,966 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 40 for LOIs [2022-11-03 01:51:35,974 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 43 for LOIs [2022-11-03 01:51:36,357 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 37 for LOIs [2022-11-03 01:51:36,603 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 38 for LOIs [2022-11-03 01:51:36,610 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 41 for LOIs [2022-11-03 01:51:36,619 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 40 for LOIs [2022-11-03 01:51:36,625 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 01:51:45,118 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '10905#(and (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~6#1|) (= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| ~methaneLevelCritical~0) (<= 0 (+ |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 2147483648)) (= ~head~0.offset 0) (<= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 2147483647) (= 1 ~systemActive~0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1|) (<= 0 ~head~0.base) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~6#1|) (<= ~head~0.base 0) (= |#NULL.offset| 0) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 0)) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 0)) (<= 0 |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1|) (<= 0 |#StackHeapBarrier|) (<= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 01:51:45,119 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 01:51:45,119 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 01:51:45,119 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [19, 13, 13] total 36 [2022-11-03 01:51:45,119 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [447160937] [2022-11-03 01:51:45,119 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 01:51:45,121 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 36 states [2022-11-03 01:51:45,121 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:51:45,121 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 36 interpolants. [2022-11-03 01:51:45,122 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=431, Invalid=3475, Unknown=0, NotChecked=0, Total=3906 [2022-11-03 01:51:45,122 INFO L87 Difference]: Start difference. First operand 969 states and 1109 transitions. Second operand has 36 states, 34 states have (on average 4.647058823529412) internal successors, (158), 34 states have internal predecessors, (158), 22 states have call successors, (36), 9 states have call predecessors, (36), 14 states have return successors, (38), 18 states have call predecessors, (38), 22 states have call successors, (38) [2022-11-03 01:51:47,413 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:51:47,414 INFO L93 Difference]: Finished difference Result 1340 states and 1542 transitions. [2022-11-03 01:51:47,414 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2022-11-03 01:51:47,415 INFO L78 Accepts]: Start accepts. Automaton has has 36 states, 34 states have (on average 4.647058823529412) internal successors, (158), 34 states have internal predecessors, (158), 22 states have call successors, (36), 9 states have call predecessors, (36), 14 states have return successors, (38), 18 states have call predecessors, (38), 22 states have call successors, (38) Word has length 114 [2022-11-03 01:51:47,419 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:51:47,420 INFO L225 Difference]: With dead ends: 1340 [2022-11-03 01:51:47,420 INFO L226 Difference]: Without dead ends: 0 [2022-11-03 01:51:47,433 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 389 GetRequests, 276 SyntacticMatches, 30 SemanticMatches, 83 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4565 ImplicationChecksByTransitivity, 10.5s TimeCoverageRelationStatistics Valid=961, Invalid=6179, Unknown=0, NotChecked=0, Total=7140 [2022-11-03 01:51:47,434 INFO L413 NwaCegarLoop]: 45 mSDtfsCounter, 583 mSDsluCounter, 411 mSDsCounter, 0 mSdLazyCounter, 883 mSolverCounterSat, 351 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 586 SdHoareTripleChecker+Valid, 352 SdHoareTripleChecker+Invalid, 1234 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 351 IncrementalHoareTripleChecker+Valid, 883 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2022-11-03 01:51:47,435 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [586 Valid, 352 Invalid, 1234 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [351 Valid, 883 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2022-11-03 01:51:47,437 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-03 01:51:47,437 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-03 01:51:47,438 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 01:51:47,438 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-03 01:51:47,438 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 114 [2022-11-03 01:51:47,439 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:51:47,439 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-03 01:51:47,439 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 36 states, 34 states have (on average 4.647058823529412) internal successors, (158), 34 states have internal predecessors, (158), 22 states have call successors, (36), 9 states have call predecessors, (36), 14 states have return successors, (38), 18 states have call predecessors, (38), 22 states have call successors, (38) [2022-11-03 01:51:47,440 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-03 01:51:47,440 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-03 01:51:47,444 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-03 01:51:47,495 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2022-11-03 01:51:47,658 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-03 01:51:47,660 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-03 01:51:54,713 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 586 592) no Hoare annotation was computed. [2022-11-03 01:51:54,714 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 586 592) the Hoare annotation is: true [2022-11-03 01:51:54,714 INFO L895 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 897 908) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0))) (and (or (not (= ~waterLevel~0 1)) (not (= ~pumpRunning~0 0)) .cse0 .cse1) (or .cse0 .cse1 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2)))) [2022-11-03 01:51:54,714 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 897 908) no Hoare annotation was computed. [2022-11-03 01:51:54,714 INFO L902 garLoopResultBuilder]: At program point L800(lines 775 804) the Hoare annotation is: true [2022-11-03 01:51:54,714 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 775 804) no Hoare annotation was computed. [2022-11-03 01:51:54,714 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 775 804) the Hoare annotation is: true [2022-11-03 01:51:54,715 INFO L899 garLoopResultBuilder]: For program point L796(line 796) no Hoare annotation was computed. [2022-11-03 01:51:54,715 INFO L899 garLoopResultBuilder]: For program point L789(lines 789 793) no Hoare annotation was computed. [2022-11-03 01:51:54,715 INFO L902 garLoopResultBuilder]: At program point L789-1(lines 789 793) the Hoare annotation is: true [2022-11-03 01:51:54,715 INFO L902 garLoopResultBuilder]: At program point L785-2(lines 785 799) the Hoare annotation is: true [2022-11-03 01:51:54,715 INFO L902 garLoopResultBuilder]: At program point L781(line 781) the Hoare annotation is: true [2022-11-03 01:51:54,715 INFO L899 garLoopResultBuilder]: For program point L781-1(line 781) no Hoare annotation was computed. [2022-11-03 01:51:54,716 INFO L895 garLoopResultBuilder]: At program point L634(line 634) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or .cse0 (< |old(~waterLevel~0)| 2) (not (<= |old(~waterLevel~0)| 2))) (or (not (= |old(~pumpRunning~0)| 0)) (not (= |old(~waterLevel~0)| 1)) .cse0))) [2022-11-03 01:51:54,716 INFO L899 garLoopResultBuilder]: For program point L65(lines 65 71) no Hoare annotation was computed. [2022-11-03 01:51:54,716 INFO L895 garLoopResultBuilder]: At program point L639(line 639) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (= ~pumpRunning~0 0))) (and (or (not (= |old(~pumpRunning~0)| 0)) (not (= |old(~waterLevel~0)| 1)) .cse0 (and .cse1 (= ~waterLevel~0 1))) (or .cse0 (< |old(~waterLevel~0)| 2) (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (not (<= |old(~waterLevel~0)| 2))))) [2022-11-03 01:51:54,717 INFO L895 garLoopResultBuilder]: At program point L639-1(lines 620 644) the Hoare annotation is: (let ((.cse8 (= ~methaneLevelCritical~0 0))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (= ~waterLevel~0 1)) (.cse1 (not (= 1 ~systemActive~0))) (.cse5 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse2 (= ~pumpRunning~0 0)) (.cse7 (not .cse8)) (.cse4 (< |old(~waterLevel~0)| 2)) (.cse6 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1 (and .cse2 .cse3)) (or .cse0 .cse1 .cse4 .cse5 .cse6) (or .cse1 .cse4 .cse7 (not (= |old(~pumpRunning~0)| 1)) .cse3 .cse6) (or (and .cse2 (<= 1 |timeShift_processEnvironment_~tmp~6#1|) .cse3) .cse1 (and .cse5 (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) (not (= ~methaneLevelCritical~0 1))) (or (and .cse2 .cse7) (and .cse8 (= ~pumpRunning~0 1)))) .cse4 .cse6)))) [2022-11-03 01:51:54,717 INFO L895 garLoopResultBuilder]: At program point L61(lines 61 74) the Hoare annotation is: (let ((.cse16 (= ~methaneLevelCritical~0 0)) (.cse9 (= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 0))) (let ((.cse4 (not .cse9)) (.cse7 (not (= ~methaneLevelCritical~0 1))) (.cse8 (= ~pumpRunning~0 0)) (.cse14 (= 1 ~systemActive~0)) (.cse5 (not (= |old(~pumpRunning~0)| 0))) (.cse10 (not .cse16))) (let ((.cse6 (not (= |old(~waterLevel~0)| 1))) (.cse1 (and (or .cse5 .cse16) (or .cse10 (not (= |old(~pumpRunning~0)| 1))))) (.cse2 (not (= |old(~waterLevel~0)| 2))) (.cse3 (= ~waterLevel~0 1)) (.cse0 (not .cse14)) (.cse11 (< |old(~waterLevel~0)| 2)) (.cse13 (let ((.cse15 (= ~pumpRunning~0 1))) (and (<= 2 ~waterLevel~0) .cse14 (or (and .cse8 .cse4) (and .cse9 .cse15)) (= |old(~waterLevel~0)| ~waterLevel~0) (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse7) (or (and .cse8 .cse10) (and .cse16 .cse15))))) (.cse12 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse6 .cse0 .cse7 .cse4) (or .cse5 .cse6 .cse0 (and .cse8 .cse3)) (or .cse5 .cse9 .cse6 .cse0 .cse10) (or .cse9 .cse0 .cse11 .cse1 .cse10 .cse12) (or .cse5 .cse0 .cse13 .cse2) (or (and .cse8 (<= 1 |timeShift_processEnvironment_~tmp~6#1|) .cse3) .cse0 .cse11 .cse13 .cse12))))) [2022-11-03 01:51:54,718 INFO L899 garLoopResultBuilder]: For program point L573-1(lines 573 579) no Hoare annotation was computed. [2022-11-03 01:51:54,718 INFO L895 garLoopResultBuilder]: At program point L61-1(lines 53 77) the Hoare annotation is: (let ((.cse8 (= |timeShift___utac_acc__Specification1_spec__1_~tmp~0#1| 0)) (.cse16 (= ~methaneLevelCritical~0 0))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse9 (not .cse16)) (.cse12 (= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 0)) (.cse15 (not .cse8))) (let ((.cse3 (and .cse12 .cse15)) (.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse5 (and (or .cse0 .cse16) (or .cse9 (not (= |old(~pumpRunning~0)| 1))))) (.cse6 (= ~waterLevel~0 1)) (.cse2 (not (= 1 ~systemActive~0))) (.cse10 (< |old(~waterLevel~0)| 2)) (.cse7 (= ~pumpRunning~0 0)) (.cse11 (not (<= |old(~waterLevel~0)| 2))) (.cse4 (not (= ~methaneLevelCritical~0 1)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse2 .cse5 .cse3 (not (= |old(~waterLevel~0)| 2)) .cse6) (or .cse0 .cse1 .cse2 (and .cse7 .cse6)) (or .cse0 .cse8 .cse1 .cse2 .cse9) (or .cse8 .cse2 .cse10 .cse5 .cse9 .cse11) (let ((.cse13 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse14 (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse4))) (or (and .cse7 .cse12 .cse9 .cse13 .cse14 .cse15) (and .cse0 .cse7 (<= 1 |timeShift_processEnvironment_~tmp~6#1|) .cse6) .cse2 .cse10 (let ((.cse17 (= ~pumpRunning~0 1))) (and (or .cse16 (not (= |processEnvironment__wrappee__highWaterSensor_isMethaneAlarm_#t~ret37#1| 0))) (or (and .cse7 .cse15) (and .cse8 .cse17)) .cse13 .cse14 (or (and .cse7 .cse9) (and .cse16 .cse17)) (or .cse16 (not (= |isMethaneLevelCritical_#res| 0))))) .cse11)))))) [2022-11-03 01:51:54,718 INFO L895 garLoopResultBuilder]: At program point L978(line 978) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or .cse0 (< |old(~waterLevel~0)| 2) (not (<= |old(~waterLevel~0)| 2))) (or (not (= |old(~pumpRunning~0)| 0)) (not (= |old(~waterLevel~0)| 1)) .cse0))) [2022-11-03 01:51:54,719 INFO L899 garLoopResultBuilder]: For program point L566-1(lines 565 584) no Hoare annotation was computed. [2022-11-03 01:51:54,719 INFO L895 garLoopResultBuilder]: At program point L628(lines 628 636) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or .cse0 (< |old(~waterLevel~0)| 2) (not (<= |old(~waterLevel~0)| 2)) (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (not (= ~pumpRunning~0 0)) (<= 1 |timeShift_processEnvironment_~tmp~6#1|) (= ~waterLevel~0 1))) (or (not (= |old(~pumpRunning~0)| 0)) (not (= |old(~waterLevel~0)| 1)) .cse0))) [2022-11-03 01:51:54,719 INFO L895 garLoopResultBuilder]: At program point L624(lines 624 641) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (= ~pumpRunning~0 0))) (and (or (not (= |old(~pumpRunning~0)| 0)) (not (= |old(~waterLevel~0)| 1)) .cse0 (and .cse1 (= ~waterLevel~0 1))) (or .cse0 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (or (and .cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (and (not .cse1) (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))))) (< |old(~waterLevel~0)| 2) (not (<= |old(~waterLevel~0)| 2))))) [2022-11-03 01:51:54,720 INFO L895 garLoopResultBuilder]: At program point L59(line 59) the Hoare annotation is: (let ((.cse8 (= ~methaneLevelCritical~0 0))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (= ~waterLevel~0 1)) (.cse1 (not (= 1 ~systemActive~0))) (.cse5 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse2 (= ~pumpRunning~0 0)) (.cse7 (not .cse8)) (.cse4 (< |old(~waterLevel~0)| 2)) (.cse6 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1 (and .cse2 .cse3)) (or .cse0 .cse1 .cse4 .cse5 .cse6) (or .cse1 .cse4 .cse7 (not (= |old(~pumpRunning~0)| 1)) .cse3 .cse6) (or (and .cse2 (<= 1 |timeShift_processEnvironment_~tmp~6#1|) .cse3) .cse1 (and .cse5 (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) (not (= ~methaneLevelCritical~0 1))) (or (and .cse2 .cse7) (and .cse8 (= ~pumpRunning~0 1)))) .cse4 .cse6)))) [2022-11-03 01:51:54,720 INFO L899 garLoopResultBuilder]: For program point L59-1(line 59) no Hoare annotation was computed. [2022-11-03 01:51:54,720 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 562 585) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (not (= |old(~waterLevel~0)| 1)) .cse0 (and (= ~pumpRunning~0 0) (= ~waterLevel~0 1))) (or .cse0 (< |old(~waterLevel~0)| 2) (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= |old(~waterLevel~0)| ~waterLevel~0)) (not (<= |old(~waterLevel~0)| 2))))) [2022-11-03 01:51:54,720 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 562 585) no Hoare annotation was computed. [2022-11-03 01:51:54,721 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 978) no Hoare annotation was computed. [2022-11-03 01:51:54,721 INFO L902 garLoopResultBuilder]: At program point isMethaneLevelCriticalENTRY(lines 909 917) the Hoare annotation is: true [2022-11-03 01:51:54,721 INFO L899 garLoopResultBuilder]: For program point isMethaneLevelCriticalEXIT(lines 909 917) no Hoare annotation was computed. [2022-11-03 01:51:54,721 INFO L895 garLoopResultBuilder]: At program point L543(lines 496 544) the Hoare annotation is: false [2022-11-03 01:51:54,721 INFO L899 garLoopResultBuilder]: For program point L498(lines 497 542) no Hoare annotation was computed. [2022-11-03 01:51:54,722 INFO L895 garLoopResultBuilder]: At program point L519(line 519) the Hoare annotation is: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= 2 ~waterLevel~0) .cse0 .cse1) (and (= ~pumpRunning~0 0) .cse0 .cse1 (= ~waterLevel~0 1)))) [2022-11-03 01:51:54,722 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-03 01:51:54,722 INFO L895 garLoopResultBuilder]: At program point L540(lines 497 542) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse4 (= ~methaneLevelCritical~0 0)) (.cse3 (<= 2 ~waterLevel~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse5 (<= ~waterLevel~0 2))) (or (and .cse0 .cse1 .cse2 (= ~waterLevel~0 1)) (and .cse0 .cse3 .cse1 (not .cse4) .cse2 .cse5) (and .cse4 .cse3 .cse1 .cse2 .cse5 (= ~pumpRunning~0 1)))) [2022-11-03 01:51:54,722 INFO L899 garLoopResultBuilder]: For program point L507(lines 507 513) no Hoare annotation was computed. [2022-11-03 01:51:54,723 INFO L899 garLoopResultBuilder]: For program point L507-1(lines 507 513) no Hoare annotation was computed. [2022-11-03 01:51:54,723 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-03 01:51:54,723 INFO L895 garLoopResultBuilder]: At program point L533-2(lines 527 538) the Hoare annotation is: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= 2 ~waterLevel~0) .cse0 .cse1) (and (= ~pumpRunning~0 0) .cse0 .cse1 (= ~waterLevel~0 1)))) [2022-11-03 01:51:54,723 INFO L899 garLoopResultBuilder]: For program point L517(lines 517 523) no Hoare annotation was computed. [2022-11-03 01:51:54,723 INFO L899 garLoopResultBuilder]: For program point L517-1(lines 517 523) no Hoare annotation was computed. [2022-11-03 01:51:54,723 INFO L902 garLoopResultBuilder]: At program point L546(lines 487 550) the Hoare annotation is: true [2022-11-03 01:51:54,724 INFO L895 garLoopResultBuilder]: At program point L509(line 509) the Hoare annotation is: (let ((.cse2 (= ~pumpRunning~0 0)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (<= 2 ~waterLevel~0) .cse0 .cse1 (<= ~waterLevel~0 2) (let ((.cse3 (= ~methaneLevelCritical~0 0))) (or (and .cse2 (not .cse3)) (and .cse3 (= ~pumpRunning~0 1))))) (and .cse2 .cse0 .cse1 (= ~waterLevel~0 1)))) [2022-11-03 01:51:54,724 INFO L895 garLoopResultBuilder]: At program point L856(lines 856 863) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-03 01:51:54,724 INFO L902 garLoopResultBuilder]: At program point L856-2(lines 856 863) the Hoare annotation is: true [2022-11-03 01:51:54,724 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 594 618) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= 1 ~systemActive~0)))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2) (or .cse0 .cse1 .cse2 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2)))) [2022-11-03 01:51:54,725 INFO L895 garLoopResultBuilder]: At program point L684(line 684) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or .cse0 .cse1 (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~5#1| 1)) (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2)) (or (not (= ~waterLevel~0 1)) .cse0 .cse1))) [2022-11-03 01:51:54,725 INFO L895 garLoopResultBuilder]: At program point L684-1(line 684) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or .cse0 (and (= |processEnvironment__wrappee__highWaterSensor_isMethaneAlarm_#t~ret37#1| ~methaneLevelCritical~0) (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~5#1| 1)) .cse1 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2)) (or (not (= ~waterLevel~0 1)) .cse0 .cse1))) [2022-11-03 01:51:54,725 INFO L895 garLoopResultBuilder]: At program point L608(line 608) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or .cse0 .cse1 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2)) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~5#1| 0))))) [2022-11-03 01:51:54,725 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 594 618) no Hoare annotation was computed. [2022-11-03 01:51:54,726 INFO L899 garLoopResultBuilder]: For program point L602(lines 602 610) no Hoare annotation was computed. [2022-11-03 01:51:54,726 INFO L895 garLoopResultBuilder]: At program point L598(lines 598 615) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= 1 ~systemActive~0)))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2) (or .cse0 .cse1 .cse2 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2)))) [2022-11-03 01:51:54,726 INFO L895 garLoopResultBuilder]: At program point L613(line 613) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1) (or .cse0 .cse1 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2)))) [2022-11-03 01:51:54,726 INFO L899 garLoopResultBuilder]: For program point L613-1(lines 594 618) no Hoare annotation was computed. [2022-11-03 01:51:54,726 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 885 896) no Hoare annotation was computed. [2022-11-03 01:51:54,727 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 885 896) the Hoare annotation is: (let ((.cse0 (not (= ~pumpRunning~0 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1 (= ~waterLevel~0 1)) (or (let ((.cse2 (= ~methaneLevelCritical~0 0))) (and (or .cse0 .cse2) (or (not .cse2) (not (= ~pumpRunning~0 1))))) .cse1 (< |old(~waterLevel~0)| 2) (= |old(~waterLevel~0)| ~waterLevel~0) (not (<= |old(~waterLevel~0)| 2))))) [2022-11-03 01:51:54,730 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:51:54,733 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-03 01:51:54,783 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 03.11 01:51:54 BoogieIcfgContainer [2022-11-03 01:51:54,793 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-03 01:51:54,794 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-03 01:51:54,794 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-03 01:51:54,794 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-03 01:51:54,795 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 01:49:56" (3/4) ... [2022-11-03 01:51:54,798 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-03 01:51:54,805 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-03 01:51:54,806 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-03 01:51:54,806 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-03 01:51:54,806 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-03 01:51:54,806 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2022-11-03 01:51:54,807 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 01:51:54,807 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-03 01:51:54,828 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 79 nodes and edges [2022-11-03 01:51:54,830 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 26 nodes and edges [2022-11-03 01:51:54,830 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 12 nodes and edges [2022-11-03 01:51:54,831 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-03 01:51:54,832 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-11-03 01:51:54,832 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 01:51:54,833 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 01:51:54,866 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1)) && (((!(1 == systemActive) || \old(waterLevel) < 2) || (pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) [2022-11-03 01:51:54,868 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1)) && (((!(1 == systemActive) || (pumpRunning == \old(pumpRunning) && ((pumpRunning == 0 && \old(waterLevel) == waterLevel) || (!(pumpRunning == 0) && \old(waterLevel) == waterLevel + 1)))) || \old(waterLevel) < 2) || !(\old(waterLevel) <= 2)) [2022-11-03 01:51:54,869 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1)) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || \old(waterLevel) < 2) || \old(waterLevel) == waterLevel) || !(\old(waterLevel) <= 2))) && (((((!(1 == systemActive) || \old(waterLevel) < 2) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || waterLevel == 1) || !(\old(waterLevel) <= 2))) && ((((((pumpRunning == 0 && 1 <= tmp) && waterLevel == 1) || !(1 == systemActive)) || ((\old(waterLevel) == waterLevel && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1)))) || \old(waterLevel) < 2) || !(\old(waterLevel) <= 2)) [2022-11-03 01:51:54,869 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(1 == systemActive)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || waterLevel < 2) [2022-11-03 01:51:54,871 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((!(1 == systemActive) || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || !(\old(waterLevel) == 2)) || waterLevel == 1) || !(tmp == 0)) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(tmp == 0))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1))) && ((((!(\old(pumpRunning) == 0) || tmp == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((((tmp == 0 || !(1 == systemActive)) || \old(waterLevel) < 2) || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((((2 <= waterLevel && 1 == systemActive) && ((pumpRunning == 0 && !(tmp == 0)) || (tmp == 0 && pumpRunning == 1))) && \old(waterLevel) == waterLevel) && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1)))) || !(\old(waterLevel) == 2))) && ((((((pumpRunning == 0 && 1 <= tmp) && waterLevel == 1) || !(1 == systemActive)) || \old(waterLevel) < 2) || (((((2 <= waterLevel && 1 == systemActive) && ((pumpRunning == 0 && !(tmp == 0)) || (tmp == 0 && pumpRunning == 1))) && \old(waterLevel) == waterLevel) && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1)))) || !(\old(waterLevel) <= 2)) [2022-11-03 01:51:54,871 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (tmp___0 == 0 && !(tmp == 0))) || !(methaneLevelCritical == 1)) && ((((!(1 == systemActive) || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || (tmp___0 == 0 && !(tmp == 0))) || !(\old(waterLevel) == 2)) || waterLevel == 1)) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1))) && ((((!(\old(pumpRunning) == 0) || tmp == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((((tmp == 0 || !(1 == systemActive)) || \old(waterLevel) < 2) || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2))) && ((((((((((pumpRunning == 0 && tmp___0 == 0) && !(methaneLevelCritical == 0)) && \old(waterLevel) == waterLevel) && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && !(tmp == 0)) || (((!(\old(pumpRunning) == 0) && pumpRunning == 0) && 1 <= tmp) && waterLevel == 1)) || !(1 == systemActive)) || \old(waterLevel) < 2) || ((((((methaneLevelCritical == 0 || !(aux-isMethaneLevelCritical()-aux == 0)) && ((pumpRunning == 0 && !(tmp == 0)) || (tmp == 0 && pumpRunning == 1))) && \old(waterLevel) == waterLevel) && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1))) && (methaneLevelCritical == 0 || !(\result == 0)))) || !(\old(waterLevel) <= 2)) [2022-11-03 01:51:54,871 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || ((aux-isMethaneLevelCritical()-aux == methaneLevelCritical && pumpRunning == 0) && tmp == 1)) || !(1 == systemActive)) || !(waterLevel <= 2)) || waterLevel < 2) && ((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) [2022-11-03 01:51:54,872 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(1 == systemActive) || \old(waterLevel) < 2) || !(\old(waterLevel) <= 2)) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) [2022-11-03 01:51:54,873 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(1 == systemActive) || \old(waterLevel) < 2) || !(\old(waterLevel) <= 2)) || (((pumpRunning == \old(pumpRunning) && !(pumpRunning == 0)) && 1 <= tmp) && waterLevel == 1)) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) [2022-11-03 01:51:54,930 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/witness.graphml [2022-11-03 01:51:54,931 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-03 01:51:54,931 INFO L158 Benchmark]: Toolchain (without parser) took 120718.21ms. Allocated memory was 115.3MB in the beginning and 639.6MB in the end (delta: 524.3MB). Free memory was 77.5MB in the beginning and 576.9MB in the end (delta: -499.3MB). Peak memory consumption was 25.9MB. Max. memory is 16.1GB. [2022-11-03 01:51:54,932 INFO L158 Benchmark]: CDTParser took 0.83ms. Allocated memory is still 115.3MB. Free memory was 95.0MB in the beginning and 94.9MB in the end (delta: 77.0kB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-03 01:51:54,932 INFO L158 Benchmark]: CACSL2BoogieTranslator took 702.82ms. Allocated memory is still 115.3MB. Free memory was 77.4MB in the beginning and 81.3MB in the end (delta: -3.9MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2022-11-03 01:51:54,932 INFO L158 Benchmark]: Boogie Procedure Inliner took 59.57ms. Allocated memory is still 115.3MB. Free memory was 81.3MB in the beginning and 78.9MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-03 01:51:54,933 INFO L158 Benchmark]: Boogie Preprocessor took 35.23ms. Allocated memory is still 115.3MB. Free memory was 78.9MB in the beginning and 77.2MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-03 01:51:54,933 INFO L158 Benchmark]: RCFGBuilder took 1012.90ms. Allocated memory is still 115.3MB. Free memory was 77.2MB in the beginning and 48.5MB in the end (delta: 28.7MB). Peak memory consumption was 27.3MB. Max. memory is 16.1GB. [2022-11-03 01:51:54,934 INFO L158 Benchmark]: TraceAbstraction took 118760.33ms. Allocated memory was 115.3MB in the beginning and 639.6MB in the end (delta: 524.3MB). Free memory was 47.8MB in the beginning and 582.1MB in the end (delta: -534.3MB). Peak memory consumption was 355.6MB. Max. memory is 16.1GB. [2022-11-03 01:51:54,935 INFO L158 Benchmark]: Witness Printer took 137.13ms. Allocated memory is still 639.6MB. Free memory was 582.1MB in the beginning and 576.9MB in the end (delta: 5.2MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-03 01:51:54,938 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.83ms. Allocated memory is still 115.3MB. Free memory was 95.0MB in the beginning and 94.9MB in the end (delta: 77.0kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 702.82ms. Allocated memory is still 115.3MB. Free memory was 77.4MB in the beginning and 81.3MB in the end (delta: -3.9MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 59.57ms. Allocated memory is still 115.3MB. Free memory was 81.3MB in the beginning and 78.9MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 35.23ms. Allocated memory is still 115.3MB. Free memory was 78.9MB in the beginning and 77.2MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 1012.90ms. Allocated memory is still 115.3MB. Free memory was 77.2MB in the beginning and 48.5MB in the end (delta: 28.7MB). Peak memory consumption was 27.3MB. Max. memory is 16.1GB. * TraceAbstraction took 118760.33ms. Allocated memory was 115.3MB in the beginning and 639.6MB in the end (delta: 524.3MB). Free memory was 47.8MB in the beginning and 582.1MB in the end (delta: -534.3MB). Peak memory consumption was 355.6MB. Max. memory is 16.1GB. * Witness Printer took 137.13ms. Allocated memory is still 639.6MB. Free memory was 582.1MB in the beginning and 576.9MB in the end (delta: 5.2MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 978]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 57 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 118.6s, OverallIterations: 10, TraceHistogramMax: 6, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 12.4s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 7.1s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2459 SdHoareTripleChecker+Valid, 5.1s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2437 mSDsluCounter, 1953 SdHoareTripleChecker+Invalid, 4.1s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1831 mSDsCounter, 1636 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 4486 IncrementalHoareTripleChecker+Invalid, 6122 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 1636 mSolverCounterUnsat, 545 mSDtfsCounter, 4486 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 871 GetRequests, 524 SyntacticMatches, 51 SemanticMatches, 296 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 12539 ImplicationChecksByTransitivity, 68.7s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=969occurred in iteration=9, InterpolantAutomatonStates: 170, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.6s AutomataMinimizationTime, 10 MinimizatonAttempts, 532 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 34 LocationsWithAnnotation, 1304 PreInvPairs, 1460 NumberOfFragments, 1443 HoareAnnotationTreeSize, 1304 FomulaSimplifications, 2719 FormulaSimplificationTreeSizeReduction, 0.7s HoareSimplificationTime, 34 FomulaSimplificationsInter, 37382 FormulaSimplificationTreeSizeReductionInter, 6.2s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.6s SatisfiabilityAnalysisTime, 7.7s InterpolantComputationTime, 603 NumberOfCodeBlocks, 603 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 803 ConstructedInterpolants, 0 QuantifiedInterpolants, 3302 SizeOfPredicates, 36 NumberOfNonLiveVariables, 1385 ConjunctsInSsa, 94 ConjunctsInUnsatCore, 16 InterpolantComputations, 7 PerfectInterpolantSequences, 366/512 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 487]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 684]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || ((aux-isMethaneLevelCritical()-aux == methaneLevelCritical && pumpRunning == 0) && tmp == 1)) || !(1 == systemActive)) || !(waterLevel <= 2)) || waterLevel < 2) && ((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) - InvariantResult [Line: 620]: Loop Invariant Derived loop invariant: (((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1)) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || \old(waterLevel) < 2) || \old(waterLevel) == waterLevel) || !(\old(waterLevel) <= 2))) && (((((!(1 == systemActive) || \old(waterLevel) < 2) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || waterLevel == 1) || !(\old(waterLevel) <= 2))) && ((((((pumpRunning == 0 && 1 <= tmp) && waterLevel == 1) || !(1 == systemActive)) || ((\old(waterLevel) == waterLevel && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1)))) || \old(waterLevel) < 2) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 562]: Loop Invariant Derived loop invariant: (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1)) && (((!(1 == systemActive) || \old(waterLevel) < 2) || (pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 53]: Loop Invariant Derived loop invariant: ((((((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (tmp___0 == 0 && !(tmp == 0))) || !(methaneLevelCritical == 1)) && ((((!(1 == systemActive) || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || (tmp___0 == 0 && !(tmp == 0))) || !(\old(waterLevel) == 2)) || waterLevel == 1)) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1))) && ((((!(\old(pumpRunning) == 0) || tmp == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((((tmp == 0 || !(1 == systemActive)) || \old(waterLevel) < 2) || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2))) && ((((((((((pumpRunning == 0 && tmp___0 == 0) && !(methaneLevelCritical == 0)) && \old(waterLevel) == waterLevel) && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && !(tmp == 0)) || (((!(\old(pumpRunning) == 0) && pumpRunning == 0) && 1 <= tmp) && waterLevel == 1)) || !(1 == systemActive)) || \old(waterLevel) < 2) || ((((((methaneLevelCritical == 0 || !(aux-isMethaneLevelCritical()-aux == 0)) && ((pumpRunning == 0 && !(tmp == 0)) || (tmp == 0 && pumpRunning == 1))) && \old(waterLevel) == waterLevel) && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1))) && (methaneLevelCritical == 0 || !(\result == 0)))) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 856]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 978]: Loop Invariant Derived loop invariant: ((!(1 == systemActive) || \old(waterLevel) < 2) || !(\old(waterLevel) <= 2)) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) - InvariantResult [Line: 497]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0 && 1 == systemActive) && splverifierCounter == 0) && waterLevel == 1) || (((((pumpRunning == 0 && 2 <= waterLevel) && 1 == systemActive) && !(methaneLevelCritical == 0)) && splverifierCounter == 0) && waterLevel <= 2)) || (((((methaneLevelCritical == 0 && 2 <= waterLevel) && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) && pumpRunning == 1) - InvariantResult [Line: 856]: Loop Invariant Derived loop invariant: ((pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 628]: Loop Invariant Derived loop invariant: (((!(1 == systemActive) || \old(waterLevel) < 2) || !(\old(waterLevel) <= 2)) || (((pumpRunning == \old(pumpRunning) && !(pumpRunning == 0)) && 1 <= tmp) && waterLevel == 1)) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) - InvariantResult [Line: 496]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 785]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 775]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 624]: Loop Invariant Derived loop invariant: (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1)) && (((!(1 == systemActive) || (pumpRunning == \old(pumpRunning) && ((pumpRunning == 0 && \old(waterLevel) == waterLevel) || (!(pumpRunning == 0) && \old(waterLevel) == waterLevel + 1)))) || \old(waterLevel) < 2) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 61]: Loop Invariant Derived loop invariant: (((((((((!(1 == systemActive) || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || !(\old(waterLevel) == 2)) || waterLevel == 1) || !(tmp == 0)) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(tmp == 0))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1))) && ((((!(\old(pumpRunning) == 0) || tmp == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((((tmp == 0 || !(1 == systemActive)) || \old(waterLevel) < 2) || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((((2 <= waterLevel && 1 == systemActive) && ((pumpRunning == 0 && !(tmp == 0)) || (tmp == 0 && pumpRunning == 1))) && \old(waterLevel) == waterLevel) && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1)))) || !(\old(waterLevel) == 2))) && ((((((pumpRunning == 0 && 1 <= tmp) && waterLevel == 1) || !(1 == systemActive)) || \old(waterLevel) < 2) || (((((2 <= waterLevel && 1 == systemActive) && ((pumpRunning == 0 && !(tmp == 0)) || (tmp == 0 && pumpRunning == 1))) && \old(waterLevel) == waterLevel) && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1)))) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 598]: Loop Invariant Derived loop invariant: (((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(1 == systemActive)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || waterLevel < 2) RESULT: Ultimate proved your program to be correct! [2022-11-03 01:51:55,042 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_5a2929b8-5354-4bed-a8ab-534d0fc591c5/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE