./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec1_product58.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 5e519f3a Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec1_product58.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 5ed8e4dea18b15d78522f05bcbacefb8bf743c0552ef5a7415602905a04fdc4c --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-5e519f3 [2022-11-03 02:13:49,840 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-03 02:13:49,842 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-03 02:13:49,869 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-03 02:13:49,870 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-03 02:13:49,871 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-03 02:13:49,872 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-03 02:13:49,874 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-03 02:13:49,876 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-03 02:13:49,877 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-03 02:13:49,878 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-03 02:13:49,879 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-03 02:13:49,880 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-03 02:13:49,881 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-03 02:13:49,882 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-03 02:13:49,884 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-03 02:13:49,885 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-03 02:13:49,886 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-03 02:13:49,887 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-03 02:13:49,889 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-03 02:13:49,891 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-03 02:13:49,892 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-03 02:13:49,894 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-03 02:13:49,895 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-03 02:13:49,898 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-03 02:13:49,898 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-03 02:13:49,899 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-03 02:13:49,900 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-03 02:13:49,900 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-03 02:13:49,901 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-03 02:13:49,902 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-03 02:13:49,903 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-03 02:13:49,904 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-03 02:13:49,904 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-03 02:13:49,905 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-03 02:13:49,906 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-03 02:13:49,907 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-03 02:13:49,907 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-03 02:13:49,907 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-03 02:13:49,908 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-03 02:13:49,909 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-03 02:13:49,910 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-03 02:13:49,945 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-03 02:13:49,946 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-03 02:13:49,948 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-03 02:13:49,948 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-03 02:13:49,949 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-03 02:13:49,949 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-03 02:13:49,950 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-03 02:13:49,951 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-03 02:13:49,951 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-03 02:13:49,951 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-03 02:13:49,952 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-03 02:13:49,953 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-03 02:13:49,953 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-03 02:13:49,953 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-03 02:13:49,953 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-03 02:13:49,954 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-03 02:13:49,954 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-03 02:13:49,954 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-03 02:13:49,955 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-03 02:13:49,955 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-03 02:13:49,955 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-03 02:13:49,956 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-03 02:13:49,956 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-03 02:13:49,956 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-03 02:13:49,956 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-03 02:13:49,957 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-03 02:13:49,957 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-03 02:13:49,957 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-03 02:13:49,957 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-03 02:13:49,958 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-03 02:13:49,958 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-03 02:13:49,958 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-03 02:13:49,959 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 02:13:49,959 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-03 02:13:49,959 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-03 02:13:49,959 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-03 02:13:49,960 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-03 02:13:49,960 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-03 02:13:49,962 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-03 02:13:49,962 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-03 02:13:49,972 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-03 02:13:49,973 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 5ed8e4dea18b15d78522f05bcbacefb8bf743c0552ef5a7415602905a04fdc4c [2022-11-03 02:13:50,273 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-03 02:13:50,303 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-03 02:13:50,306 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-03 02:13:50,307 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-03 02:13:50,308 INFO L275 PluginConnector]: CDTParser initialized [2022-11-03 02:13:50,310 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/../../sv-benchmarks/c/product-lines/minepump_spec1_product58.cil.c [2022-11-03 02:13:50,387 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/data/8a0d9d4c0/748ea580cbfb41f595ec22063fcebf7d/FLAG05b5290be [2022-11-03 02:13:50,852 INFO L306 CDTParser]: Found 1 translation units. [2022-11-03 02:13:50,853 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/sv-benchmarks/c/product-lines/minepump_spec1_product58.cil.c [2022-11-03 02:13:50,864 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/data/8a0d9d4c0/748ea580cbfb41f595ec22063fcebf7d/FLAG05b5290be [2022-11-03 02:13:51,219 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/data/8a0d9d4c0/748ea580cbfb41f595ec22063fcebf7d [2022-11-03 02:13:51,222 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-03 02:13:51,223 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-03 02:13:51,229 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-03 02:13:51,229 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-03 02:13:51,233 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-03 02:13:51,234 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 02:13:51" (1/1) ... [2022-11-03 02:13:51,236 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@33010bd and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:13:51, skipping insertion in model container [2022-11-03 02:13:51,238 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 02:13:51" (1/1) ... [2022-11-03 02:13:51,246 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-03 02:13:51,310 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-03 02:13:51,532 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/sv-benchmarks/c/product-lines/minepump_spec1_product58.cil.c[1605,1618] [2022-11-03 02:13:51,722 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 02:13:51,736 INFO L203 MainTranslator]: Completed pre-run [2022-11-03 02:13:51,751 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/sv-benchmarks/c/product-lines/minepump_spec1_product58.cil.c[1605,1618] [2022-11-03 02:13:51,804 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 02:13:51,820 INFO L208 MainTranslator]: Completed translation [2022-11-03 02:13:51,821 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:13:51 WrapperNode [2022-11-03 02:13:51,821 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-03 02:13:51,822 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-03 02:13:51,823 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-03 02:13:51,823 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-03 02:13:51,831 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:13:51" (1/1) ... [2022-11-03 02:13:51,845 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:13:51" (1/1) ... [2022-11-03 02:13:51,873 INFO L138 Inliner]: procedures = 57, calls = 157, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 271 [2022-11-03 02:13:51,873 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-03 02:13:51,874 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-03 02:13:51,874 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-03 02:13:51,874 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-03 02:13:51,883 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:13:51" (1/1) ... [2022-11-03 02:13:51,883 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:13:51" (1/1) ... [2022-11-03 02:13:51,886 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:13:51" (1/1) ... [2022-11-03 02:13:51,887 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:13:51" (1/1) ... [2022-11-03 02:13:51,894 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:13:51" (1/1) ... [2022-11-03 02:13:51,900 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:13:51" (1/1) ... [2022-11-03 02:13:51,902 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:13:51" (1/1) ... [2022-11-03 02:13:51,903 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:13:51" (1/1) ... [2022-11-03 02:13:51,906 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-03 02:13:51,907 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-03 02:13:51,907 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-03 02:13:51,907 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-03 02:13:51,908 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:13:51" (1/1) ... [2022-11-03 02:13:51,922 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 02:13:51,935 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:13:51,947 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-03 02:13:51,978 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-03 02:13:52,011 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-03 02:13:52,011 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-03 02:13:52,011 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-03 02:13:52,011 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-03 02:13:52,011 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-03 02:13:52,011 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-03 02:13:52,011 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-03 02:13:52,012 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-11-03 02:13:52,012 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-11-03 02:13:52,012 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 02:13:52,012 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 02:13:52,012 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-03 02:13:52,012 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-03 02:13:52,012 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-03 02:13:52,012 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-03 02:13:52,013 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-03 02:13:52,013 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-03 02:13:52,013 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-03 02:13:52,087 INFO L235 CfgBuilder]: Building ICFG [2022-11-03 02:13:52,089 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-03 02:13:52,473 INFO L276 CfgBuilder]: Performing block encoding [2022-11-03 02:13:52,623 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-03 02:13:52,623 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-03 02:13:52,625 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 02:13:52 BoogieIcfgContainer [2022-11-03 02:13:52,626 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-03 02:13:52,681 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-03 02:13:52,682 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-03 02:13:52,686 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-03 02:13:52,686 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.11 02:13:51" (1/3) ... [2022-11-03 02:13:52,687 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@71d508fa and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 02:13:52, skipping insertion in model container [2022-11-03 02:13:52,687 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:13:51" (2/3) ... [2022-11-03 02:13:52,688 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@71d508fa and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 02:13:52, skipping insertion in model container [2022-11-03 02:13:52,688 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 02:13:52" (3/3) ... [2022-11-03 02:13:52,689 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product58.cil.c [2022-11-03 02:13:52,728 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-03 02:13:52,731 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-03 02:13:52,814 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-03 02:13:52,821 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@72a6d9e0, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-03 02:13:52,821 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-03 02:13:52,826 INFO L276 IsEmpty]: Start isEmpty. Operand has 57 states, 36 states have (on average 1.4166666666666667) internal successors, (51), 44 states have internal predecessors, (51), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-11-03 02:13:52,836 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 17 [2022-11-03 02:13:52,837 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:13:52,837 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:13:52,838 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:13:52,843 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:13:52,843 INFO L85 PathProgramCache]: Analyzing trace with hash -239157303, now seen corresponding path program 1 times [2022-11-03 02:13:52,852 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:13:52,853 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [208774522] [2022-11-03 02:13:52,853 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:13:52,854 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:13:52,973 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:13:53,051 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:13:53,066 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:13:53,067 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [208774522] [2022-11-03 02:13:53,067 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [208774522] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:13:53,068 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:13:53,068 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-03 02:13:53,069 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1044409918] [2022-11-03 02:13:53,070 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:13:53,075 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-03 02:13:53,075 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:13:53,111 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-03 02:13:53,113 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 02:13:53,116 INFO L87 Difference]: Start difference. First operand has 57 states, 36 states have (on average 1.4166666666666667) internal successors, (51), 44 states have internal predecessors, (51), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 6.0) internal successors, (12), 2 states have internal predecessors, (12), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:13:53,230 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:13:53,230 INFO L93 Difference]: Finished difference Result 112 states and 151 transitions. [2022-11-03 02:13:53,231 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-03 02:13:53,233 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 6.0) internal successors, (12), 2 states have internal predecessors, (12), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 16 [2022-11-03 02:13:53,233 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:13:53,246 INFO L225 Difference]: With dead ends: 112 [2022-11-03 02:13:53,246 INFO L226 Difference]: Without dead ends: 52 [2022-11-03 02:13:53,252 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 02:13:53,256 INFO L413 NwaCegarLoop]: 55 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 55 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:13:53,257 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 55 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:13:53,280 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 52 states. [2022-11-03 02:13:53,315 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 52 to 52. [2022-11-03 02:13:53,317 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 52 states, 33 states have (on average 1.303030303030303) internal successors, (43), 40 states have internal predecessors, (43), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-03 02:13:53,325 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 52 states to 52 states and 66 transitions. [2022-11-03 02:13:53,327 INFO L78 Accepts]: Start accepts. Automaton has 52 states and 66 transitions. Word has length 16 [2022-11-03 02:13:53,327 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:13:53,328 INFO L495 AbstractCegarLoop]: Abstraction has 52 states and 66 transitions. [2022-11-03 02:13:53,329 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 6.0) internal successors, (12), 2 states have internal predecessors, (12), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:13:53,329 INFO L276 IsEmpty]: Start isEmpty. Operand 52 states and 66 transitions. [2022-11-03 02:13:53,333 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2022-11-03 02:13:53,333 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:13:53,334 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:13:53,335 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-03 02:13:53,335 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:13:53,336 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:13:53,336 INFO L85 PathProgramCache]: Analyzing trace with hash 1782890685, now seen corresponding path program 1 times [2022-11-03 02:13:53,337 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:13:53,337 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [490955701] [2022-11-03 02:13:53,338 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:13:53,338 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:13:53,395 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:13:53,529 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:13:53,530 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:13:53,531 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [490955701] [2022-11-03 02:13:53,531 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [490955701] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:13:53,531 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:13:53,531 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 02:13:53,532 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1289403361] [2022-11-03 02:13:53,532 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:13:53,533 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 02:13:53,535 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:13:53,536 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 02:13:53,536 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 02:13:53,537 INFO L87 Difference]: Start difference. First operand 52 states and 66 transitions. Second operand has 3 states, 3 states have (on average 4.333333333333333) internal successors, (13), 3 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:13:53,601 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:13:53,601 INFO L93 Difference]: Finished difference Result 81 states and 103 transitions. [2022-11-03 02:13:53,602 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 02:13:53,602 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 4.333333333333333) internal successors, (13), 3 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 17 [2022-11-03 02:13:53,602 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:13:53,605 INFO L225 Difference]: With dead ends: 81 [2022-11-03 02:13:53,605 INFO L226 Difference]: Without dead ends: 44 [2022-11-03 02:13:53,611 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 02:13:53,613 INFO L413 NwaCegarLoop]: 41 mSDtfsCounter, 7 mSDsluCounter, 43 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 10 SdHoareTripleChecker+Valid, 73 SdHoareTripleChecker+Invalid, 25 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-03 02:13:53,619 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [10 Valid, 73 Invalid, 25 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-03 02:13:53,621 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 44 states. [2022-11-03 02:13:53,629 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 44 to 44. [2022-11-03 02:13:53,631 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 44 states, 28 states have (on average 1.3214285714285714) internal successors, (37), 35 states have internal predecessors, (37), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-03 02:13:53,635 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 44 states to 44 states and 55 transitions. [2022-11-03 02:13:53,636 INFO L78 Accepts]: Start accepts. Automaton has 44 states and 55 transitions. Word has length 17 [2022-11-03 02:13:53,636 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:13:53,637 INFO L495 AbstractCegarLoop]: Abstraction has 44 states and 55 transitions. [2022-11-03 02:13:53,638 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 4.333333333333333) internal successors, (13), 3 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:13:53,638 INFO L276 IsEmpty]: Start isEmpty. Operand 44 states and 55 transitions. [2022-11-03 02:13:53,639 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2022-11-03 02:13:53,640 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:13:53,640 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:13:53,640 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-03 02:13:53,640 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:13:53,641 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:13:53,641 INFO L85 PathProgramCache]: Analyzing trace with hash -1551440202, now seen corresponding path program 1 times [2022-11-03 02:13:53,641 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:13:53,641 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [769290087] [2022-11-03 02:13:53,642 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:13:53,642 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:13:53,679 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:13:53,899 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:13:53,899 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:13:53,899 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [769290087] [2022-11-03 02:13:53,899 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [769290087] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:13:53,900 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:13:53,901 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-03 02:13:53,901 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1951633749] [2022-11-03 02:13:53,901 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:13:53,902 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-03 02:13:53,902 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:13:53,903 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-03 02:13:53,903 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-03 02:13:53,904 INFO L87 Difference]: Start difference. First operand 44 states and 55 transitions. Second operand has 6 states, 5 states have (on average 3.2) internal successors, (16), 4 states have internal predecessors, (16), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:13:54,117 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:13:54,117 INFO L93 Difference]: Finished difference Result 126 states and 161 transitions. [2022-11-03 02:13:54,118 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-11-03 02:13:54,118 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 3.2) internal successors, (16), 4 states have internal predecessors, (16), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 19 [2022-11-03 02:13:54,119 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:13:54,120 INFO L225 Difference]: With dead ends: 126 [2022-11-03 02:13:54,120 INFO L226 Difference]: Without dead ends: 84 [2022-11-03 02:13:54,121 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-11-03 02:13:54,122 INFO L413 NwaCegarLoop]: 48 mSDtfsCounter, 36 mSDsluCounter, 205 mSDsCounter, 0 mSdLazyCounter, 98 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 39 SdHoareTripleChecker+Valid, 209 SdHoareTripleChecker+Invalid, 100 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 98 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-03 02:13:54,122 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [39 Valid, 209 Invalid, 100 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 98 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-03 02:13:54,123 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 84 states. [2022-11-03 02:13:54,136 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 84 to 80. [2022-11-03 02:13:54,137 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 80 states, 51 states have (on average 1.3137254901960784) internal successors, (67), 63 states have internal predecessors, (67), 17 states have call successors, (17), 11 states have call predecessors, (17), 11 states have return successors, (17), 13 states have call predecessors, (17), 17 states have call successors, (17) [2022-11-03 02:13:54,138 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 80 states to 80 states and 101 transitions. [2022-11-03 02:13:54,138 INFO L78 Accepts]: Start accepts. Automaton has 80 states and 101 transitions. Word has length 19 [2022-11-03 02:13:54,138 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:13:54,138 INFO L495 AbstractCegarLoop]: Abstraction has 80 states and 101 transitions. [2022-11-03 02:13:54,139 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 3.2) internal successors, (16), 4 states have internal predecessors, (16), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:13:54,139 INFO L276 IsEmpty]: Start isEmpty. Operand 80 states and 101 transitions. [2022-11-03 02:13:54,140 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2022-11-03 02:13:54,140 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:13:54,140 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:13:54,140 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-03 02:13:54,141 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:13:54,141 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:13:54,141 INFO L85 PathProgramCache]: Analyzing trace with hash -1880661992, now seen corresponding path program 1 times [2022-11-03 02:13:54,141 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:13:54,142 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [563771844] [2022-11-03 02:13:54,142 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:13:54,142 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:13:54,158 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:13:54,243 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:13:54,243 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:13:54,244 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [563771844] [2022-11-03 02:13:54,244 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [563771844] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:13:54,244 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:13:54,244 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-03 02:13:54,244 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1214811436] [2022-11-03 02:13:54,244 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:13:54,245 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-03 02:13:54,245 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:13:54,245 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-03 02:13:54,246 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-03 02:13:54,246 INFO L87 Difference]: Start difference. First operand 80 states and 101 transitions. Second operand has 4 states, 4 states have (on average 4.25) internal successors, (17), 4 states have internal predecessors, (17), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 02:13:54,325 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:13:54,326 INFO L93 Difference]: Finished difference Result 222 states and 288 transitions. [2022-11-03 02:13:54,326 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-03 02:13:54,326 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 4.25) internal successors, (17), 4 states have internal predecessors, (17), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 22 [2022-11-03 02:13:54,327 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:13:54,328 INFO L225 Difference]: With dead ends: 222 [2022-11-03 02:13:54,328 INFO L226 Difference]: Without dead ends: 144 [2022-11-03 02:13:54,329 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-03 02:13:54,330 INFO L413 NwaCegarLoop]: 48 mSDtfsCounter, 34 mSDsluCounter, 98 mSDsCounter, 0 mSdLazyCounter, 46 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 34 SdHoareTripleChecker+Valid, 129 SdHoareTripleChecker+Invalid, 52 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 46 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:13:54,331 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [34 Valid, 129 Invalid, 52 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 46 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:13:54,331 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 144 states. [2022-11-03 02:13:54,348 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 144 to 140. [2022-11-03 02:13:54,349 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 140 states, 93 states have (on average 1.2473118279569892) internal successors, (116), 104 states have internal predecessors, (116), 24 states have call successors, (24), 22 states have call predecessors, (24), 22 states have return successors, (32), 24 states have call predecessors, (32), 24 states have call successors, (32) [2022-11-03 02:13:54,351 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 140 states to 140 states and 172 transitions. [2022-11-03 02:13:54,351 INFO L78 Accepts]: Start accepts. Automaton has 140 states and 172 transitions. Word has length 22 [2022-11-03 02:13:54,351 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:13:54,351 INFO L495 AbstractCegarLoop]: Abstraction has 140 states and 172 transitions. [2022-11-03 02:13:54,352 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 4.25) internal successors, (17), 4 states have internal predecessors, (17), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 02:13:54,352 INFO L276 IsEmpty]: Start isEmpty. Operand 140 states and 172 transitions. [2022-11-03 02:13:54,353 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-11-03 02:13:54,353 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:13:54,353 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:13:54,353 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-03 02:13:54,354 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:13:54,354 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:13:54,354 INFO L85 PathProgramCache]: Analyzing trace with hash -381716183, now seen corresponding path program 1 times [2022-11-03 02:13:54,354 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:13:54,355 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2077755375] [2022-11-03 02:13:54,355 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:13:54,355 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:13:54,374 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:13:54,779 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 02:13:54,779 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:13:54,779 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2077755375] [2022-11-03 02:13:54,780 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2077755375] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:13:54,780 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:13:54,780 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-03 02:13:54,781 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1641515237] [2022-11-03 02:13:54,782 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:13:54,787 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-03 02:13:54,788 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:13:54,788 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-03 02:13:54,788 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2022-11-03 02:13:54,789 INFO L87 Difference]: Start difference. First operand 140 states and 172 transitions. Second operand has 6 states, 6 states have (on average 4.0) internal successors, (24), 6 states have internal predecessors, (24), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-03 02:13:55,034 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:13:55,035 INFO L93 Difference]: Finished difference Result 396 states and 484 transitions. [2022-11-03 02:13:55,035 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-11-03 02:13:55,035 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.0) internal successors, (24), 6 states have internal predecessors, (24), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) Word has length 34 [2022-11-03 02:13:55,036 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:13:55,038 INFO L225 Difference]: With dead ends: 396 [2022-11-03 02:13:55,038 INFO L226 Difference]: Without dead ends: 258 [2022-11-03 02:13:55,039 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=16, Invalid=26, Unknown=0, NotChecked=0, Total=42 [2022-11-03 02:13:55,040 INFO L413 NwaCegarLoop]: 68 mSDtfsCounter, 70 mSDsluCounter, 190 mSDsCounter, 0 mSdLazyCounter, 164 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 71 SdHoareTripleChecker+Valid, 220 SdHoareTripleChecker+Invalid, 174 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 164 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-03 02:13:55,041 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [71 Valid, 220 Invalid, 174 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 164 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-03 02:13:55,042 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 258 states. [2022-11-03 02:13:55,070 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 258 to 227. [2022-11-03 02:13:55,071 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 227 states, 152 states have (on average 1.2105263157894737) internal successors, (184), 164 states have internal predecessors, (184), 35 states have call successors, (35), 35 states have call predecessors, (35), 39 states have return successors, (47), 37 states have call predecessors, (47), 35 states have call successors, (47) [2022-11-03 02:13:55,073 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 227 states to 227 states and 266 transitions. [2022-11-03 02:13:55,073 INFO L78 Accepts]: Start accepts. Automaton has 227 states and 266 transitions. Word has length 34 [2022-11-03 02:13:55,073 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:13:55,073 INFO L495 AbstractCegarLoop]: Abstraction has 227 states and 266 transitions. [2022-11-03 02:13:55,074 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.0) internal successors, (24), 6 states have internal predecessors, (24), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-03 02:13:55,074 INFO L276 IsEmpty]: Start isEmpty. Operand 227 states and 266 transitions. [2022-11-03 02:13:55,075 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2022-11-03 02:13:55,075 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:13:55,075 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:13:55,076 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-03 02:13:55,076 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:13:55,076 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:13:55,076 INFO L85 PathProgramCache]: Analyzing trace with hash 1342412146, now seen corresponding path program 1 times [2022-11-03 02:13:55,077 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:13:55,077 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [802218225] [2022-11-03 02:13:55,077 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:13:55,077 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:13:55,096 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:13:55,459 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-03 02:13:55,459 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:13:55,460 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [802218225] [2022-11-03 02:13:55,460 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [802218225] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:13:55,460 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2018279501] [2022-11-03 02:13:55,460 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:13:55,460 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:13:55,461 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:13:55,463 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:13:55,488 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-03 02:13:55,591 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:13:55,613 INFO L263 TraceCheckSpWp]: Trace formula consists of 351 conjuncts, 31 conjunts are in the unsatisfiable core [2022-11-03 02:13:55,618 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:13:56,020 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:13:56,020 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 02:13:56,470 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-03 02:13:56,470 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2018279501] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 02:13:56,471 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1947302280] [2022-11-03 02:13:56,492 INFO L159 IcfgInterpreter]: Started Sifa with 36 locations of interest [2022-11-03 02:13:56,493 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 02:13:56,497 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 02:13:56,503 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 02:13:56,504 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 02:14:01,849 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 294 for LOIs [2022-11-03 02:14:01,907 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 314 for LOIs [2022-11-03 02:14:03,886 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 311 for LOIs [2022-11-03 02:14:06,053 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 43 for LOIs [2022-11-03 02:14:06,057 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 292 for LOIs [2022-11-03 02:14:06,117 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 02:14:48,850 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '2673#(and (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~2#1| 0)) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~6#1|) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp~6#1| 0)) (<= ~methaneLevelCritical~0 1) (<= ~pumpRunning~0 1) (= ~head~0.offset 0) (<= 2 ~waterLevel~0) (= 1 ~systemActive~0) (= |old(~pumpRunning~0)| 0) (<= 2 |old(~waterLevel~0)|) (= |timeShift___utac_acc__Specification1_spec__1_~tmp~6#1| ~methaneLevelCritical~0) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~6#1|) (<= 0 ~methaneLevelCritical~0) (<= 0 ~pumpRunning~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification1_spec__1_~tmp___0~2#1|) (<= 0 |#StackHeapBarrier|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 02:14:48,851 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 02:14:48,851 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 02:14:48,852 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 10, 10] total 24 [2022-11-03 02:14:48,852 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [830580737] [2022-11-03 02:14:48,852 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 02:14:48,855 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 24 states [2022-11-03 02:14:48,855 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:14:48,856 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 24 interpolants. [2022-11-03 02:14:48,859 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=328, Invalid=2122, Unknown=0, NotChecked=0, Total=2450 [2022-11-03 02:14:48,859 INFO L87 Difference]: Start difference. First operand 227 states and 266 transitions. Second operand has 24 states, 18 states have (on average 3.1666666666666665) internal successors, (57), 18 states have internal predecessors, (57), 7 states have call successors, (14), 6 states have call predecessors, (14), 10 states have return successors, (13), 11 states have call predecessors, (13), 7 states have call successors, (13) [2022-11-03 02:14:53,653 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:14:53,653 INFO L93 Difference]: Finished difference Result 956 states and 1247 transitions. [2022-11-03 02:14:53,655 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 72 states. [2022-11-03 02:14:53,656 INFO L78 Accepts]: Start accepts. Automaton has has 24 states, 18 states have (on average 3.1666666666666665) internal successors, (57), 18 states have internal predecessors, (57), 7 states have call successors, (14), 6 states have call predecessors, (14), 10 states have return successors, (13), 11 states have call predecessors, (13), 7 states have call successors, (13) Word has length 37 [2022-11-03 02:14:53,656 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:14:53,660 INFO L225 Difference]: With dead ends: 956 [2022-11-03 02:14:53,661 INFO L226 Difference]: Without dead ends: 717 [2022-11-03 02:14:53,666 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 201 GetRequests, 85 SyntacticMatches, 3 SemanticMatches, 113 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4837 ImplicationChecksByTransitivity, 45.7s TimeCoverageRelationStatistics Valid=1541, Invalid=11569, Unknown=0, NotChecked=0, Total=13110 [2022-11-03 02:14:53,668 INFO L413 NwaCegarLoop]: 88 mSDtfsCounter, 913 mSDsluCounter, 406 mSDsCounter, 0 mSdLazyCounter, 2384 mSolverCounterSat, 838 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 918 SdHoareTripleChecker+Valid, 388 SdHoareTripleChecker+Invalid, 3222 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 838 IncrementalHoareTripleChecker+Valid, 2384 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.0s IncrementalHoareTripleChecker+Time [2022-11-03 02:14:53,668 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [918 Valid, 388 Invalid, 3222 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [838 Valid, 2384 Invalid, 0 Unknown, 0 Unchecked, 2.0s Time] [2022-11-03 02:14:53,669 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 717 states. [2022-11-03 02:14:53,734 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 717 to 526. [2022-11-03 02:14:53,736 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 526 states, 354 states have (on average 1.1751412429378532) internal successors, (416), 380 states have internal predecessors, (416), 82 states have call successors, (82), 75 states have call predecessors, (82), 89 states have return successors, (110), 88 states have call predecessors, (110), 82 states have call successors, (110) [2022-11-03 02:14:53,739 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 526 states to 526 states and 608 transitions. [2022-11-03 02:14:53,739 INFO L78 Accepts]: Start accepts. Automaton has 526 states and 608 transitions. Word has length 37 [2022-11-03 02:14:53,740 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:14:53,740 INFO L495 AbstractCegarLoop]: Abstraction has 526 states and 608 transitions. [2022-11-03 02:14:53,740 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 24 states, 18 states have (on average 3.1666666666666665) internal successors, (57), 18 states have internal predecessors, (57), 7 states have call successors, (14), 6 states have call predecessors, (14), 10 states have return successors, (13), 11 states have call predecessors, (13), 7 states have call successors, (13) [2022-11-03 02:14:53,740 INFO L276 IsEmpty]: Start isEmpty. Operand 526 states and 608 transitions. [2022-11-03 02:14:53,743 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 55 [2022-11-03 02:14:53,743 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:14:53,744 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:14:53,787 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-03 02:14:53,963 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:14:53,964 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:14:53,964 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:14:53,964 INFO L85 PathProgramCache]: Analyzing trace with hash -235210955, now seen corresponding path program 1 times [2022-11-03 02:14:53,964 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:14:53,964 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [945981170] [2022-11-03 02:14:53,964 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:14:53,965 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:14:53,980 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:14:54,140 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 13 proven. 0 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2022-11-03 02:14:54,141 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:14:54,141 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [945981170] [2022-11-03 02:14:54,141 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [945981170] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:14:54,141 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:14:54,141 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-03 02:14:54,142 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1957453666] [2022-11-03 02:14:54,142 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:14:54,143 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-03 02:14:54,144 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:14:54,144 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-03 02:14:54,144 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-03 02:14:54,145 INFO L87 Difference]: Start difference. First operand 526 states and 608 transitions. Second operand has 4 states, 4 states have (on average 9.25) internal successors, (37), 4 states have internal predecessors, (37), 3 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) [2022-11-03 02:14:54,232 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:14:54,232 INFO L93 Difference]: Finished difference Result 1037 states and 1212 transitions. [2022-11-03 02:14:54,234 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-11-03 02:14:54,234 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 9.25) internal successors, (37), 4 states have internal predecessors, (37), 3 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) Word has length 54 [2022-11-03 02:14:54,234 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:14:54,237 INFO L225 Difference]: With dead ends: 1037 [2022-11-03 02:14:54,237 INFO L226 Difference]: Without dead ends: 513 [2022-11-03 02:14:54,239 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-03 02:14:54,239 INFO L413 NwaCegarLoop]: 36 mSDtfsCounter, 37 mSDsluCounter, 46 mSDsCounter, 0 mSdLazyCounter, 33 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 37 SdHoareTripleChecker+Valid, 71 SdHoareTripleChecker+Invalid, 38 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 33 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-03 02:14:54,240 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [37 Valid, 71 Invalid, 38 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 33 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-03 02:14:54,241 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 513 states. [2022-11-03 02:14:54,285 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 513 to 481. [2022-11-03 02:14:54,286 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 481 states, 322 states have (on average 1.1428571428571428) internal successors, (368), 347 states have internal predecessors, (368), 76 states have call successors, (76), 71 states have call predecessors, (76), 82 states have return successors, (96), 80 states have call predecessors, (96), 76 states have call successors, (96) [2022-11-03 02:14:54,288 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 481 states to 481 states and 540 transitions. [2022-11-03 02:14:54,289 INFO L78 Accepts]: Start accepts. Automaton has 481 states and 540 transitions. Word has length 54 [2022-11-03 02:14:54,289 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:14:54,289 INFO L495 AbstractCegarLoop]: Abstraction has 481 states and 540 transitions. [2022-11-03 02:14:54,289 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 9.25) internal successors, (37), 4 states have internal predecessors, (37), 3 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) [2022-11-03 02:14:54,290 INFO L276 IsEmpty]: Start isEmpty. Operand 481 states and 540 transitions. [2022-11-03 02:14:54,292 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 66 [2022-11-03 02:14:54,292 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:14:54,292 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:14:54,292 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-03 02:14:54,292 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:14:54,293 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:14:54,293 INFO L85 PathProgramCache]: Analyzing trace with hash 1208317175, now seen corresponding path program 1 times [2022-11-03 02:14:54,293 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:14:54,293 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [637649414] [2022-11-03 02:14:54,293 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:14:54,293 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:14:54,315 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:14:54,909 INFO L134 CoverageAnalysis]: Checked inductivity of 25 backedges. 5 proven. 10 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2022-11-03 02:14:54,909 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:14:54,909 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [637649414] [2022-11-03 02:14:54,909 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [637649414] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:14:54,910 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [295872711] [2022-11-03 02:14:54,910 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:14:54,910 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:14:54,910 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:14:54,911 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:14:54,920 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-03 02:14:55,028 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:14:55,031 INFO L263 TraceCheckSpWp]: Trace formula consists of 434 conjuncts, 38 conjunts are in the unsatisfiable core [2022-11-03 02:14:55,034 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:14:55,300 INFO L134 CoverageAnalysis]: Checked inductivity of 25 backedges. 13 proven. 10 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 02:14:55,300 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 02:14:55,719 INFO L134 CoverageAnalysis]: Checked inductivity of 25 backedges. 8 proven. 3 refuted. 0 times theorem prover too weak. 14 trivial. 0 not checked. [2022-11-03 02:14:55,719 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [295872711] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 02:14:55,719 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1525442591] [2022-11-03 02:14:55,725 INFO L159 IcfgInterpreter]: Started Sifa with 43 locations of interest [2022-11-03 02:14:55,725 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 02:14:55,726 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 02:14:55,726 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 02:14:55,726 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 02:15:00,637 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 23 for LOIs [2022-11-03 02:15:00,641 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 49 for LOIs [2022-11-03 02:15:00,998 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 21 for LOIs [2022-11-03 02:15:01,123 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 48 for LOIs [2022-11-03 02:15:01,134 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 22 for LOIs [2022-11-03 02:15:01,137 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 24 for LOIs [2022-11-03 02:15:01,138 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 02:15:06,731 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '7893#(and (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~2#1| 0)) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~6#1|) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp~6#1| 0)) (= ~head~0.offset 0) (= 1 ~systemActive~0) (<= |timeShift___utac_acc__Specification1_spec__1_~tmp~6#1| 1) (= |timeShift___utac_acc__Specification1_spec__1_~tmp~6#1| ~methaneLevelCritical~0) (<= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~2#1| 2147483647) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~6#1|) (<= 0 (+ |timeShift___utac_acc__Specification1_spec__1_~tmp___0~2#1| 2147483648)) (<= 0 ~methaneLevelCritical~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification1_spec__1_~tmp___0~2#1|) (<= 0 |#StackHeapBarrier|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 02:15:06,732 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 02:15:06,732 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 02:15:06,732 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 12, 12] total 28 [2022-11-03 02:15:06,732 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1915618589] [2022-11-03 02:15:06,732 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 02:15:06,733 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 28 states [2022-11-03 02:15:06,733 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:15:06,733 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 28 interpolants. [2022-11-03 02:15:06,734 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=342, Invalid=2738, Unknown=0, NotChecked=0, Total=3080 [2022-11-03 02:15:06,735 INFO L87 Difference]: Start difference. First operand 481 states and 540 transitions. Second operand has 28 states, 25 states have (on average 3.52) internal successors, (88), 24 states have internal predecessors, (88), 11 states have call successors, (23), 9 states have call predecessors, (23), 9 states have return successors, (21), 8 states have call predecessors, (21), 11 states have call successors, (21) [2022-11-03 02:15:08,624 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:15:08,625 INFO L93 Difference]: Finished difference Result 1614 states and 1886 transitions. [2022-11-03 02:15:08,625 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 35 states. [2022-11-03 02:15:08,625 INFO L78 Accepts]: Start accepts. Automaton has has 28 states, 25 states have (on average 3.52) internal successors, (88), 24 states have internal predecessors, (88), 11 states have call successors, (23), 9 states have call predecessors, (23), 9 states have return successors, (21), 8 states have call predecessors, (21), 11 states have call successors, (21) Word has length 65 [2022-11-03 02:15:08,626 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:15:08,632 INFO L225 Difference]: With dead ends: 1614 [2022-11-03 02:15:08,632 INFO L226 Difference]: Without dead ends: 1264 [2022-11-03 02:15:08,636 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 237 GetRequests, 147 SyntacticMatches, 13 SemanticMatches, 77 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2893 ImplicationChecksByTransitivity, 6.6s TimeCoverageRelationStatistics Valid=818, Invalid=5344, Unknown=0, NotChecked=0, Total=6162 [2022-11-03 02:15:08,637 INFO L413 NwaCegarLoop]: 63 mSDtfsCounter, 748 mSDsluCounter, 511 mSDsCounter, 0 mSdLazyCounter, 1071 mSolverCounterSat, 512 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 753 SdHoareTripleChecker+Valid, 479 SdHoareTripleChecker+Invalid, 1583 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 512 IncrementalHoareTripleChecker+Valid, 1071 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.0s IncrementalHoareTripleChecker+Time [2022-11-03 02:15:08,637 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [753 Valid, 479 Invalid, 1583 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [512 Valid, 1071 Invalid, 0 Unknown, 0 Unchecked, 1.0s Time] [2022-11-03 02:15:08,639 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1264 states. [2022-11-03 02:15:08,761 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1264 to 1095. [2022-11-03 02:15:08,764 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1095 states, 738 states have (on average 1.1422764227642277) internal successors, (843), 794 states have internal predecessors, (843), 174 states have call successors, (174), 148 states have call predecessors, (174), 182 states have return successors, (242), 190 states have call predecessors, (242), 174 states have call successors, (242) [2022-11-03 02:15:08,769 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1095 states to 1095 states and 1259 transitions. [2022-11-03 02:15:08,769 INFO L78 Accepts]: Start accepts. Automaton has 1095 states and 1259 transitions. Word has length 65 [2022-11-03 02:15:08,770 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:15:08,770 INFO L495 AbstractCegarLoop]: Abstraction has 1095 states and 1259 transitions. [2022-11-03 02:15:08,770 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 28 states, 25 states have (on average 3.52) internal successors, (88), 24 states have internal predecessors, (88), 11 states have call successors, (23), 9 states have call predecessors, (23), 9 states have return successors, (21), 8 states have call predecessors, (21), 11 states have call successors, (21) [2022-11-03 02:15:08,770 INFO L276 IsEmpty]: Start isEmpty. Operand 1095 states and 1259 transitions. [2022-11-03 02:15:08,774 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 115 [2022-11-03 02:15:08,774 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:15:08,774 INFO L195 NwaCegarLoop]: trace histogram [6, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:15:08,813 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-03 02:15:08,996 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:15:08,996 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:15:08,997 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:15:08,997 INFO L85 PathProgramCache]: Analyzing trace with hash -1718429194, now seen corresponding path program 1 times [2022-11-03 02:15:08,997 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:15:08,997 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [7984246] [2022-11-03 02:15:08,998 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:15:08,998 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:15:09,044 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:15:10,228 INFO L134 CoverageAnalysis]: Checked inductivity of 143 backedges. 51 proven. 53 refuted. 0 times theorem prover too weak. 39 trivial. 0 not checked. [2022-11-03 02:15:10,229 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:15:10,229 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [7984246] [2022-11-03 02:15:10,229 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [7984246] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:15:10,229 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1839105479] [2022-11-03 02:15:10,229 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:15:10,229 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:15:10,229 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:15:10,232 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:15:10,255 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-11-03 02:15:10,372 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:15:10,375 INFO L263 TraceCheckSpWp]: Trace formula consists of 600 conjuncts, 36 conjunts are in the unsatisfiable core [2022-11-03 02:15:10,380 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:15:10,942 INFO L134 CoverageAnalysis]: Checked inductivity of 143 backedges. 81 proven. 42 refuted. 0 times theorem prover too weak. 20 trivial. 0 not checked. [2022-11-03 02:15:10,942 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 02:15:11,804 INFO L134 CoverageAnalysis]: Checked inductivity of 143 backedges. 72 proven. 25 refuted. 0 times theorem prover too weak. 46 trivial. 0 not checked. [2022-11-03 02:15:11,804 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1839105479] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 02:15:11,804 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [399075923] [2022-11-03 02:15:11,807 INFO L159 IcfgInterpreter]: Started Sifa with 43 locations of interest [2022-11-03 02:15:11,807 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 02:15:11,808 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 02:15:11,808 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 02:15:11,808 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 02:15:16,108 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 23 for LOIs [2022-11-03 02:15:16,112 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 49 for LOIs [2022-11-03 02:15:16,435 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 21 for LOIs [2022-11-03 02:15:16,552 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 48 for LOIs [2022-11-03 02:15:16,561 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 22 for LOIs [2022-11-03 02:15:16,564 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 24 for LOIs [2022-11-03 02:15:16,565 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 02:15:22,530 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '12876#(and (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~2#1| 0)) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~6#1|) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp~6#1| 0)) (= ~head~0.offset 0) (= 1 ~systemActive~0) (<= |timeShift___utac_acc__Specification1_spec__1_~tmp~6#1| 1) (= |timeShift___utac_acc__Specification1_spec__1_~tmp~6#1| ~methaneLevelCritical~0) (<= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~2#1| 2147483647) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~6#1|) (<= 0 (+ |timeShift___utac_acc__Specification1_spec__1_~tmp___0~2#1| 2147483648)) (<= 0 ~methaneLevelCritical~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification1_spec__1_~tmp___0~2#1|) (<= 0 |#StackHeapBarrier|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 02:15:22,531 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 02:15:22,531 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 02:15:22,531 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [18, 13, 13] total 35 [2022-11-03 02:15:22,531 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1835311840] [2022-11-03 02:15:22,531 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 02:15:22,532 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 35 states [2022-11-03 02:15:22,532 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:15:22,533 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 35 interpolants. [2022-11-03 02:15:22,534 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=417, Invalid=3489, Unknown=0, NotChecked=0, Total=3906 [2022-11-03 02:15:22,535 INFO L87 Difference]: Start difference. First operand 1095 states and 1259 transitions. Second operand has 35 states, 33 states have (on average 4.848484848484849) internal successors, (160), 34 states have internal predecessors, (160), 22 states have call successors, (36), 8 states have call predecessors, (36), 14 states have return successors, (38), 18 states have call predecessors, (38), 22 states have call successors, (38) [2022-11-03 02:15:23,619 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:15:23,620 INFO L93 Difference]: Finished difference Result 1467 states and 1695 transitions. [2022-11-03 02:15:23,620 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 18 states. [2022-11-03 02:15:23,621 INFO L78 Accepts]: Start accepts. Automaton has has 35 states, 33 states have (on average 4.848484848484849) internal successors, (160), 34 states have internal predecessors, (160), 22 states have call successors, (36), 8 states have call predecessors, (36), 14 states have return successors, (38), 18 states have call predecessors, (38), 22 states have call successors, (38) Word has length 114 [2022-11-03 02:15:23,621 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:15:23,622 INFO L225 Difference]: With dead ends: 1467 [2022-11-03 02:15:23,622 INFO L226 Difference]: Without dead ends: 0 [2022-11-03 02:15:23,627 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 379 GetRequests, 289 SyntacticMatches, 16 SemanticMatches, 74 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2810 ImplicationChecksByTransitivity, 7.1s TimeCoverageRelationStatistics Valid=707, Invalid=4993, Unknown=0, NotChecked=0, Total=5700 [2022-11-03 02:15:23,627 INFO L413 NwaCegarLoop]: 47 mSDtfsCounter, 436 mSDsluCounter, 361 mSDsCounter, 0 mSdLazyCounter, 525 mSolverCounterSat, 274 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 439 SdHoareTripleChecker+Valid, 319 SdHoareTripleChecker+Invalid, 799 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 274 IncrementalHoareTripleChecker+Valid, 525 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2022-11-03 02:15:23,628 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [439 Valid, 319 Invalid, 799 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [274 Valid, 525 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2022-11-03 02:15:23,628 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-03 02:15:23,629 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-03 02:15:23,629 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 02:15:23,629 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-03 02:15:23,629 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 114 [2022-11-03 02:15:23,630 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:15:23,630 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-03 02:15:23,630 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 35 states, 33 states have (on average 4.848484848484849) internal successors, (160), 34 states have internal predecessors, (160), 22 states have call successors, (36), 8 states have call predecessors, (36), 14 states have return successors, (38), 18 states have call predecessors, (38), 22 states have call successors, (38) [2022-11-03 02:15:23,630 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-03 02:15:23,630 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-03 02:15:23,633 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-03 02:15:23,674 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2022-11-03 02:15:23,853 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable8 [2022-11-03 02:15:23,855 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-03 02:15:28,250 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 304 310) no Hoare annotation was computed. [2022-11-03 02:15:28,251 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 304 310) the Hoare annotation is: true [2022-11-03 02:15:28,251 INFO L895 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 93 104) the Hoare annotation is: (let ((.cse0 (= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)) (.cse1 (= 0 ~systemActive~0))) (and (or (not (= ~pumpRunning~0 0)) (not (<= 1 ~waterLevel~0)) .cse0 (not (<= ~waterLevel~0 1)) .cse1) (or .cse0 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) .cse1))) [2022-11-03 02:15:28,251 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 93 104) no Hoare annotation was computed. [2022-11-03 02:15:28,252 INFO L895 garLoopResultBuilder]: At program point L506(line 506) the Hoare annotation is: (let ((.cse9 (= ~methaneLevelCritical~0 0))) (let ((.cse7 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse8 (not .cse9))) (let ((.cse1 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse6 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (and .cse7 (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) (not (= ~methaneLevelCritical~0 1))) (or (and .cse0 .cse8) (and .cse9 (= ~pumpRunning~0 1))))) (.cse3 (< |old(~waterLevel~0)| 2)) (.cse4 (= 0 ~systemActive~0)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 .cse1 (= |timeShift_processEnvironment_~tmp~2#1| 1)) .cse2 .cse3 .cse4 .cse5) (or (not (<= |old(~waterLevel~0)| 1)) .cse6 (and .cse0 .cse7) (not (<= 1 |old(~waterLevel~0)|)) .cse4) (or .cse1 .cse3 .cse8 (not (= |old(~pumpRunning~0)| 1)) .cse4 .cse5) (or .cse6 .cse2 .cse3 .cse4 .cse5))))) [2022-11-03 02:15:28,252 INFO L899 garLoopResultBuilder]: For program point L506-1(line 506) no Hoare annotation was computed. [2022-11-03 02:15:28,252 INFO L899 garLoopResultBuilder]: For program point L284-1(lines 283 302) no Hoare annotation was computed. [2022-11-03 02:15:28,253 INFO L895 garLoopResultBuilder]: At program point L346(lines 346 354) the Hoare annotation is: (let ((.cse0 (= 0 ~systemActive~0))) (and (or (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (not (= ~pumpRunning~0 0)) (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) (= |timeShift_processEnvironment_~tmp~2#1| 1)) (< |old(~waterLevel~0)| 2) .cse0 (not (<= |old(~waterLevel~0)| 2))) (or (not (<= |old(~waterLevel~0)| 1)) (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|)) .cse0))) [2022-11-03 02:15:28,253 INFO L895 garLoopResultBuilder]: At program point L342(lines 342 359) the Hoare annotation is: (let ((.cse1 (= ~pumpRunning~0 0))) (let ((.cse0 (and .cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (.cse2 (= 0 ~systemActive~0))) (and (or (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (or .cse0 (and (not .cse1) (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))))) (< |old(~waterLevel~0)| 2) .cse2 (not (<= |old(~waterLevel~0)| 2))) (or (not (<= |old(~waterLevel~0)| 1)) (not (= |old(~pumpRunning~0)| 0)) .cse0 (not (<= 1 |old(~waterLevel~0)|)) .cse2)))) [2022-11-03 02:15:28,253 INFO L899 garLoopResultBuilder]: For program point L512(lines 512 518) no Hoare annotation was computed. [2022-11-03 02:15:28,253 INFO L895 garLoopResultBuilder]: At program point L508(lines 508 521) the Hoare annotation is: (let ((.cse18 (= ~methaneLevelCritical~0 0))) (let ((.cse17 (= ~pumpRunning~0 1)) (.cse4 (= |timeShift___utac_acc__Specification1_spec__1_~tmp~6#1| 0)) (.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (not .cse18)) (.cse15 (= ~pumpRunning~0 0)) (.cse16 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse0 (not (<= |old(~waterLevel~0)| 1))) (.cse2 (not (<= 1 |old(~waterLevel~0)|))) (.cse13 (and .cse15 .cse16)) (.cse12 (and (or .cse1 .cse18) (or .cse3 (not (= |old(~pumpRunning~0)| 1))))) (.cse14 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse8 (< |old(~waterLevel~0)| 2)) (.cse5 (= 0 ~systemActive~0)) (.cse9 (not (<= |old(~waterLevel~0)| 2))) (.cse11 (not (= ~methaneLevelCritical~0 1))) (.cse10 (not .cse4)) (.cse6 (and .cse15 .cse3)) (.cse7 (and .cse18 .cse17))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse1 .cse6 .cse7 .cse8 .cse5 .cse9) (or .cse0 .cse1 .cse10 .cse2 .cse11 .cse5) (or .cse8 .cse12 .cse3 .cse4 .cse5 .cse9) (or .cse0 .cse1 .cse13 .cse2 .cse5) (or (and .cse1 .cse14) .cse13 .cse8 .cse12 .cse5 .cse9) (or (and .cse15 .cse14 (= |timeShift_processEnvironment_~tmp~2#1| 1)) .cse8 .cse5 .cse9 (and .cse16 (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse11) (or (and .cse4 .cse17) (and .cse10 .cse15)) (or .cse6 .cse7))))))) [2022-11-03 02:15:28,254 INFO L895 garLoopResultBuilder]: At program point L508-1(lines 500 524) the Hoare annotation is: (let ((.cse7 (= ~methaneLevelCritical~0 0))) (let ((.cse10 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (not .cse7)) (.cse2 (= |timeShift___utac_acc__Specification1_spec__1_~tmp~6#1| 0))) (let ((.cse14 (not (= ~methaneLevelCritical~0 1))) (.cse4 (not .cse2)) (.cse8 (= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~2#1| 0)) (.cse9 (< |old(~waterLevel~0)| 2)) (.cse17 (and (or .cse10 .cse7) (or .cse6 (not (= |old(~pumpRunning~0)| 1))))) (.cse11 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse13 (not (<= |old(~waterLevel~0)| 2))) (.cse15 (not (<= |old(~waterLevel~0)| 1))) (.cse5 (= ~pumpRunning~0 0)) (.cse0 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse16 (not (<= 1 |old(~waterLevel~0)|))) (.cse12 (= 0 ~systemActive~0))) (and (let ((.cse1 (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse14))) (or (let ((.cse3 (= ~pumpRunning~0 1))) (and .cse0 .cse1 (or (and .cse2 .cse3) (and .cse4 .cse5)) (or (and .cse5 .cse6) (and .cse7 .cse3)) (or .cse7 (not (= |processEnvironment__wrappee__highWaterSensor_isMethaneAlarm_#t~ret13#1| 0))) (or .cse7 (not (= |isMethaneLevelCritical_#res| 0))))) (and .cse4 .cse5 .cse8 .cse6 .cse0 .cse1) .cse9 (and .cse10 .cse5 .cse11 (= |timeShift_processEnvironment_~tmp~2#1| 1)) .cse12 .cse13)) (or .cse15 .cse10 .cse16 .cse6 .cse2 .cse12) (or .cse15 .cse10 .cse16 .cse14 (and .cse4 .cse8) .cse12) (or .cse11 .cse8 .cse9 .cse17 .cse12 .cse13) (or .cse9 .cse17 .cse6 (and .cse11 .cse2) .cse12 .cse13) (or .cse15 .cse10 (and .cse5 .cse0) .cse16 .cse12))))) [2022-11-03 02:15:28,254 INFO L895 garLoopResultBuilder]: At program point L54(line 54) the Hoare annotation is: (let ((.cse0 (= 0 ~systemActive~0))) (and (or (< |old(~waterLevel~0)| 2) .cse0 (not (<= |old(~waterLevel~0)| 2))) (or (not (<= |old(~waterLevel~0)| 1)) (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|)) .cse0))) [2022-11-03 02:15:28,255 INFO L895 garLoopResultBuilder]: At program point L352(line 352) the Hoare annotation is: (let ((.cse0 (= 0 ~systemActive~0))) (and (or (< |old(~waterLevel~0)| 2) .cse0 (not (<= |old(~waterLevel~0)| 2))) (or (not (<= |old(~waterLevel~0)| 1)) (not (= |old(~pumpRunning~0)| 0)) (not (<= 1 |old(~waterLevel~0)|)) .cse0))) [2022-11-03 02:15:28,255 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 280 303) the Hoare annotation is: (let ((.cse0 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse1 (= 0 ~systemActive~0))) (and (or (< |old(~waterLevel~0)| 2) (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0) .cse1 (not (<= |old(~waterLevel~0)| 2))) (or (not (<= |old(~waterLevel~0)| 1)) (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) .cse0) (not (<= 1 |old(~waterLevel~0)|)) .cse1))) [2022-11-03 02:15:28,255 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 280 303) no Hoare annotation was computed. [2022-11-03 02:15:28,255 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 54) no Hoare annotation was computed. [2022-11-03 02:15:28,255 INFO L895 garLoopResultBuilder]: At program point L357(line 357) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse2 (= 0 ~systemActive~0))) (and (or (< |old(~waterLevel~0)| 2) (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1) .cse2 (not (<= |old(~waterLevel~0)| 2))) (or (not (<= |old(~waterLevel~0)| 1)) (not (= |old(~pumpRunning~0)| 0)) (and .cse0 .cse1) (not (<= 1 |old(~waterLevel~0)|)) .cse2))) [2022-11-03 02:15:28,256 INFO L895 garLoopResultBuilder]: At program point L357-1(lines 338 362) the Hoare annotation is: (let ((.cse9 (= ~methaneLevelCritical~0 0))) (let ((.cse7 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse8 (not .cse9))) (let ((.cse1 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse6 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (and .cse7 (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) (not (= ~methaneLevelCritical~0 1))) (or (and .cse0 .cse8) (and .cse9 (= ~pumpRunning~0 1))))) (.cse3 (< |old(~waterLevel~0)| 2)) (.cse4 (= 0 ~systemActive~0)) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or (and .cse0 .cse1 (= |timeShift_processEnvironment_~tmp~2#1| 1)) .cse2 .cse3 .cse4 .cse5) (or (not (<= |old(~waterLevel~0)| 1)) .cse6 (and .cse0 .cse7) (not (<= 1 |old(~waterLevel~0)|)) .cse4) (or .cse1 .cse3 .cse8 (not (= |old(~pumpRunning~0)| 1)) .cse4 .cse5) (or .cse6 .cse2 .cse3 .cse4 .cse5))))) [2022-11-03 02:15:28,256 INFO L899 garLoopResultBuilder]: For program point L291-1(lines 291 297) no Hoare annotation was computed. [2022-11-03 02:15:28,256 INFO L899 garLoopResultBuilder]: For program point L193(line 193) no Hoare annotation was computed. [2022-11-03 02:15:28,256 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 172 201) no Hoare annotation was computed. [2022-11-03 02:15:28,256 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 172 201) the Hoare annotation is: true [2022-11-03 02:15:28,257 INFO L899 garLoopResultBuilder]: For program point L186(lines 186 190) no Hoare annotation was computed. [2022-11-03 02:15:28,257 INFO L902 garLoopResultBuilder]: At program point L186-1(lines 186 190) the Hoare annotation is: true [2022-11-03 02:15:28,257 INFO L902 garLoopResultBuilder]: At program point L182-2(lines 182 196) the Hoare annotation is: true [2022-11-03 02:15:28,257 INFO L902 garLoopResultBuilder]: At program point L178(line 178) the Hoare annotation is: true [2022-11-03 02:15:28,257 INFO L899 garLoopResultBuilder]: For program point L178-1(line 178) no Hoare annotation was computed. [2022-11-03 02:15:28,257 INFO L902 garLoopResultBuilder]: At program point L197(lines 172 201) the Hoare annotation is: true [2022-11-03 02:15:28,258 INFO L902 garLoopResultBuilder]: At program point isMethaneLevelCriticalENTRY(lines 105 113) the Hoare annotation is: true [2022-11-03 02:15:28,258 INFO L899 garLoopResultBuilder]: For program point isMethaneLevelCriticalEXIT(lines 105 113) no Hoare annotation was computed. [2022-11-03 02:15:28,258 INFO L902 garLoopResultBuilder]: At program point L258-2(lines 258 265) the Hoare annotation is: true [2022-11-03 02:15:28,258 INFO L899 garLoopResultBuilder]: For program point L556(lines 556 562) no Hoare annotation was computed. [2022-11-03 02:15:28,258 INFO L895 garLoopResultBuilder]: At program point L556-1(lines 556 562) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and (<= 2 ~waterLevel~0) .cse0 (<= ~waterLevel~0 2) .cse1) (and (= ~pumpRunning~0 0) (<= ~waterLevel~0 1) .cse0 (<= 1 ~waterLevel~0) .cse1))) [2022-11-03 02:15:28,259 INFO L895 garLoopResultBuilder]: At program point L581(lines 536 583) the Hoare annotation is: (let ((.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse0 (= ~pumpRunning~0 0)) (.cse2 (not (= 0 ~systemActive~0)))) (or (and .cse0 (<= ~waterLevel~0 1) .cse1 (<= 1 ~waterLevel~0) .cse2) (and (<= 2 ~waterLevel~0) .cse1 (<= ~waterLevel~0 2) (let ((.cse3 (= ~methaneLevelCritical~0 0))) (or (and .cse0 (not .cse3)) (and .cse3 (= ~pumpRunning~0 1)))) .cse2))) [2022-11-03 02:15:28,259 INFO L895 garLoopResultBuilder]: At program point L548(line 548) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse2 (= ~methaneLevelCritical~0 0)) (.cse1 (<= 2 ~waterLevel~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (<= ~waterLevel~0 2)) (.cse5 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 (not .cse2) .cse3 .cse4 .cse5) (and .cse0 (<= ~waterLevel~0 1) .cse3 (<= 1 ~waterLevel~0) .cse5) (and .cse2 .cse1 .cse3 .cse4 .cse5 (= ~pumpRunning~0 1)))) [2022-11-03 02:15:28,259 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-03 02:15:28,259 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-03 02:15:28,259 INFO L895 garLoopResultBuilder]: At program point L574-2(lines 566 579) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and (<= 2 ~waterLevel~0) .cse0 (<= ~waterLevel~0 2) .cse1) (and (= ~pumpRunning~0 0) (<= ~waterLevel~0 1) .cse0 (<= 1 ~waterLevel~0) .cse1))) [2022-11-03 02:15:28,260 INFO L899 garLoopResultBuilder]: For program point L537(lines 536 583) no Hoare annotation was computed. [2022-11-03 02:15:28,260 INFO L895 garLoopResultBuilder]: At program point L558(line 558) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and (<= 2 ~waterLevel~0) .cse0 (<= ~waterLevel~0 2) .cse1) (and (= ~pumpRunning~0 0) (<= ~waterLevel~0 1) .cse0 (<= 1 ~waterLevel~0) .cse1))) [2022-11-03 02:15:28,260 INFO L902 garLoopResultBuilder]: At program point L587(lines 526 591) the Hoare annotation is: true [2022-11-03 02:15:28,260 INFO L899 garLoopResultBuilder]: For program point L546(lines 546 552) no Hoare annotation was computed. [2022-11-03 02:15:28,260 INFO L899 garLoopResultBuilder]: For program point L546-1(lines 546 552) no Hoare annotation was computed. [2022-11-03 02:15:28,260 INFO L895 garLoopResultBuilder]: At program point L584(lines 535 585) the Hoare annotation is: false [2022-11-03 02:15:28,261 INFO L895 garLoopResultBuilder]: At program point L258(lines 258 265) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= |ULTIMATE.start_main_~tmp~0#1| 1) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-11-03 02:15:28,261 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 312 336) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 (not (<= 1 ~waterLevel~0)) (not (<= ~waterLevel~0 1)) .cse2) (or .cse0 .cse1 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) .cse2))) [2022-11-03 02:15:28,261 INFO L899 garLoopResultBuilder]: For program point L320(lines 320 328) no Hoare annotation was computed. [2022-11-03 02:15:28,261 INFO L895 garLoopResultBuilder]: At program point L316(lines 316 333) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 (not (<= 1 ~waterLevel~0)) (not (<= ~waterLevel~0 1)) .cse2) (or .cse0 .cse1 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) .cse2))) [2022-11-03 02:15:28,261 INFO L895 garLoopResultBuilder]: At program point L331(line 331) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= 0 ~systemActive~0))) (and (or .cse0 (not (<= 1 ~waterLevel~0)) (not (<= ~waterLevel~0 1)) .cse1) (or .cse0 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) .cse1))) [2022-11-03 02:15:28,262 INFO L899 garLoopResultBuilder]: For program point L331-1(lines 312 336) no Hoare annotation was computed. [2022-11-03 02:15:28,262 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 312 336) no Hoare annotation was computed. [2022-11-03 02:15:28,262 INFO L895 garLoopResultBuilder]: At program point L402(line 402) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= 0 ~systemActive~0))) (and (or .cse0 (not (<= 1 ~waterLevel~0)) (not (<= ~waterLevel~0 1)) .cse1) (or (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~1#1| 1)) .cse0 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) .cse1))) [2022-11-03 02:15:28,262 INFO L895 garLoopResultBuilder]: At program point L402-1(line 402) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= 0 ~systemActive~0))) (and (or .cse0 (not (<= 1 ~waterLevel~0)) (not (<= ~waterLevel~0 1)) .cse1) (or .cse0 (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_isMethaneAlarm_#t~ret13#1| ~methaneLevelCritical~0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~1#1| 1)) (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) .cse1))) [2022-11-03 02:15:28,262 INFO L895 garLoopResultBuilder]: At program point L326(line 326) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= 0 ~systemActive~0))) (and (or .cse0 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) .cse1) (or .cse0 (not (<= 1 ~waterLevel~0)) (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~1#1| 0)) (not (<= ~waterLevel~0 1)) .cse1))) [2022-11-03 02:15:28,263 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 81 92) no Hoare annotation was computed. [2022-11-03 02:15:28,263 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 81 92) the Hoare annotation is: (let ((.cse0 (not (= ~pumpRunning~0 0))) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse3 (= 0 ~systemActive~0))) (and (or (let ((.cse1 (= ~methaneLevelCritical~0 0))) (and (or .cse0 .cse1) (or (not .cse1) (not (= ~pumpRunning~0 1))))) (< |old(~waterLevel~0)| 2) .cse2 .cse3 (not (<= |old(~waterLevel~0)| 2))) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 (not (<= 1 |old(~waterLevel~0)|)) .cse2 .cse3))) [2022-11-03 02:15:28,266 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:15:28,268 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-03 02:15:28,296 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 03.11 02:15:28 BoogieIcfgContainer [2022-11-03 02:15:28,296 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-03 02:15:28,297 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-03 02:15:28,297 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-03 02:15:28,297 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-03 02:15:28,298 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 02:13:52" (3/4) ... [2022-11-03 02:15:28,301 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-03 02:15:28,306 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-03 02:15:28,306 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-03 02:15:28,306 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-03 02:15:28,306 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-03 02:15:28,307 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2022-11-03 02:15:28,307 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 02:15:28,307 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-03 02:15:28,314 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 81 nodes and edges [2022-11-03 02:15:28,315 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 26 nodes and edges [2022-11-03 02:15:28,315 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 12 nodes and edges [2022-11-03 02:15:28,316 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-03 02:15:28,316 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-11-03 02:15:28,317 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 02:15:28,317 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 02:15:28,342 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((\old(waterLevel) < 2 || (pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 <= \old(waterLevel))) || 0 == systemActive) [2022-11-03 02:15:28,343 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((pumpRunning == \old(pumpRunning) && ((pumpRunning == 0 && \old(waterLevel) == waterLevel) || (!(pumpRunning == 0) && \old(waterLevel) == waterLevel + 1))) || \old(waterLevel) < 2) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 <= \old(waterLevel))) || 0 == systemActive) [2022-11-03 02:15:28,343 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((pumpRunning == 0 && \old(waterLevel) == waterLevel + 1) && tmp == 1) || ((\old(waterLevel) == waterLevel && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1)))) || \old(waterLevel) < 2) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 <= \old(waterLevel))) || 0 == systemActive)) && (((((\old(waterLevel) == waterLevel + 1 || \old(waterLevel) < 2) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(\old(pumpRunning) == 0) || ((\old(waterLevel) == waterLevel && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1)))) || \old(waterLevel) < 2) || 0 == systemActive) || !(\old(waterLevel) <= 2)) [2022-11-03 02:15:28,343 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 <= waterLevel)) || !(waterLevel <= 1)) || 0 == systemActive) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(waterLevel <= 2)) || waterLevel < 2) || 0 == systemActive) [2022-11-03 02:15:28,344 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 <= \old(waterLevel))) || !(methaneLevelCritical == 0)) || tmp == 0) || 0 == systemActive) && (((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && !(methaneLevelCritical == 0))) || (methaneLevelCritical == 0 && pumpRunning == 1)) || \old(waterLevel) < 2) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(tmp == 0)) || !(1 <= \old(waterLevel))) || !(methaneLevelCritical == 1)) || 0 == systemActive)) && (((((\old(waterLevel) < 2 || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || !(methaneLevelCritical == 0)) || tmp == 0) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 <= \old(waterLevel))) || 0 == systemActive)) && ((((((!(\old(pumpRunning) == 0) && \old(waterLevel) == waterLevel + 1) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || \old(waterLevel) < 2) || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((((pumpRunning == 0 && \old(waterLevel) == waterLevel + 1) && tmp == 1) || \old(waterLevel) < 2) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || (((\old(waterLevel) == waterLevel && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && ((tmp == 0 && pumpRunning == 1) || (!(tmp == 0) && pumpRunning == 0))) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1)))) [2022-11-03 02:15:28,344 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((\old(waterLevel) == waterLevel && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && ((tmp == 0 && pumpRunning == 1) || (!(tmp == 0) && pumpRunning == 0))) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1))) && (methaneLevelCritical == 0 || !(aux-isMethaneLevelCritical()-aux == 0))) && (methaneLevelCritical == 0 || !(\result == 0))) || (((((!(tmp == 0) && pumpRunning == 0) && tmp___0 == 0) && !(methaneLevelCritical == 0)) && \old(waterLevel) == waterLevel) && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1)))) || \old(waterLevel) < 2) || (((!(\old(pumpRunning) == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && tmp == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 <= \old(waterLevel))) || !(methaneLevelCritical == 0)) || tmp == 0) || 0 == systemActive)) && (((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 <= \old(waterLevel))) || !(methaneLevelCritical == 1)) || (!(tmp == 0) && tmp___0 == 0)) || 0 == systemActive)) && (((((\old(waterLevel) == waterLevel + 1 || tmp___0 == 0) || \old(waterLevel) < 2) || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((((\old(waterLevel) < 2 || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || !(methaneLevelCritical == 0)) || (\old(waterLevel) == waterLevel + 1 && tmp == 0)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 <= \old(waterLevel))) || 0 == systemActive) [2022-11-03 02:15:28,344 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(\old(pumpRunning) == 0) || !(1 <= waterLevel)) || !(waterLevel <= 1)) || 0 == systemActive) && ((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && aux-isMethaneLevelCritical()-aux == methaneLevelCritical) && tmp == 1)) || !(waterLevel <= 2)) || waterLevel < 2) || 0 == systemActive) [2022-11-03 02:15:28,345 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((\old(waterLevel) < 2 || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 <= \old(waterLevel))) || 0 == systemActive) [2022-11-03 02:15:28,345 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((pumpRunning == \old(pumpRunning) && !(pumpRunning == 0)) && \old(waterLevel) == waterLevel + 1) && tmp == 1) || \old(waterLevel) < 2) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 <= \old(waterLevel))) || 0 == systemActive) [2022-11-03 02:15:28,369 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/witness.graphml [2022-11-03 02:15:28,369 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-03 02:15:28,370 INFO L158 Benchmark]: Toolchain (without parser) took 97146.23ms. Allocated memory was 102.8MB in the beginning and 446.7MB in the end (delta: 343.9MB). Free memory was 58.3MB in the beginning and 157.8MB in the end (delta: -99.5MB). Peak memory consumption was 244.3MB. Max. memory is 16.1GB. [2022-11-03 02:15:28,370 INFO L158 Benchmark]: CDTParser took 0.28ms. Allocated memory is still 102.8MB. Free memory is still 75.3MB. There was no memory consumed. Max. memory is 16.1GB. [2022-11-03 02:15:28,370 INFO L158 Benchmark]: CACSL2BoogieTranslator took 592.75ms. Allocated memory is still 102.8MB. Free memory was 58.1MB in the beginning and 69.6MB in the end (delta: -11.5MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-03 02:15:28,370 INFO L158 Benchmark]: Boogie Procedure Inliner took 50.83ms. Allocated memory is still 102.8MB. Free memory was 69.2MB in the beginning and 66.7MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-03 02:15:28,371 INFO L158 Benchmark]: Boogie Preprocessor took 32.32ms. Allocated memory is still 102.8MB. Free memory was 66.7MB in the beginning and 65.0MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-03 02:15:28,371 INFO L158 Benchmark]: RCFGBuilder took 725.72ms. Allocated memory is still 102.8MB. Free memory was 65.0MB in the beginning and 36.2MB in the end (delta: 28.8MB). Peak memory consumption was 27.3MB. Max. memory is 16.1GB. [2022-11-03 02:15:28,372 INFO L158 Benchmark]: TraceAbstraction took 95614.93ms. Allocated memory was 134.2MB in the beginning and 446.7MB in the end (delta: 312.5MB). Free memory was 109.8MB in the beginning and 164.1MB in the end (delta: -54.3MB). Peak memory consumption was 274.9MB. Max. memory is 16.1GB. [2022-11-03 02:15:28,372 INFO L158 Benchmark]: Witness Printer took 72.17ms. Allocated memory is still 446.7MB. Free memory was 164.1MB in the beginning and 157.8MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-03 02:15:28,374 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.28ms. Allocated memory is still 102.8MB. Free memory is still 75.3MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 592.75ms. Allocated memory is still 102.8MB. Free memory was 58.1MB in the beginning and 69.6MB in the end (delta: -11.5MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 50.83ms. Allocated memory is still 102.8MB. Free memory was 69.2MB in the beginning and 66.7MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 32.32ms. Allocated memory is still 102.8MB. Free memory was 66.7MB in the beginning and 65.0MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 725.72ms. Allocated memory is still 102.8MB. Free memory was 65.0MB in the beginning and 36.2MB in the end (delta: 28.8MB). Peak memory consumption was 27.3MB. Max. memory is 16.1GB. * TraceAbstraction took 95614.93ms. Allocated memory was 134.2MB in the beginning and 446.7MB in the end (delta: 312.5MB). Free memory was 109.8MB in the beginning and 164.1MB in the end (delta: -54.3MB). Peak memory consumption was 274.9MB. Max. memory is 16.1GB. * Witness Printer took 72.17ms. Allocated memory is still 446.7MB. Free memory was 164.1MB in the beginning and 157.8MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 54]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 57 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 95.5s, OverallIterations: 9, TraceHistogramMax: 6, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 8.7s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 4.4s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2301 SdHoareTripleChecker+Valid, 3.9s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2281 mSDsluCounter, 1943 SdHoareTripleChecker+Invalid, 3.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1860 mSDsCounter, 1648 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 4363 IncrementalHoareTripleChecker+Invalid, 6011 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 1648 mSolverCounterUnsat, 494 mSDtfsCounter, 4363 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 854 GetRequests, 539 SyntacticMatches, 32 SemanticMatches, 283 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 10545 ImplicationChecksByTransitivity, 59.5s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1095occurred in iteration=8, InterpolantAutomatonStates: 153, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 9 MinimizatonAttempts, 431 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 35 LocationsWithAnnotation, 1613 PreInvPairs, 1794 NumberOfFragments, 1590 HoareAnnotationTreeSize, 1613 FomulaSimplifications, 5100 FormulaSimplificationTreeSizeReduction, 0.4s HoareSimplificationTime, 35 FomulaSimplificationsInter, 18059 FormulaSimplificationTreeSizeReductionInter, 3.9s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.4s SatisfiabilityAnalysisTime, 6.2s InterpolantComputationTime, 594 NumberOfCodeBlocks, 594 NumberOfCodeBlocksAsserted, 12 NumberOfCheckSat, 795 ConstructedInterpolants, 0 QuantifiedInterpolants, 3156 SizeOfPredicates, 39 NumberOfNonLiveVariables, 1385 ConjunctsInSsa, 105 ConjunctsInUnsatCore, 15 InterpolantComputations, 6 PerfectInterpolantSequences, 384/531 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 338]: Loop Invariant Derived loop invariant: ((((((((pumpRunning == 0 && \old(waterLevel) == waterLevel + 1) && tmp == 1) || ((\old(waterLevel) == waterLevel && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1)))) || \old(waterLevel) < 2) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 <= \old(waterLevel))) || 0 == systemActive)) && (((((\old(waterLevel) == waterLevel + 1 || \old(waterLevel) < 2) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(\old(pumpRunning) == 0) || ((\old(waterLevel) == waterLevel && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1)))) || \old(waterLevel) < 2) || 0 == systemActive) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 508]: Loop Invariant Derived loop invariant: ((((((((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 <= \old(waterLevel))) || !(methaneLevelCritical == 0)) || tmp == 0) || 0 == systemActive) && (((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && !(methaneLevelCritical == 0))) || (methaneLevelCritical == 0 && pumpRunning == 1)) || \old(waterLevel) < 2) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(tmp == 0)) || !(1 <= \old(waterLevel))) || !(methaneLevelCritical == 1)) || 0 == systemActive)) && (((((\old(waterLevel) < 2 || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || !(methaneLevelCritical == 0)) || tmp == 0) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 <= \old(waterLevel))) || 0 == systemActive)) && ((((((!(\old(pumpRunning) == 0) && \old(waterLevel) == waterLevel + 1) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || \old(waterLevel) < 2) || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((((pumpRunning == 0 && \old(waterLevel) == waterLevel + 1) && tmp == 1) || \old(waterLevel) < 2) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || (((\old(waterLevel) == waterLevel && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && ((tmp == 0 && pumpRunning == 1) || (!(tmp == 0) && pumpRunning == 0))) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1)))) - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 54]: Loop Invariant Derived loop invariant: ((\old(waterLevel) < 2 || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 <= \old(waterLevel))) || 0 == systemActive) - InvariantResult [Line: 535]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 258]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 556]: Loop Invariant Derived loop invariant: (((2 <= waterLevel && splverifierCounter == 0) && waterLevel <= 2) && !(0 == systemActive)) || ((((pumpRunning == 0 && waterLevel <= 1) && splverifierCounter == 0) && 1 <= waterLevel) && !(0 == systemActive)) - InvariantResult [Line: 280]: Loop Invariant Derived loop invariant: (((\old(waterLevel) < 2 || (pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 <= \old(waterLevel))) || 0 == systemActive) - InvariantResult [Line: 172]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 402]: Loop Invariant Derived loop invariant: (((!(\old(pumpRunning) == 0) || !(1 <= waterLevel)) || !(waterLevel <= 1)) || 0 == systemActive) && ((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && aux-isMethaneLevelCritical()-aux == methaneLevelCritical) && tmp == 1)) || !(waterLevel <= 2)) || waterLevel < 2) || 0 == systemActive) - InvariantResult [Line: 182]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 342]: Loop Invariant Derived loop invariant: ((((pumpRunning == \old(pumpRunning) && ((pumpRunning == 0 && \old(waterLevel) == waterLevel) || (!(pumpRunning == 0) && \old(waterLevel) == waterLevel + 1))) || \old(waterLevel) < 2) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 <= \old(waterLevel))) || 0 == systemActive) - InvariantResult [Line: 316]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 <= waterLevel)) || !(waterLevel <= 1)) || 0 == systemActive) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(waterLevel <= 2)) || waterLevel < 2) || 0 == systemActive) - InvariantResult [Line: 526]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 346]: Loop Invariant Derived loop invariant: ((((((pumpRunning == \old(pumpRunning) && !(pumpRunning == 0)) && \old(waterLevel) == waterLevel + 1) && tmp == 1) || \old(waterLevel) < 2) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 <= \old(waterLevel))) || 0 == systemActive) - InvariantResult [Line: 258]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && methaneLevelCritical == 0) && tmp == 1) && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 536]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0 && waterLevel <= 1) && splverifierCounter == 0) && 1 <= waterLevel) && !(0 == systemActive)) || ((((2 <= waterLevel && splverifierCounter == 0) && waterLevel <= 2) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1))) && !(0 == systemActive)) - InvariantResult [Line: 500]: Loop Invariant Derived loop invariant: ((((((((((((((\old(waterLevel) == waterLevel && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && ((tmp == 0 && pumpRunning == 1) || (!(tmp == 0) && pumpRunning == 0))) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1))) && (methaneLevelCritical == 0 || !(aux-isMethaneLevelCritical()-aux == 0))) && (methaneLevelCritical == 0 || !(\result == 0))) || (((((!(tmp == 0) && pumpRunning == 0) && tmp___0 == 0) && !(methaneLevelCritical == 0)) && \old(waterLevel) == waterLevel) && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1)))) || \old(waterLevel) < 2) || (((!(\old(pumpRunning) == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && tmp == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 <= \old(waterLevel))) || !(methaneLevelCritical == 0)) || tmp == 0) || 0 == systemActive)) && (((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 <= \old(waterLevel))) || !(methaneLevelCritical == 1)) || (!(tmp == 0) && tmp___0 == 0)) || 0 == systemActive)) && (((((\old(waterLevel) == waterLevel + 1 || tmp___0 == 0) || \old(waterLevel) < 2) || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((((\old(waterLevel) < 2 || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || !(methaneLevelCritical == 0)) || (\old(waterLevel) == waterLevel + 1 && tmp == 0)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 <= \old(waterLevel))) || 0 == systemActive) RESULT: Ultimate proved your program to be correct! [2022-11-03 02:15:28,435 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_1d74f276-da0c-4d4a-8132-c736b1bea872/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE