./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec1_product60.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 5e519f3a Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec1_product60.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 0fa225959be52b1defd5d055d32ae3a8dd944c37a01adb589e2f547028e60f67 --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-5e519f3 [2022-11-03 02:44:45,748 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-03 02:44:45,750 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-03 02:44:45,788 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-03 02:44:45,788 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-03 02:44:45,792 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-03 02:44:45,794 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-03 02:44:45,799 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-03 02:44:45,801 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-03 02:44:45,807 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-03 02:44:45,807 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-03 02:44:45,810 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-03 02:44:45,810 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-03 02:44:45,812 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-03 02:44:45,817 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-03 02:44:45,818 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-03 02:44:45,820 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-03 02:44:45,821 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-03 02:44:45,822 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-03 02:44:45,828 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-03 02:44:45,830 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-03 02:44:45,831 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-03 02:44:45,834 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-03 02:44:45,835 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-03 02:44:45,843 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-03 02:44:45,843 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-03 02:44:45,843 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-03 02:44:45,845 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-03 02:44:45,846 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-03 02:44:45,846 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-03 02:44:45,847 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-03 02:44:45,849 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-03 02:44:45,850 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-03 02:44:45,851 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-03 02:44:45,852 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-03 02:44:45,853 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-03 02:44:45,853 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-03 02:44:45,854 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-03 02:44:45,854 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-03 02:44:45,855 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-03 02:44:45,855 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-03 02:44:45,856 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-03 02:44:45,894 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-03 02:44:45,897 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-03 02:44:45,897 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-03 02:44:45,898 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-03 02:44:45,899 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-03 02:44:45,899 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-03 02:44:45,899 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-03 02:44:45,899 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-03 02:44:45,900 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-03 02:44:45,900 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-03 02:44:45,901 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-03 02:44:45,901 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-03 02:44:45,901 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-03 02:44:45,902 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-03 02:44:45,902 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-03 02:44:45,902 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-03 02:44:45,902 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-03 02:44:45,903 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-03 02:44:45,903 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-03 02:44:45,904 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-03 02:44:45,904 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-03 02:44:45,904 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-03 02:44:45,904 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-03 02:44:45,905 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-03 02:44:45,905 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-03 02:44:45,905 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-03 02:44:45,906 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-03 02:44:45,906 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-03 02:44:45,906 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-03 02:44:45,906 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-03 02:44:45,907 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-03 02:44:45,907 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-03 02:44:45,907 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 02:44:45,908 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-03 02:44:45,908 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-03 02:44:45,908 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-03 02:44:45,908 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-03 02:44:45,909 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-03 02:44:45,909 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-03 02:44:45,909 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-03 02:44:45,909 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-03 02:44:45,910 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 0fa225959be52b1defd5d055d32ae3a8dd944c37a01adb589e2f547028e60f67 [2022-11-03 02:44:46,198 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-03 02:44:46,246 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-03 02:44:46,249 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-03 02:44:46,250 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-03 02:44:46,251 INFO L275 PluginConnector]: CDTParser initialized [2022-11-03 02:44:46,253 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/../../sv-benchmarks/c/product-lines/minepump_spec1_product60.cil.c [2022-11-03 02:44:46,323 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/data/724e9ae26/1f41545a81204f80b29ddcfa4737aee4/FLAGd8e459546 [2022-11-03 02:44:46,874 INFO L306 CDTParser]: Found 1 translation units. [2022-11-03 02:44:46,874 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/sv-benchmarks/c/product-lines/minepump_spec1_product60.cil.c [2022-11-03 02:44:46,898 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/data/724e9ae26/1f41545a81204f80b29ddcfa4737aee4/FLAGd8e459546 [2022-11-03 02:44:47,187 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/data/724e9ae26/1f41545a81204f80b29ddcfa4737aee4 [2022-11-03 02:44:47,190 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-03 02:44:47,191 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-03 02:44:47,193 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-03 02:44:47,193 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-03 02:44:47,198 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-03 02:44:47,199 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 02:44:47" (1/1) ... [2022-11-03 02:44:47,200 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@7eb89973 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:44:47, skipping insertion in model container [2022-11-03 02:44:47,201 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 02:44:47" (1/1) ... [2022-11-03 02:44:47,209 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-03 02:44:47,276 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-03 02:44:47,539 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/sv-benchmarks/c/product-lines/minepump_spec1_product60.cil.c[14569,14582] [2022-11-03 02:44:47,565 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 02:44:47,574 INFO L203 MainTranslator]: Completed pre-run [2022-11-03 02:44:47,648 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/sv-benchmarks/c/product-lines/minepump_spec1_product60.cil.c[14569,14582] [2022-11-03 02:44:47,661 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 02:44:47,690 INFO L208 MainTranslator]: Completed translation [2022-11-03 02:44:47,690 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:44:47 WrapperNode [2022-11-03 02:44:47,691 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-03 02:44:47,692 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-03 02:44:47,692 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-03 02:44:47,692 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-03 02:44:47,699 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:44:47" (1/1) ... [2022-11-03 02:44:47,724 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:44:47" (1/1) ... [2022-11-03 02:44:47,765 INFO L138 Inliner]: procedures = 58, calls = 159, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 274 [2022-11-03 02:44:47,767 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-03 02:44:47,768 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-03 02:44:47,769 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-03 02:44:47,769 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-03 02:44:47,777 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:44:47" (1/1) ... [2022-11-03 02:44:47,778 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:44:47" (1/1) ... [2022-11-03 02:44:47,791 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:44:47" (1/1) ... [2022-11-03 02:44:47,796 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:44:47" (1/1) ... [2022-11-03 02:44:47,801 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:44:47" (1/1) ... [2022-11-03 02:44:47,823 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:44:47" (1/1) ... [2022-11-03 02:44:47,825 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:44:47" (1/1) ... [2022-11-03 02:44:47,826 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:44:47" (1/1) ... [2022-11-03 02:44:47,828 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-03 02:44:47,829 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-03 02:44:47,829 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-03 02:44:47,829 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-03 02:44:47,833 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:44:47" (1/1) ... [2022-11-03 02:44:47,847 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 02:44:47,859 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:44:47,873 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-03 02:44:47,886 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-03 02:44:47,917 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-03 02:44:47,917 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-03 02:44:47,917 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-03 02:44:47,918 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-11-03 02:44:47,918 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-11-03 02:44:47,918 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-03 02:44:47,918 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-03 02:44:47,918 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-03 02:44:47,918 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-03 02:44:47,918 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 02:44:47,918 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 02:44:47,918 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-03 02:44:47,919 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-03 02:44:47,919 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-11-03 02:44:47,919 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-11-03 02:44:47,919 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-03 02:44:47,919 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-03 02:44:47,919 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-03 02:44:47,919 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-03 02:44:47,919 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-03 02:44:47,995 INFO L235 CfgBuilder]: Building ICFG [2022-11-03 02:44:47,996 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-03 02:44:48,396 INFO L276 CfgBuilder]: Performing block encoding [2022-11-03 02:44:48,607 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-03 02:44:48,607 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-03 02:44:48,610 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 02:44:48 BoogieIcfgContainer [2022-11-03 02:44:48,610 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-03 02:44:48,613 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-03 02:44:48,613 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-03 02:44:48,617 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-03 02:44:48,617 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.11 02:44:47" (1/3) ... [2022-11-03 02:44:48,618 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@642bf71c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 02:44:48, skipping insertion in model container [2022-11-03 02:44:48,618 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:44:47" (2/3) ... [2022-11-03 02:44:48,619 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@642bf71c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 02:44:48, skipping insertion in model container [2022-11-03 02:44:48,619 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 02:44:48" (3/3) ... [2022-11-03 02:44:48,621 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product60.cil.c [2022-11-03 02:44:48,652 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-03 02:44:48,652 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-03 02:44:48,723 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-03 02:44:48,730 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@5cf46707, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-03 02:44:48,730 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-03 02:44:48,735 INFO L276 IsEmpty]: Start isEmpty. Operand has 65 states, 41 states have (on average 1.4390243902439024) internal successors, (59), 50 states have internal predecessors, (59), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) [2022-11-03 02:44:48,744 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 17 [2022-11-03 02:44:48,745 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:44:48,745 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:44:48,746 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:44:48,751 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:44:48,751 INFO L85 PathProgramCache]: Analyzing trace with hash 748246382, now seen corresponding path program 1 times [2022-11-03 02:44:48,761 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:44:48,762 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1582888812] [2022-11-03 02:44:48,762 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:44:48,763 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:44:48,942 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:44:49,062 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:44:49,062 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:44:49,064 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1582888812] [2022-11-03 02:44:49,064 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1582888812] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:44:49,065 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:44:49,065 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-03 02:44:49,067 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [255179844] [2022-11-03 02:44:49,067 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:44:49,072 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-03 02:44:49,074 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:44:49,106 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-03 02:44:49,107 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 02:44:49,110 INFO L87 Difference]: Start difference. First operand has 65 states, 41 states have (on average 1.4390243902439024) internal successors, (59), 50 states have internal predecessors, (59), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 6.0) internal successors, (12), 2 states have internal predecessors, (12), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:44:49,229 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:44:49,229 INFO L93 Difference]: Finished difference Result 128 states and 175 transitions. [2022-11-03 02:44:49,231 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-03 02:44:49,232 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 6.0) internal successors, (12), 2 states have internal predecessors, (12), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 16 [2022-11-03 02:44:49,234 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:44:49,243 INFO L225 Difference]: With dead ends: 128 [2022-11-03 02:44:49,245 INFO L226 Difference]: Without dead ends: 60 [2022-11-03 02:44:49,249 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 02:44:49,252 INFO L413 NwaCegarLoop]: 66 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 66 SdHoareTripleChecker+Invalid, 19 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:44:49,253 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 66 Invalid, 19 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:44:49,271 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 60 states. [2022-11-03 02:44:49,292 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 60 to 60. [2022-11-03 02:44:49,293 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 60 states, 38 states have (on average 1.3421052631578947) internal successors, (51), 46 states have internal predecessors, (51), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2022-11-03 02:44:49,296 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 60 states to 60 states and 78 transitions. [2022-11-03 02:44:49,297 INFO L78 Accepts]: Start accepts. Automaton has 60 states and 78 transitions. Word has length 16 [2022-11-03 02:44:49,298 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:44:49,298 INFO L495 AbstractCegarLoop]: Abstraction has 60 states and 78 transitions. [2022-11-03 02:44:49,298 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 6.0) internal successors, (12), 2 states have internal predecessors, (12), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:44:49,298 INFO L276 IsEmpty]: Start isEmpty. Operand 60 states and 78 transitions. [2022-11-03 02:44:49,300 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2022-11-03 02:44:49,301 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:44:49,301 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:44:49,301 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-03 02:44:49,301 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:44:49,302 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:44:49,302 INFO L85 PathProgramCache]: Analyzing trace with hash -744299753, now seen corresponding path program 1 times [2022-11-03 02:44:49,302 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:44:49,303 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2036287676] [2022-11-03 02:44:49,303 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:44:49,303 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:44:49,332 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:44:49,460 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:44:49,460 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:44:49,461 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2036287676] [2022-11-03 02:44:49,461 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2036287676] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:44:49,461 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:44:49,461 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 02:44:49,462 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1442956459] [2022-11-03 02:44:49,463 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:44:49,465 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 02:44:49,465 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:44:49,467 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 02:44:49,470 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 02:44:49,471 INFO L87 Difference]: Start difference. First operand 60 states and 78 transitions. Second operand has 3 states, 3 states have (on average 4.333333333333333) internal successors, (13), 3 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:44:49,551 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:44:49,553 INFO L93 Difference]: Finished difference Result 92 states and 118 transitions. [2022-11-03 02:44:49,554 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 02:44:49,554 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 4.333333333333333) internal successors, (13), 3 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 17 [2022-11-03 02:44:49,555 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:44:49,556 INFO L225 Difference]: With dead ends: 92 [2022-11-03 02:44:49,559 INFO L226 Difference]: Without dead ends: 52 [2022-11-03 02:44:49,560 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 02:44:49,562 INFO L413 NwaCegarLoop]: 52 mSDtfsCounter, 14 mSDsluCounter, 47 mSDsCounter, 0 mSdLazyCounter, 26 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 18 SdHoareTripleChecker+Valid, 88 SdHoareTripleChecker+Invalid, 26 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 26 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-03 02:44:49,564 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [18 Valid, 88 Invalid, 26 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 26 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-03 02:44:49,565 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 52 states. [2022-11-03 02:44:49,573 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 52 to 52. [2022-11-03 02:44:49,576 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 52 states, 33 states have (on average 1.3636363636363635) internal successors, (45), 41 states have internal predecessors, (45), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 8 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-03 02:44:49,580 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 52 states to 52 states and 67 transitions. [2022-11-03 02:44:49,581 INFO L78 Accepts]: Start accepts. Automaton has 52 states and 67 transitions. Word has length 17 [2022-11-03 02:44:49,582 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:44:49,582 INFO L495 AbstractCegarLoop]: Abstraction has 52 states and 67 transitions. [2022-11-03 02:44:49,584 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 4.333333333333333) internal successors, (13), 3 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:44:49,584 INFO L276 IsEmpty]: Start isEmpty. Operand 52 states and 67 transitions. [2022-11-03 02:44:49,585 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2022-11-03 02:44:49,586 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:44:49,587 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:44:49,587 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-03 02:44:49,587 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:44:49,588 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:44:49,593 INFO L85 PathProgramCache]: Analyzing trace with hash 2002296916, now seen corresponding path program 1 times [2022-11-03 02:44:49,593 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:44:49,594 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [526951815] [2022-11-03 02:44:49,594 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:44:49,594 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:44:49,614 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:44:49,773 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:44:49,774 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:44:49,775 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [526951815] [2022-11-03 02:44:49,775 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [526951815] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:44:49,776 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:44:49,776 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-03 02:44:49,776 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1325419303] [2022-11-03 02:44:49,776 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:44:49,777 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-03 02:44:49,777 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:44:49,778 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-03 02:44:49,779 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-03 02:44:49,779 INFO L87 Difference]: Start difference. First operand 52 states and 67 transitions. Second operand has 4 states, 4 states have (on average 4.25) internal successors, (17), 4 states have internal predecessors, (17), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:44:49,925 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:44:49,926 INFO L93 Difference]: Finished difference Result 135 states and 174 transitions. [2022-11-03 02:44:49,926 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-03 02:44:49,926 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 4.25) internal successors, (17), 4 states have internal predecessors, (17), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 20 [2022-11-03 02:44:49,927 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:44:49,931 INFO L225 Difference]: With dead ends: 135 [2022-11-03 02:44:49,931 INFO L226 Difference]: Without dead ends: 85 [2022-11-03 02:44:49,936 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-03 02:44:49,939 INFO L413 NwaCegarLoop]: 60 mSDtfsCounter, 90 mSDsluCounter, 92 mSDsCounter, 0 mSdLazyCounter, 47 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 94 SdHoareTripleChecker+Valid, 131 SdHoareTripleChecker+Invalid, 56 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 47 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:44:49,943 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [94 Valid, 131 Invalid, 56 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 47 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:44:49,944 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 85 states. [2022-11-03 02:44:49,963 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 85 to 82. [2022-11-03 02:44:49,963 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 82 states, 53 states have (on average 1.3584905660377358) internal successors, (72), 64 states have internal predecessors, (72), 16 states have call successors, (16), 12 states have call predecessors, (16), 12 states have return successors, (17), 12 states have call predecessors, (17), 16 states have call successors, (17) [2022-11-03 02:44:49,964 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 82 states to 82 states and 105 transitions. [2022-11-03 02:44:49,965 INFO L78 Accepts]: Start accepts. Automaton has 82 states and 105 transitions. Word has length 20 [2022-11-03 02:44:49,965 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:44:49,965 INFO L495 AbstractCegarLoop]: Abstraction has 82 states and 105 transitions. [2022-11-03 02:44:49,966 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 4.25) internal successors, (17), 4 states have internal predecessors, (17), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:44:49,966 INFO L276 IsEmpty]: Start isEmpty. Operand 82 states and 105 transitions. [2022-11-03 02:44:49,967 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2022-11-03 02:44:49,967 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:44:49,967 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:44:49,968 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-03 02:44:49,968 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:44:49,968 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:44:49,969 INFO L85 PathProgramCache]: Analyzing trace with hash -1831391687, now seen corresponding path program 1 times [2022-11-03 02:44:49,969 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:44:49,969 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1594903100] [2022-11-03 02:44:49,969 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:44:49,969 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:44:49,984 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:44:50,100 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:44:50,100 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:44:50,100 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1594903100] [2022-11-03 02:44:50,101 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1594903100] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:44:50,101 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:44:50,101 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-03 02:44:50,101 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [538646245] [2022-11-03 02:44:50,101 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:44:50,102 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-03 02:44:50,102 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:44:50,102 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-03 02:44:50,102 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-03 02:44:50,103 INFO L87 Difference]: Start difference. First operand 82 states and 105 transitions. Second operand has 6 states, 5 states have (on average 4.0) internal successors, (20), 4 states have internal predecessors, (20), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:44:50,277 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:44:50,277 INFO L93 Difference]: Finished difference Result 240 states and 314 transitions. [2022-11-03 02:44:50,278 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-11-03 02:44:50,278 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.0) internal successors, (20), 4 states have internal predecessors, (20), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2022-11-03 02:44:50,278 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:44:50,284 INFO L225 Difference]: With dead ends: 240 [2022-11-03 02:44:50,285 INFO L226 Difference]: Without dead ends: 160 [2022-11-03 02:44:50,287 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-11-03 02:44:50,296 INFO L413 NwaCegarLoop]: 61 mSDtfsCounter, 44 mSDsluCounter, 255 mSDsCounter, 0 mSdLazyCounter, 107 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 47 SdHoareTripleChecker+Valid, 268 SdHoareTripleChecker+Invalid, 109 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 107 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:44:50,297 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [47 Valid, 268 Invalid, 109 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 107 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:44:50,298 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 160 states. [2022-11-03 02:44:50,345 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 160 to 152. [2022-11-03 02:44:50,345 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 152 states, 99 states have (on average 1.3434343434343434) internal successors, (133), 118 states have internal predecessors, (133), 30 states have call successors, (30), 22 states have call predecessors, (30), 22 states have return successors, (32), 22 states have call predecessors, (32), 30 states have call successors, (32) [2022-11-03 02:44:50,349 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 152 states to 152 states and 195 transitions. [2022-11-03 02:44:50,349 INFO L78 Accepts]: Start accepts. Automaton has 152 states and 195 transitions. Word has length 23 [2022-11-03 02:44:50,350 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:44:50,350 INFO L495 AbstractCegarLoop]: Abstraction has 152 states and 195 transitions. [2022-11-03 02:44:50,350 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 4.0) internal successors, (20), 4 states have internal predecessors, (20), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:44:50,351 INFO L276 IsEmpty]: Start isEmpty. Operand 152 states and 195 transitions. [2022-11-03 02:44:50,352 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-11-03 02:44:50,352 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:44:50,353 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:44:50,353 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-03 02:44:50,353 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:44:50,353 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:44:50,354 INFO L85 PathProgramCache]: Analyzing trace with hash -1812859144, now seen corresponding path program 1 times [2022-11-03 02:44:50,354 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:44:50,354 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [407074892] [2022-11-03 02:44:50,354 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:44:50,355 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:44:50,394 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:44:50,565 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:44:50,566 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:44:50,566 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [407074892] [2022-11-03 02:44:50,566 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [407074892] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:44:50,566 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:44:50,568 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-03 02:44:50,571 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [741669930] [2022-11-03 02:44:50,572 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:44:50,572 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-03 02:44:50,573 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:44:50,573 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-03 02:44:50,574 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-03 02:44:50,575 INFO L87 Difference]: Start difference. First operand 152 states and 195 transitions. Second operand has 4 states, 4 states have (on average 5.25) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 02:44:50,693 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:44:50,694 INFO L93 Difference]: Finished difference Result 368 states and 488 transitions. [2022-11-03 02:44:50,694 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-03 02:44:50,700 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 5.25) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 26 [2022-11-03 02:44:50,700 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:44:50,706 INFO L225 Difference]: With dead ends: 368 [2022-11-03 02:44:50,706 INFO L226 Difference]: Without dead ends: 218 [2022-11-03 02:44:50,707 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-03 02:44:50,708 INFO L413 NwaCegarLoop]: 58 mSDtfsCounter, 38 mSDsluCounter, 115 mSDsCounter, 0 mSdLazyCounter, 51 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 38 SdHoareTripleChecker+Valid, 155 SdHoareTripleChecker+Invalid, 59 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 51 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:44:50,708 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [38 Valid, 155 Invalid, 59 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 51 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:44:50,709 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 218 states. [2022-11-03 02:44:50,766 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 218 to 210. [2022-11-03 02:44:50,768 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 210 states, 143 states have (on average 1.2797202797202798) internal successors, (183), 159 states have internal predecessors, (183), 35 states have call successors, (35), 31 states have call predecessors, (35), 31 states have return successors, (47), 33 states have call predecessors, (47), 35 states have call successors, (47) [2022-11-03 02:44:50,773 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 210 states to 210 states and 265 transitions. [2022-11-03 02:44:50,773 INFO L78 Accepts]: Start accepts. Automaton has 210 states and 265 transitions. Word has length 26 [2022-11-03 02:44:50,774 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:44:50,774 INFO L495 AbstractCegarLoop]: Abstraction has 210 states and 265 transitions. [2022-11-03 02:44:50,774 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 5.25) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 02:44:50,774 INFO L276 IsEmpty]: Start isEmpty. Operand 210 states and 265 transitions. [2022-11-03 02:44:50,782 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2022-11-03 02:44:50,783 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:44:50,783 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:44:50,783 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-03 02:44:50,783 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:44:50,784 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:44:50,784 INFO L85 PathProgramCache]: Analyzing trace with hash 386536124, now seen corresponding path program 1 times [2022-11-03 02:44:50,784 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:44:50,784 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1447484905] [2022-11-03 02:44:50,784 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:44:50,785 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:44:50,811 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:44:51,241 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-03 02:44:51,242 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:44:51,242 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1447484905] [2022-11-03 02:44:51,242 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1447484905] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:44:51,242 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [142585649] [2022-11-03 02:44:51,242 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:44:51,243 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:44:51,243 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:44:51,248 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:44:51,272 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-03 02:44:51,371 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:44:51,390 INFO L263 TraceCheckSpWp]: Trace formula consists of 347 conjuncts, 31 conjunts are in the unsatisfiable core [2022-11-03 02:44:51,396 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:44:51,798 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:44:51,799 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 02:44:52,232 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-03 02:44:52,232 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [142585649] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 02:44:52,232 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [792627824] [2022-11-03 02:44:52,251 INFO L159 IcfgInterpreter]: Started Sifa with 34 locations of interest [2022-11-03 02:44:52,252 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 02:44:52,255 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 02:44:52,261 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 02:44:52,261 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 02:44:56,540 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 317 for LOIs [2022-11-03 02:44:58,403 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 313 for LOIs [2022-11-03 02:44:58,797 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 294 for LOIs [2022-11-03 02:44:58,831 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 02:45:38,431 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSifa [792627824] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:45:38,431 INFO L184 FreeRefinementEngine]: Found 1 perfect and 3 imperfect interpolant sequences. [2022-11-03 02:45:38,431 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [15] imperfect sequences [12, 10, 10] total 38 [2022-11-03 02:45:38,432 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1497758776] [2022-11-03 02:45:38,432 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:45:38,433 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 16 states [2022-11-03 02:45:38,433 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:45:38,433 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 16 interpolants. [2022-11-03 02:45:38,434 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=248, Invalid=1158, Unknown=0, NotChecked=0, Total=1406 [2022-11-03 02:45:38,435 INFO L87 Difference]: Start difference. First operand 210 states and 265 transitions. Second operand has 16 states, 13 states have (on average 1.9230769230769231) internal successors, (25), 13 states have internal predecessors, (25), 4 states have call successors, (5), 4 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-03 02:45:53,095 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:45:53,096 INFO L93 Difference]: Finished difference Result 490 states and 616 transitions. [2022-11-03 02:45:53,096 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 16 states. [2022-11-03 02:45:53,097 INFO L78 Accepts]: Start accepts. Automaton has has 16 states, 13 states have (on average 1.9230769230769231) internal successors, (25), 13 states have internal predecessors, (25), 4 states have call successors, (5), 4 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) Word has length 35 [2022-11-03 02:45:53,097 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:45:53,098 INFO L225 Difference]: With dead ends: 490 [2022-11-03 02:45:53,098 INFO L226 Difference]: Without dead ends: 282 [2022-11-03 02:45:53,100 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 120 GetRequests, 77 SyntacticMatches, 3 SemanticMatches, 40 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 610 ImplicationChecksByTransitivity, 51.6s TimeCoverageRelationStatistics Valid=310, Invalid=1412, Unknown=0, NotChecked=0, Total=1722 [2022-11-03 02:45:53,100 INFO L413 NwaCegarLoop]: 57 mSDtfsCounter, 105 mSDsluCounter, 267 mSDsCounter, 0 mSdLazyCounter, 579 mSolverCounterSat, 56 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 2.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 106 SdHoareTripleChecker+Valid, 317 SdHoareTripleChecker+Invalid, 635 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 56 IncrementalHoareTripleChecker+Valid, 579 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.8s IncrementalHoareTripleChecker+Time [2022-11-03 02:45:53,101 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [106 Valid, 317 Invalid, 635 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [56 Valid, 579 Invalid, 0 Unknown, 0 Unchecked, 2.8s Time] [2022-11-03 02:45:53,101 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 282 states. [2022-11-03 02:45:53,189 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 282 to 269. [2022-11-03 02:45:53,190 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 269 states, 184 states have (on average 1.2554347826086956) internal successors, (231), 201 states have internal predecessors, (231), 44 states have call successors, (44), 40 states have call predecessors, (44), 40 states have return successors, (56), 41 states have call predecessors, (56), 44 states have call successors, (56) [2022-11-03 02:45:53,192 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 269 states to 269 states and 331 transitions. [2022-11-03 02:45:53,192 INFO L78 Accepts]: Start accepts. Automaton has 269 states and 331 transitions. Word has length 35 [2022-11-03 02:45:53,192 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:45:53,192 INFO L495 AbstractCegarLoop]: Abstraction has 269 states and 331 transitions. [2022-11-03 02:45:53,192 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 16 states, 13 states have (on average 1.9230769230769231) internal successors, (25), 13 states have internal predecessors, (25), 4 states have call successors, (5), 4 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-03 02:45:53,193 INFO L276 IsEmpty]: Start isEmpty. Operand 269 states and 331 transitions. [2022-11-03 02:45:53,194 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-11-03 02:45:53,194 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:45:53,194 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:45:53,232 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-03 02:45:53,408 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:45:53,409 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:45:53,409 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:45:53,409 INFO L85 PathProgramCache]: Analyzing trace with hash 772749482, now seen corresponding path program 1 times [2022-11-03 02:45:53,409 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:45:53,409 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [665019835] [2022-11-03 02:45:53,410 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:45:53,410 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:45:53,424 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:45:53,735 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-03 02:45:53,735 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:45:53,735 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [665019835] [2022-11-03 02:45:53,735 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [665019835] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:45:53,735 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1990507360] [2022-11-03 02:45:53,736 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:45:53,736 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:45:53,736 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:45:53,737 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:45:53,764 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-03 02:45:53,835 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:45:53,837 INFO L263 TraceCheckSpWp]: Trace formula consists of 353 conjuncts, 31 conjunts are in the unsatisfiable core [2022-11-03 02:45:53,839 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:45:54,051 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:45:54,051 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 02:45:54,378 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-03 02:45:54,378 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1990507360] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 02:45:54,378 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [847314328] [2022-11-03 02:45:54,381 INFO L159 IcfgInterpreter]: Started Sifa with 37 locations of interest [2022-11-03 02:45:54,381 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 02:45:54,382 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 02:45:54,382 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 02:45:54,382 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 02:45:57,670 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 294 for LOIs [2022-11-03 02:45:57,707 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 314 for LOIs [2022-11-03 02:45:59,484 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 309 for LOIs [2022-11-03 02:46:01,254 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 43 for LOIs [2022-11-03 02:46:01,260 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 292 for LOIs [2022-11-03 02:46:01,312 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 02:46:45,962 WARN L234 SmtUtils]: Spent 5.58s on a formula simplification. DAG size of input: 347 DAG size of output: 315 (called from [L 360] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-03 02:46:47,989 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '4088#(and (<= ~methaneLevelCritical~0 1) (= ~head~0.offset 0) (<= 2 ~waterLevel~0) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~9#1|) (= 1 ~systemActive~0) (= |old(~pumpRunning~0)| 0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1|) (<= 2 |old(~waterLevel~0)|) (= |timeShift___utac_acc__Specification1_spec__1_~tmp~1#1| ~methaneLevelCritical~0) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~9#1|) (<= 0 ~methaneLevelCritical~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (<= 0 |#StackHeapBarrier|) (= ~pumpRunning~0 1) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp~1#1| 0)) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 02:46:47,990 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 02:46:47,990 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 02:46:47,990 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 10, 10] total 24 [2022-11-03 02:46:47,990 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1638672125] [2022-11-03 02:46:47,990 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 02:46:47,991 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 24 states [2022-11-03 02:46:47,991 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:46:47,991 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 24 interpolants. [2022-11-03 02:46:47,992 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=337, Invalid=2213, Unknown=0, NotChecked=0, Total=2550 [2022-11-03 02:46:47,993 INFO L87 Difference]: Start difference. First operand 269 states and 331 transitions. Second operand has 24 states, 18 states have (on average 3.2777777777777777) internal successors, (59), 18 states have internal predecessors, (59), 7 states have call successors, (14), 6 states have call predecessors, (14), 10 states have return successors, (13), 11 states have call predecessors, (13), 7 states have call successors, (13) [2022-11-03 02:46:52,844 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:46:52,844 INFO L93 Difference]: Finished difference Result 1158 states and 1604 transitions. [2022-11-03 02:46:52,844 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 72 states. [2022-11-03 02:46:52,845 INFO L78 Accepts]: Start accepts. Automaton has has 24 states, 18 states have (on average 3.2777777777777777) internal successors, (59), 18 states have internal predecessors, (59), 7 states have call successors, (14), 6 states have call predecessors, (14), 10 states have return successors, (13), 11 states have call predecessors, (13), 7 states have call successors, (13) Word has length 38 [2022-11-03 02:46:52,845 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:46:52,852 INFO L225 Difference]: With dead ends: 1158 [2022-11-03 02:46:52,853 INFO L226 Difference]: Without dead ends: 897 [2022-11-03 02:46:52,862 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 203 GetRequests, 87 SyntacticMatches, 3 SemanticMatches, 113 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4880 ImplicationChecksByTransitivity, 49.5s TimeCoverageRelationStatistics Valid=1552, Invalid=11558, Unknown=0, NotChecked=0, Total=13110 [2022-11-03 02:46:52,863 INFO L413 NwaCegarLoop]: 106 mSDtfsCounter, 1206 mSDsluCounter, 665 mSDsCounter, 0 mSdLazyCounter, 2534 mSolverCounterSat, 918 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1211 SdHoareTripleChecker+Valid, 624 SdHoareTripleChecker+Invalid, 3452 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 918 IncrementalHoareTripleChecker+Valid, 2534 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.0s IncrementalHoareTripleChecker+Time [2022-11-03 02:46:52,863 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1211 Valid, 624 Invalid, 3452 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [918 Valid, 2534 Invalid, 0 Unknown, 0 Unchecked, 2.0s Time] [2022-11-03 02:46:52,865 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 897 states. [2022-11-03 02:46:53,049 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 897 to 639. [2022-11-03 02:46:53,050 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 639 states, 440 states have (on average 1.2204545454545455) internal successors, (537), 476 states have internal predecessors, (537), 101 states have call successors, (101), 84 states have call predecessors, (101), 97 states have return successors, (135), 103 states have call predecessors, (135), 101 states have call successors, (135) [2022-11-03 02:46:53,054 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 639 states to 639 states and 773 transitions. [2022-11-03 02:46:53,054 INFO L78 Accepts]: Start accepts. Automaton has 639 states and 773 transitions. Word has length 38 [2022-11-03 02:46:53,055 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:46:53,055 INFO L495 AbstractCegarLoop]: Abstraction has 639 states and 773 transitions. [2022-11-03 02:46:53,055 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 24 states, 18 states have (on average 3.2777777777777777) internal successors, (59), 18 states have internal predecessors, (59), 7 states have call successors, (14), 6 states have call predecessors, (14), 10 states have return successors, (13), 11 states have call predecessors, (13), 7 states have call successors, (13) [2022-11-03 02:46:53,055 INFO L276 IsEmpty]: Start isEmpty. Operand 639 states and 773 transitions. [2022-11-03 02:46:53,058 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 68 [2022-11-03 02:46:53,058 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:46:53,058 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:46:53,091 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-03 02:46:53,284 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:46:53,285 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:46:53,285 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:46:53,285 INFO L85 PathProgramCache]: Analyzing trace with hash -1410621706, now seen corresponding path program 1 times [2022-11-03 02:46:53,285 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:46:53,285 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [788316583] [2022-11-03 02:46:53,285 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:46:53,286 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:46:53,298 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:46:53,346 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 16 proven. 0 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2022-11-03 02:46:53,347 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:46:53,347 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [788316583] [2022-11-03 02:46:53,347 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [788316583] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:46:53,347 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:46:53,348 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-03 02:46:53,348 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [369533806] [2022-11-03 02:46:53,348 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:46:53,350 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-03 02:46:53,350 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:46:53,350 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-03 02:46:53,350 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-03 02:46:53,351 INFO L87 Difference]: Start difference. First operand 639 states and 773 transitions. Second operand has 4 states, 3 states have (on average 15.333333333333334) internal successors, (46), 4 states have internal predecessors, (46), 4 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (8), 3 states have call predecessors, (8), 4 states have call successors, (8) [2022-11-03 02:46:53,585 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:46:53,585 INFO L93 Difference]: Finished difference Result 1229 states and 1491 transitions. [2022-11-03 02:46:53,586 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-11-03 02:46:53,586 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 15.333333333333334) internal successors, (46), 4 states have internal predecessors, (46), 4 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (8), 3 states have call predecessors, (8), 4 states have call successors, (8) Word has length 67 [2022-11-03 02:46:53,590 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:46:53,594 INFO L225 Difference]: With dead ends: 1229 [2022-11-03 02:46:53,594 INFO L226 Difference]: Without dead ends: 651 [2022-11-03 02:46:53,596 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-03 02:46:53,596 INFO L413 NwaCegarLoop]: 73 mSDtfsCounter, 85 mSDsluCounter, 62 mSDsCounter, 0 mSdLazyCounter, 82 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 85 SdHoareTripleChecker+Valid, 116 SdHoareTripleChecker+Invalid, 86 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 82 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:46:53,597 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [85 Valid, 116 Invalid, 86 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 82 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:46:53,599 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 651 states. [2022-11-03 02:46:53,748 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 651 to 639. [2022-11-03 02:46:53,749 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 639 states, 440 states have (on average 1.2068181818181818) internal successors, (531), 476 states have internal predecessors, (531), 101 states have call successors, (101), 84 states have call predecessors, (101), 97 states have return successors, (124), 103 states have call predecessors, (124), 101 states have call successors, (124) [2022-11-03 02:46:53,754 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 639 states to 639 states and 756 transitions. [2022-11-03 02:46:53,755 INFO L78 Accepts]: Start accepts. Automaton has 639 states and 756 transitions. Word has length 67 [2022-11-03 02:46:53,756 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:46:53,756 INFO L495 AbstractCegarLoop]: Abstraction has 639 states and 756 transitions. [2022-11-03 02:46:53,756 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 15.333333333333334) internal successors, (46), 4 states have internal predecessors, (46), 4 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (8), 3 states have call predecessors, (8), 4 states have call successors, (8) [2022-11-03 02:46:53,757 INFO L276 IsEmpty]: Start isEmpty. Operand 639 states and 756 transitions. [2022-11-03 02:46:53,759 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 68 [2022-11-03 02:46:53,760 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:46:53,760 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:46:53,760 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-11-03 02:46:53,761 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:46:53,762 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:46:53,762 INFO L85 PathProgramCache]: Analyzing trace with hash -1326506653, now seen corresponding path program 1 times [2022-11-03 02:46:53,763 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:46:53,763 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [166588304] [2022-11-03 02:46:53,763 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:46:53,763 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:46:53,796 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:46:54,415 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 5 proven. 11 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2022-11-03 02:46:54,416 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:46:54,416 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [166588304] [2022-11-03 02:46:54,416 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [166588304] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:46:54,416 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1811030327] [2022-11-03 02:46:54,416 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:46:54,416 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:46:54,417 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:46:54,418 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:46:54,436 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-11-03 02:46:54,521 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:46:54,523 INFO L263 TraceCheckSpWp]: Trace formula consists of 438 conjuncts, 34 conjunts are in the unsatisfiable core [2022-11-03 02:46:54,527 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:46:54,865 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 13 proven. 11 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 02:46:54,866 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 02:46:55,358 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 9 proven. 3 refuted. 0 times theorem prover too weak. 14 trivial. 0 not checked. [2022-11-03 02:46:55,359 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1811030327] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 02:46:55,359 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1976956772] [2022-11-03 02:46:55,361 INFO L159 IcfgInterpreter]: Started Sifa with 44 locations of interest [2022-11-03 02:46:55,362 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 02:46:55,362 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 02:46:55,362 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 02:46:55,362 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 02:46:59,673 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 43 for LOIs [2022-11-03 02:46:59,685 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 41 for LOIs [2022-11-03 02:46:59,933 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 37 for LOIs [2022-11-03 02:47:00,166 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 38 for LOIs [2022-11-03 02:47:00,173 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 22 for LOIs [2022-11-03 02:47:00,175 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 40 for LOIs [2022-11-03 02:47:00,180 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 02:47:05,888 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '10204#(and (<= ~methaneLevelCritical~0 1) (<= 0 (+ |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 2147483648)) (= ~head~0.offset 0) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~9#1|) (<= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 2147483647) (= 1 ~systemActive~0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1|) (= |timeShift___utac_acc__Specification1_spec__1_~tmp~1#1| ~methaneLevelCritical~0) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~9#1|) (<= 0 ~methaneLevelCritical~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 0)) (<= 0 |#StackHeapBarrier|) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp~1#1| 0)) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 02:47:05,888 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 02:47:05,888 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 02:47:05,889 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 12, 14] total 31 [2022-11-03 02:47:05,889 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [153852944] [2022-11-03 02:47:05,889 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 02:47:05,889 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 31 states [2022-11-03 02:47:05,890 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:47:05,890 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 31 interpolants. [2022-11-03 02:47:05,892 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=417, Invalid=3123, Unknown=0, NotChecked=0, Total=3540 [2022-11-03 02:47:05,892 INFO L87 Difference]: Start difference. First operand 639 states and 756 transitions. Second operand has 31 states, 26 states have (on average 3.6538461538461537) internal successors, (95), 25 states have internal predecessors, (95), 13 states have call successors, (24), 11 states have call predecessors, (24), 10 states have return successors, (22), 9 states have call predecessors, (22), 13 states have call successors, (22) [2022-11-03 02:47:11,006 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:47:11,006 INFO L93 Difference]: Finished difference Result 3275 states and 4012 transitions. [2022-11-03 02:47:11,007 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 76 states. [2022-11-03 02:47:11,007 INFO L78 Accepts]: Start accepts. Automaton has has 31 states, 26 states have (on average 3.6538461538461537) internal successors, (95), 25 states have internal predecessors, (95), 13 states have call successors, (24), 11 states have call predecessors, (24), 10 states have return successors, (22), 9 states have call predecessors, (22), 13 states have call successors, (22) Word has length 67 [2022-11-03 02:47:11,007 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:47:11,020 INFO L225 Difference]: With dead ends: 3275 [2022-11-03 02:47:11,020 INFO L226 Difference]: Without dead ends: 2758 [2022-11-03 02:47:11,026 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 297 GetRequests, 153 SyntacticMatches, 17 SemanticMatches, 127 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7574 ImplicationChecksByTransitivity, 8.4s TimeCoverageRelationStatistics Valid=2241, Invalid=14271, Unknown=0, NotChecked=0, Total=16512 [2022-11-03 02:47:11,027 INFO L413 NwaCegarLoop]: 119 mSDtfsCounter, 1584 mSDsluCounter, 1432 mSDsCounter, 0 mSdLazyCounter, 2704 mSolverCounterSat, 1053 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1593 SdHoareTripleChecker+Valid, 1296 SdHoareTripleChecker+Invalid, 3757 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1053 IncrementalHoareTripleChecker+Valid, 2704 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:47:11,027 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1593 Valid, 1296 Invalid, 3757 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1053 Valid, 2704 Invalid, 0 Unknown, 0 Unchecked, 2.1s Time] [2022-11-03 02:47:11,030 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2758 states. [2022-11-03 02:47:11,479 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2758 to 2398. [2022-11-03 02:47:11,483 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2398 states, 1696 states have (on average 1.2234669811320755) internal successors, (2075), 1816 states have internal predecessors, (2075), 363 states have call successors, (363), 278 states have call predecessors, (363), 338 states have return successors, (481), 386 states have call predecessors, (481), 363 states have call successors, (481) [2022-11-03 02:47:11,493 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2398 states to 2398 states and 2919 transitions. [2022-11-03 02:47:11,493 INFO L78 Accepts]: Start accepts. Automaton has 2398 states and 2919 transitions. Word has length 67 [2022-11-03 02:47:11,495 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:47:11,495 INFO L495 AbstractCegarLoop]: Abstraction has 2398 states and 2919 transitions. [2022-11-03 02:47:11,496 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 31 states, 26 states have (on average 3.6538461538461537) internal successors, (95), 25 states have internal predecessors, (95), 13 states have call successors, (24), 11 states have call predecessors, (24), 10 states have return successors, (22), 9 states have call predecessors, (22), 13 states have call successors, (22) [2022-11-03 02:47:11,496 INFO L276 IsEmpty]: Start isEmpty. Operand 2398 states and 2919 transitions. [2022-11-03 02:47:11,501 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 86 [2022-11-03 02:47:11,501 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:47:11,501 INFO L195 NwaCegarLoop]: trace histogram [4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:47:11,536 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2022-11-03 02:47:11,728 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:47:11,728 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:47:11,729 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:47:11,729 INFO L85 PathProgramCache]: Analyzing trace with hash 421351203, now seen corresponding path program 1 times [2022-11-03 02:47:11,729 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:47:11,729 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [122604767] [2022-11-03 02:47:11,729 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:47:11,730 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:47:11,748 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:47:12,295 INFO L134 CoverageAnalysis]: Checked inductivity of 62 backedges. 31 proven. 17 refuted. 0 times theorem prover too weak. 14 trivial. 0 not checked. [2022-11-03 02:47:12,296 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:47:12,296 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [122604767] [2022-11-03 02:47:12,296 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [122604767] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:47:12,296 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [809496265] [2022-11-03 02:47:12,296 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:47:12,297 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:47:12,297 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:47:12,298 INFO L229 MonitoredProcess]: Starting monitored process 5 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:47:12,320 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2022-11-03 02:47:12,407 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:47:12,410 INFO L263 TraceCheckSpWp]: Trace formula consists of 491 conjuncts, 26 conjunts are in the unsatisfiable core [2022-11-03 02:47:12,413 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:47:12,820 INFO L134 CoverageAnalysis]: Checked inductivity of 62 backedges. 44 proven. 16 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 02:47:12,820 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 02:47:13,604 INFO L134 CoverageAnalysis]: Checked inductivity of 62 backedges. 38 proven. 10 refuted. 0 times theorem prover too weak. 14 trivial. 0 not checked. [2022-11-03 02:47:13,605 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [809496265] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 02:47:13,605 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1640915428] [2022-11-03 02:47:13,612 INFO L159 IcfgInterpreter]: Started Sifa with 44 locations of interest [2022-11-03 02:47:13,612 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 02:47:13,614 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 02:47:13,614 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 02:47:13,614 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 02:47:15,445 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 28 for LOIs [2022-11-03 02:47:15,633 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 59 for LOIs [2022-11-03 02:47:16,068 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 37 for LOIs [2022-11-03 02:47:16,073 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 42 for LOIs [2022-11-03 02:47:16,080 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 37 for LOIs [2022-11-03 02:47:16,083 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 02:47:22,170 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '19408#(and (<= ~methaneLevelCritical~0 1) (<= 0 ~systemActive~0) (<= 0 (+ |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 2147483648)) (= ~head~0.offset 0) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~9#1|) (<= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 2147483647) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1|) (= |timeShift___utac_acc__Specification1_spec__1_~tmp~1#1| ~methaneLevelCritical~0) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~9#1|) (<= 0 ~methaneLevelCritical~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 0)) (<= 0 |#StackHeapBarrier|) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp~1#1| 0)) (<= ~systemActive~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 02:47:22,170 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 02:47:22,170 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 02:47:22,170 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 11, 11] total 24 [2022-11-03 02:47:22,170 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1779689306] [2022-11-03 02:47:22,170 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 02:47:22,171 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 24 states [2022-11-03 02:47:22,171 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:47:22,172 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 24 interpolants. [2022-11-03 02:47:22,172 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=351, Invalid=2955, Unknown=0, NotChecked=0, Total=3306 [2022-11-03 02:47:22,173 INFO L87 Difference]: Start difference. First operand 2398 states and 2919 transitions. Second operand has 24 states, 24 states have (on average 5.083333333333333) internal successors, (122), 20 states have internal predecessors, (122), 16 states have call successors, (26), 9 states have call predecessors, (26), 9 states have return successors, (25), 11 states have call predecessors, (25), 16 states have call successors, (25) [2022-11-03 02:47:24,534 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:47:24,534 INFO L93 Difference]: Finished difference Result 6276 states and 7743 transitions. [2022-11-03 02:47:24,535 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 34 states. [2022-11-03 02:47:24,535 INFO L78 Accepts]: Start accepts. Automaton has has 24 states, 24 states have (on average 5.083333333333333) internal successors, (122), 20 states have internal predecessors, (122), 16 states have call successors, (26), 9 states have call predecessors, (26), 9 states have return successors, (25), 11 states have call predecessors, (25), 16 states have call successors, (25) Word has length 85 [2022-11-03 02:47:24,535 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:47:24,555 INFO L225 Difference]: With dead ends: 6276 [2022-11-03 02:47:24,555 INFO L226 Difference]: Without dead ends: 4043 [2022-11-03 02:47:24,564 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 298 GetRequests, 212 SyntacticMatches, 5 SemanticMatches, 81 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2712 ImplicationChecksByTransitivity, 7.3s TimeCoverageRelationStatistics Valid=823, Invalid=5983, Unknown=0, NotChecked=0, Total=6806 [2022-11-03 02:47:24,565 INFO L413 NwaCegarLoop]: 84 mSDtfsCounter, 623 mSDsluCounter, 562 mSDsCounter, 0 mSdLazyCounter, 878 mSolverCounterSat, 382 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 627 SdHoareTripleChecker+Valid, 545 SdHoareTripleChecker+Invalid, 1260 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 382 IncrementalHoareTripleChecker+Valid, 878 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2022-11-03 02:47:24,565 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [627 Valid, 545 Invalid, 1260 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [382 Valid, 878 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2022-11-03 02:47:24,570 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 4043 states. [2022-11-03 02:47:25,146 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 4043 to 2924. [2022-11-03 02:47:25,152 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2924 states, 2072 states have (on average 1.2186293436293436) internal successors, (2525), 2206 states have internal predecessors, (2525), 433 states have call successors, (433), 367 states have call predecessors, (433), 418 states have return successors, (553), 435 states have call predecessors, (553), 433 states have call successors, (553) [2022-11-03 02:47:25,212 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2924 states to 2924 states and 3511 transitions. [2022-11-03 02:47:25,213 INFO L78 Accepts]: Start accepts. Automaton has 2924 states and 3511 transitions. Word has length 85 [2022-11-03 02:47:25,213 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:47:25,213 INFO L495 AbstractCegarLoop]: Abstraction has 2924 states and 3511 transitions. [2022-11-03 02:47:25,213 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 24 states, 24 states have (on average 5.083333333333333) internal successors, (122), 20 states have internal predecessors, (122), 16 states have call successors, (26), 9 states have call predecessors, (26), 9 states have return successors, (25), 11 states have call predecessors, (25), 16 states have call successors, (25) [2022-11-03 02:47:25,213 INFO L276 IsEmpty]: Start isEmpty. Operand 2924 states and 3511 transitions. [2022-11-03 02:47:25,220 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 122 [2022-11-03 02:47:25,220 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:47:25,221 INFO L195 NwaCegarLoop]: trace histogram [6, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:47:25,256 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2022-11-03 02:47:25,440 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-03 02:47:25,440 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:47:25,441 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:47:25,441 INFO L85 PathProgramCache]: Analyzing trace with hash -207946092, now seen corresponding path program 1 times [2022-11-03 02:47:25,441 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:47:25,441 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [537520388] [2022-11-03 02:47:25,441 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:47:25,441 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:47:25,472 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:47:26,428 INFO L134 CoverageAnalysis]: Checked inductivity of 149 backedges. 55 proven. 55 refuted. 0 times theorem prover too weak. 39 trivial. 0 not checked. [2022-11-03 02:47:26,429 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:47:26,429 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [537520388] [2022-11-03 02:47:26,429 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [537520388] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:47:26,429 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [703328825] [2022-11-03 02:47:26,429 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:47:26,429 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:47:26,430 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:47:26,432 INFO L229 MonitoredProcess]: Starting monitored process 6 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:47:26,452 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2022-11-03 02:47:26,564 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:47:26,568 INFO L263 TraceCheckSpWp]: Trace formula consists of 614 conjuncts, 36 conjunts are in the unsatisfiable core [2022-11-03 02:47:26,571 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:47:27,133 INFO L134 CoverageAnalysis]: Checked inductivity of 149 backedges. 84 proven. 44 refuted. 0 times theorem prover too weak. 21 trivial. 0 not checked. [2022-11-03 02:47:27,133 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 02:47:27,991 INFO L134 CoverageAnalysis]: Checked inductivity of 149 backedges. 77 proven. 25 refuted. 0 times theorem prover too weak. 47 trivial. 0 not checked. [2022-11-03 02:47:27,991 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [703328825] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 02:47:27,991 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1342545788] [2022-11-03 02:47:27,994 INFO L159 IcfgInterpreter]: Started Sifa with 47 locations of interest [2022-11-03 02:47:27,994 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 02:47:27,995 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 02:47:27,995 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 02:47:27,995 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 02:47:32,261 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 43 for LOIs [2022-11-03 02:47:32,268 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 41 for LOIs [2022-11-03 02:47:32,623 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 37 for LOIs [2022-11-03 02:47:32,892 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 38 for LOIs [2022-11-03 02:47:32,896 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 22 for LOIs [2022-11-03 02:47:32,899 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 40 for LOIs [2022-11-03 02:47:32,903 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 44 for LOIs [2022-11-03 02:47:32,908 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 02:47:39,770 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '34007#(and (<= ~methaneLevelCritical~0 1) (<= 0 (+ |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 2147483648)) (= ~head~0.offset 0) (<= 1 ~systemActive~0) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~9#1|) (<= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 2147483647) (<= |#NULL.offset| 0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1|) (= |timeShift___utac_acc__Specification1_spec__1_~tmp~1#1| ~methaneLevelCritical~0) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~9#1|) (<= 0 ~head~0.base) (<= 0 ~methaneLevelCritical~0) (<= ~head~0.base 0) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 0)) (<= 0 |#NULL.offset|) (<= 0 |#StackHeapBarrier|) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp~1#1| 0)) (<= ~systemActive~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 02:47:39,770 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 02:47:39,770 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 02:47:39,770 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [19, 13, 13] total 36 [2022-11-03 02:47:39,771 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1209982392] [2022-11-03 02:47:39,771 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 02:47:39,772 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 36 states [2022-11-03 02:47:39,772 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:47:39,772 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 36 interpolants. [2022-11-03 02:47:39,773 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=484, Invalid=4072, Unknown=0, NotChecked=0, Total=4556 [2022-11-03 02:47:39,774 INFO L87 Difference]: Start difference. First operand 2924 states and 3511 transitions. Second operand has 36 states, 33 states have (on average 5.0606060606060606) internal successors, (167), 34 states have internal predecessors, (167), 23 states have call successors, (39), 9 states have call predecessors, (39), 15 states have return successors, (41), 18 states have call predecessors, (41), 23 states have call successors, (41) [2022-11-03 02:47:43,832 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:47:43,832 INFO L93 Difference]: Finished difference Result 6638 states and 8223 transitions. [2022-11-03 02:47:43,833 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 52 states. [2022-11-03 02:47:43,833 INFO L78 Accepts]: Start accepts. Automaton has has 36 states, 33 states have (on average 5.0606060606060606) internal successors, (167), 34 states have internal predecessors, (167), 23 states have call successors, (39), 9 states have call predecessors, (39), 15 states have return successors, (41), 18 states have call predecessors, (41), 23 states have call successors, (41) Word has length 121 [2022-11-03 02:47:43,833 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:47:43,853 INFO L225 Difference]: With dead ends: 6638 [2022-11-03 02:47:43,853 INFO L226 Difference]: Without dead ends: 3698 [2022-11-03 02:47:43,865 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 438 GetRequests, 299 SyntacticMatches, 30 SemanticMatches, 109 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 6855 ImplicationChecksByTransitivity, 9.0s TimeCoverageRelationStatistics Valid=1517, Invalid=10693, Unknown=0, NotChecked=0, Total=12210 [2022-11-03 02:47:43,866 INFO L413 NwaCegarLoop]: 104 mSDtfsCounter, 1789 mSDsluCounter, 1032 mSDsCounter, 0 mSdLazyCounter, 1905 mSolverCounterSat, 1015 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1798 SdHoareTripleChecker+Valid, 942 SdHoareTripleChecker+Invalid, 2920 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1015 IncrementalHoareTripleChecker+Valid, 1905 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.6s IncrementalHoareTripleChecker+Time [2022-11-03 02:47:43,866 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1798 Valid, 942 Invalid, 2920 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1015 Valid, 1905 Invalid, 0 Unknown, 0 Unchecked, 1.6s Time] [2022-11-03 02:47:43,870 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 3698 states. [2022-11-03 02:47:44,557 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 3698 to 2941. [2022-11-03 02:47:44,562 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2941 states, 2094 states have (on average 1.2196752626552054) internal successors, (2554), 2229 states have internal predecessors, (2554), 443 states have call successors, (443), 400 states have call predecessors, (443), 403 states have return successors, (504), 403 states have call predecessors, (504), 443 states have call successors, (504) [2022-11-03 02:47:44,571 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2941 states to 2941 states and 3501 transitions. [2022-11-03 02:47:44,572 INFO L78 Accepts]: Start accepts. Automaton has 2941 states and 3501 transitions. Word has length 121 [2022-11-03 02:47:44,573 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:47:44,573 INFO L495 AbstractCegarLoop]: Abstraction has 2941 states and 3501 transitions. [2022-11-03 02:47:44,573 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 36 states, 33 states have (on average 5.0606060606060606) internal successors, (167), 34 states have internal predecessors, (167), 23 states have call successors, (39), 9 states have call predecessors, (39), 15 states have return successors, (41), 18 states have call predecessors, (41), 23 states have call successors, (41) [2022-11-03 02:47:44,573 INFO L276 IsEmpty]: Start isEmpty. Operand 2941 states and 3501 transitions. [2022-11-03 02:47:44,578 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 146 [2022-11-03 02:47:44,579 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:47:44,579 INFO L195 NwaCegarLoop]: trace histogram [7, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:47:44,619 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Forceful destruction successful, exit code 0 [2022-11-03 02:47:44,792 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2022-11-03 02:47:44,793 INFO L420 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:47:44,793 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:47:44,793 INFO L85 PathProgramCache]: Analyzing trace with hash -1410346348, now seen corresponding path program 1 times [2022-11-03 02:47:44,793 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:47:44,793 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [846723224] [2022-11-03 02:47:44,793 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:47:44,793 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:47:44,824 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:47:46,253 INFO L134 CoverageAnalysis]: Checked inductivity of 226 backedges. 29 proven. 127 refuted. 0 times theorem prover too weak. 70 trivial. 0 not checked. [2022-11-03 02:47:46,254 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:47:46,254 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [846723224] [2022-11-03 02:47:46,254 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [846723224] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:47:46,254 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [159148989] [2022-11-03 02:47:46,254 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:47:46,254 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:47:46,254 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:47:46,255 INFO L229 MonitoredProcess]: Starting monitored process 7 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:47:46,257 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Waiting until timeout for monitored process [2022-11-03 02:47:46,386 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:47:46,389 INFO L263 TraceCheckSpWp]: Trace formula consists of 679 conjuncts, 63 conjunts are in the unsatisfiable core [2022-11-03 02:47:46,393 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:47:47,324 INFO L134 CoverageAnalysis]: Checked inductivity of 226 backedges. 44 proven. 155 refuted. 0 times theorem prover too weak. 27 trivial. 0 not checked. [2022-11-03 02:47:47,324 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 02:47:48,957 INFO L134 CoverageAnalysis]: Checked inductivity of 226 backedges. 58 proven. 74 refuted. 0 times theorem prover too weak. 94 trivial. 0 not checked. [2022-11-03 02:47:48,957 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [159148989] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 02:47:48,957 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1087910274] [2022-11-03 02:47:48,967 INFO L159 IcfgInterpreter]: Started Sifa with 50 locations of interest [2022-11-03 02:47:48,967 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 02:47:48,969 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 02:47:48,969 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 02:47:48,970 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 02:47:56,616 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 312 for LOIs [2022-11-03 02:47:56,687 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 44 for LOIs [2022-11-03 02:47:56,971 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 58 for LOIs [2022-11-03 02:47:57,305 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 22 for LOIs [2022-11-03 02:47:57,307 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 23 for LOIs [2022-11-03 02:47:57,309 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 34 for LOIs [2022-11-03 02:47:57,311 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 30 for LOIs [2022-11-03 02:47:57,313 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 02:48:10,439 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '49365#(and (<= |timeShift___utac_acc__Specification1_spec__1_~tmp~1#1| 1) (<= ~methaneLevelCritical~0 1) (<= 0 ~systemActive~0) (<= 0 (+ |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 2147483648)) (= ~head~0.offset 0) (<= 0 |timeShift___utac_acc__Specification1_spec__1_~tmp~1#1|) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~9#1|) (<= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 2147483647) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1|) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~9#1|) (<= 0 ~methaneLevelCritical~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 0)) (<= 0 |#StackHeapBarrier|) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp~1#1| 0)) (<= ~systemActive~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 02:48:10,439 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 02:48:10,439 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 02:48:10,439 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [22, 22, 23] total 54 [2022-11-03 02:48:10,439 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2125491554] [2022-11-03 02:48:10,440 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 02:48:10,440 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 54 states [2022-11-03 02:48:10,441 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:48:10,441 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 54 interpolants. [2022-11-03 02:48:10,442 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=970, Invalid=8150, Unknown=0, NotChecked=0, Total=9120 [2022-11-03 02:48:10,443 INFO L87 Difference]: Start difference. First operand 2941 states and 3501 transitions. Second operand has 54 states, 47 states have (on average 4.127659574468085) internal successors, (194), 47 states have internal predecessors, (194), 28 states have call successors, (46), 15 states have call predecessors, (46), 22 states have return successors, (47), 23 states have call predecessors, (47), 28 states have call successors, (47) [2022-11-03 02:48:12,620 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:48:12,620 INFO L93 Difference]: Finished difference Result 3678 states and 4324 transitions. [2022-11-03 02:48:12,620 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 26 states. [2022-11-03 02:48:12,621 INFO L78 Accepts]: Start accepts. Automaton has has 54 states, 47 states have (on average 4.127659574468085) internal successors, (194), 47 states have internal predecessors, (194), 28 states have call successors, (46), 15 states have call predecessors, (46), 22 states have return successors, (47), 23 states have call predecessors, (47), 28 states have call successors, (47) Word has length 145 [2022-11-03 02:48:12,621 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:48:12,622 INFO L225 Difference]: With dead ends: 3678 [2022-11-03 02:48:12,622 INFO L226 Difference]: Without dead ends: 0 [2022-11-03 02:48:12,630 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 491 GetRequests, 367 SyntacticMatches, 8 SemanticMatches, 116 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 6414 ImplicationChecksByTransitivity, 15.0s TimeCoverageRelationStatistics Valid=1711, Invalid=12095, Unknown=0, NotChecked=0, Total=13806 [2022-11-03 02:48:12,631 INFO L413 NwaCegarLoop]: 86 mSDtfsCounter, 1641 mSDsluCounter, 848 mSDsCounter, 0 mSdLazyCounter, 1192 mSolverCounterSat, 905 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1644 SdHoareTripleChecker+Valid, 770 SdHoareTripleChecker+Invalid, 2097 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 905 IncrementalHoareTripleChecker+Valid, 1192 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.0s IncrementalHoareTripleChecker+Time [2022-11-03 02:48:12,631 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1644 Valid, 770 Invalid, 2097 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [905 Valid, 1192 Invalid, 0 Unknown, 0 Unchecked, 1.0s Time] [2022-11-03 02:48:12,632 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-03 02:48:12,632 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-03 02:48:12,632 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 02:48:12,632 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-03 02:48:12,633 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 145 [2022-11-03 02:48:12,633 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:48:12,633 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-03 02:48:12,634 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 54 states, 47 states have (on average 4.127659574468085) internal successors, (194), 47 states have internal predecessors, (194), 28 states have call successors, (46), 15 states have call predecessors, (46), 22 states have return successors, (47), 23 states have call predecessors, (47), 28 states have call successors, (47) [2022-11-03 02:48:12,634 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-03 02:48:12,634 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-03 02:48:12,637 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-03 02:48:12,673 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Forceful destruction successful, exit code 0 [2022-11-03 02:48:12,864 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 7 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable11 [2022-11-03 02:48:12,865 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-03 02:48:23,793 WARN L234 SmtUtils]: Spent 9.36s on a formula simplification. DAG size of input: 482 DAG size of output: 443 (called from [L 182] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.or) [2022-11-03 02:48:48,298 WARN L234 SmtUtils]: Spent 22.11s on a formula simplification. DAG size of input: 543 DAG size of output: 543 (called from [L 182] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.or) [2022-11-03 02:49:37,780 INFO L895 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 851 858) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse1 (not (= 1 ~systemActive~0)))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1 (= |old(~pumpRunning~0)| 0)) (or .cse0 .cse1 (not (= 2 ~waterLevel~0))))) [2022-11-03 02:49:37,780 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 851 858) no Hoare annotation was computed. [2022-11-03 02:49:37,780 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 766 772) no Hoare annotation was computed. [2022-11-03 02:49:37,780 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 766 772) the Hoare annotation is: true [2022-11-03 02:49:37,781 INFO L895 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 186 197) the Hoare annotation is: (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= ~waterLevel~0 2))) (.cse5 (< ~waterLevel~0 2)) (.cse0 (not (= ~waterLevel~0 1))) (.cse1 (not (= ~pumpRunning~0 0))) (.cse3 (= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)) (.cse6 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse1 .cse3 .cse4 .cse5 .cse6) (or .cse2 .cse3 .cse4 .cse5) (or .cse0 .cse1 .cse3 .cse6))) [2022-11-03 02:49:37,781 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 186 197) no Hoare annotation was computed. [2022-11-03 02:49:37,781 INFO L902 garLoopResultBuilder]: At program point isMethaneLevelCriticalENTRY(lines 198 206) the Hoare annotation is: true [2022-11-03 02:49:37,781 INFO L899 garLoopResultBuilder]: For program point isMethaneLevelCriticalEXIT(lines 198 206) no Hoare annotation was computed. [2022-11-03 02:49:37,782 INFO L895 garLoopResultBuilder]: At program point L271(line 271) the Hoare annotation is: (let ((.cse12 (= |old(~pumpRunning~0)| 0)) (.cse4 (= 0 ~systemActive~0))) (let ((.cse1 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (not .cse4)) (.cse8 (not (= |old(~waterLevel~0)| 1))) (.cse0 (not .cse12)) (.cse11 (= ~methaneLevelCritical~0 0)) (.cse6 (not (<= |old(~waterLevel~0)| 2))) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse10 (not (= 1 ~systemActive~0))) (.cse5 (< |old(~waterLevel~0)| 2)) (.cse2 (= ~pumpRunning~0 0)) (.cse9 (= ~waterLevel~0 1))) (and (or .cse0 (and .cse1 .cse2 .cse3 .cse4) .cse5 .cse6 .cse7) (or .cse0 .cse8 (and .cse1 .cse2 .cse4 .cse9) .cse7) (or .cse0 .cse8 .cse10 (and .cse2 .cse9)) (or .cse0 (and .cse2 .cse3) .cse11 .cse10 .cse6 (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 .cse10 .cse5 (not .cse11) .cse6 (and .cse3 (= ~pumpRunning~0 1))) (or .cse10 .cse5 .cse12 (and .cse2 (= |timeShift_processEnvironment_~tmp~7#1| 1) .cse9) (< 2 |old(~waterLevel~0)|))))) [2022-11-03 02:49:37,782 INFO L899 garLoopResultBuilder]: For program point L271-1(line 271) no Hoare annotation was computed. [2022-11-03 02:49:37,782 INFO L899 garLoopResultBuilder]: For program point L746-1(lines 745 764) no Hoare annotation was computed. [2022-11-03 02:49:37,782 INFO L899 garLoopResultBuilder]: For program point L808(lines 808 816) no Hoare annotation was computed. [2022-11-03 02:49:37,783 INFO L895 garLoopResultBuilder]: At program point L804(lines 804 821) the Hoare annotation is: (let ((.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse3 (not (= 1 ~systemActive~0))) (.cse4 (= ~pumpRunning~0 0)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2) (or .cse0 .cse1 .cse3 (and .cse4 (= ~waterLevel~0 1))) (or .cse3 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (or (and .cse4 (= |old(~waterLevel~0)| ~waterLevel~0)) (and (not .cse4) (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))))) (not (<= |old(~waterLevel~0)| 2)) (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 (not (= |old(~waterLevel~0)| 2)) .cse2))) [2022-11-03 02:49:37,783 INFO L899 garLoopResultBuilder]: For program point L277(lines 277 283) no Hoare annotation was computed. [2022-11-03 02:49:37,783 INFO L895 garLoopResultBuilder]: At program point L661(line 661) the Hoare annotation is: (let ((.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not (= 0 ~systemActive~0))) (.cse3 (not (= 1 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2) (or .cse0 .cse1 .cse3) (or .cse0 (not (= |old(~waterLevel~0)| 2)) .cse2) (or .cse3 (not (<= |old(~waterLevel~0)| 2)) (not (<= 2 |old(~waterLevel~0)|))))) [2022-11-03 02:49:37,784 INFO L895 garLoopResultBuilder]: At program point L273(lines 273 286) the Hoare annotation is: (let ((.cse5 (= |timeShift___utac_acc__Specification1_spec__1_~tmp~1#1| 0))) (let ((.cse1 (= |old(~pumpRunning~0)| 0)) (.cse10 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse13 (not .cse5)) (.cse16 (= ~methaneLevelCritical~0 0)) (.cse2 (= ~pumpRunning~0 0))) (let ((.cse4 (not (<= 2 |old(~waterLevel~0)|))) (.cse12 (not (= ~methaneLevelCritical~0 1))) (.cse11 (not (= |old(~waterLevel~0)| 1))) (.cse0 (not (= 1 ~systemActive~0))) (.cse3 (= ~waterLevel~0 1)) (.cse17 (let ((.cse18 (<= ~waterLevel~0 |old(~waterLevel~0)|))) (or (and (not (< 0 ~waterLevel~0)) .cse18) (and .cse2 .cse18)))) (.cse6 (not .cse16)) (.cse15 (and .cse2 .cse10 .cse13)) (.cse8 (not .cse1)) (.cse9 (< |old(~waterLevel~0)| 2)) (.cse7 (not (<= |old(~waterLevel~0)| 2))) (.cse14 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 (and .cse2 (= |timeShift_processEnvironment_~tmp~7#1| 1) .cse3) (< 2 |old(~waterLevel~0)|) .cse4) (or .cse5 .cse0 .cse6 (not (= |old(~pumpRunning~0)| 1)) .cse7 .cse4) (or .cse8 .cse0 .cse9 (and .cse5 .cse10 (= ~pumpRunning~0 1)) .cse6 .cse7) (or .cse8 .cse11 .cse0 .cse12 .cse13) (or .cse5 .cse8 .cse11 .cse6 .cse14) (or .cse8 .cse11 .cse12 .cse14 .cse13) (or .cse5 .cse8 .cse11 .cse0 .cse6) (or .cse8 .cse11 (and .cse2 .cse3) .cse14) (or .cse15 .cse8 .cse16 .cse0 .cse9 .cse7) (or .cse8 .cse11 .cse0 (and .cse17 .cse3)) (or .cse8 (and .cse5 .cse17 .cse10) .cse9 .cse6 .cse7 .cse14) (or .cse15 .cse8 .cse16 .cse9 .cse7 .cse14))))) [2022-11-03 02:49:37,784 INFO L895 garLoopResultBuilder]: At program point L273-1(lines 265 289) the Hoare annotation is: (let ((.cse0 (= |timeShift___utac_acc__Specification1_spec__1_~tmp~1#1| 0))) (let ((.cse11 (= |old(~pumpRunning~0)| 0)) (.cse17 (= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 0)) (.cse18 (not .cse0)) (.cse15 (= ~methaneLevelCritical~0 0))) (let ((.cse9 (not (= ~methaneLevelCritical~0 1))) (.cse7 (not (<= 2 |old(~waterLevel~0)|))) (.cse3 (not .cse15)) (.cse10 (and .cse17 .cse18)) (.cse8 (not (= |old(~waterLevel~0)| 1))) (.cse14 (= ~waterLevel~0 1)) (.cse6 (not (= 1 ~systemActive~0))) (.cse1 (not .cse11)) (.cse2 (< |old(~waterLevel~0)| 2)) (.cse16 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse13 (= ~pumpRunning~0 0)) (.cse12 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse0 .cse6 .cse3 (not (= |old(~pumpRunning~0)| 1)) .cse4 .cse7) (or .cse0 .cse1 .cse8 .cse3 .cse5) (or .cse1 .cse8 .cse6 .cse9 .cse10) (or .cse1 .cse8 .cse9 .cse10 .cse5) (or (and .cse0 .cse11 .cse12 (= ~pumpRunning~0 1)) .cse6 (and .cse1 .cse13 (= |timeShift_processEnvironment_~tmp~7#1| 1) .cse14 .cse5) (and .cse11 .cse3) .cse4 .cse7) (or .cse0 .cse1 .cse8 .cse6 .cse3) (or .cse1 .cse15 .cse2 .cse4 .cse10 .cse5) (or (and .cse13 .cse14 .cse5) .cse1 .cse8 .cse6) (or .cse1 .cse8 (and .cse16 .cse13 .cse14) .cse5) (or .cse1 .cse15 .cse6 .cse2 .cse4 (and .cse13 .cse17 .cse12 .cse18)) (or .cse1 .cse2 (and .cse16 .cse13 .cse12) .cse4 .cse5))))) [2022-11-03 02:49:37,784 INFO L895 garLoopResultBuilder]: At program point L814(line 814) the Hoare annotation is: (let ((.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not (= 0 ~systemActive~0))) (.cse3 (not (= 1 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2) (or .cse0 .cse1 .cse3) (or .cse0 (not (= |old(~waterLevel~0)| 2)) .cse2) (or .cse3 (not (<= |old(~waterLevel~0)| 2)) (not (<= 2 |old(~waterLevel~0)|))))) [2022-11-03 02:49:37,785 INFO L895 garLoopResultBuilder]: At program point L810(line 810) the Hoare annotation is: (let ((.cse2 (not (= |old(~waterLevel~0)| 1))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (not (= 0 ~systemActive~0)))) (and (or .cse0 (not (<= |old(~waterLevel~0)| 2)) (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (not (= ~pumpRunning~0 0)) (= |timeShift_processEnvironment_~tmp~7#1| 1) (= ~waterLevel~0 1)) (not (<= 2 |old(~waterLevel~0)|))) (or .cse1 .cse2 .cse3) (or .cse1 .cse2 .cse0) (or .cse1 (not (= |old(~waterLevel~0)| 2)) .cse3))) [2022-11-03 02:49:37,785 INFO L895 garLoopResultBuilder]: At program point L819(line 819) the Hoare annotation is: (let ((.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse3 (or (= ~pumpRunning~0 0) (not (< 0 ~waterLevel~0)))) (.cse4 (not (= 1 ~systemActive~0))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2) (or (and .cse3 (= ~waterLevel~0 1)) .cse0 .cse1 .cse4) (or (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse4 (< |old(~waterLevel~0)| 2) (not (<= |old(~waterLevel~0)| 2))) (or .cse0 (not (= |old(~waterLevel~0)| 2)) .cse2))) [2022-11-03 02:49:37,785 INFO L895 garLoopResultBuilder]: At program point L819-1(lines 800 824) the Hoare annotation is: (let ((.cse10 (= |old(~pumpRunning~0)| 0))) (let ((.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse7 (= ~methaneLevelCritical~0 0)) (.cse8 (not (<= |old(~waterLevel~0)| 2))) (.cse6 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse3 (not (= 1 ~systemActive~0))) (.cse9 (< |old(~waterLevel~0)| 2)) (.cse4 (= ~pumpRunning~0 0)) (.cse5 (= ~waterLevel~0 1)) (.cse0 (not .cse10)) (.cse2 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2) (or .cse0 .cse1 .cse3 (and .cse4 .cse5)) (or .cse0 (and .cse4 .cse6) .cse7 .cse3 .cse8 (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 .cse3 .cse9 (not .cse7) .cse8 (and .cse6 (= ~pumpRunning~0 1))) (or .cse3 .cse9 .cse10 (and .cse4 (= |timeShift_processEnvironment_~tmp~7#1| 1) .cse5) (< 2 |old(~waterLevel~0)|)) (or .cse0 (not (= |old(~waterLevel~0)| 2)) .cse2)))) [2022-11-03 02:49:37,786 INFO L899 garLoopResultBuilder]: For program point L753-1(lines 753 759) no Hoare annotation was computed. [2022-11-03 02:49:37,786 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 742 765) the Hoare annotation is: (let ((.cse6 (= ~pumpRunning~0 0))) (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse4 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse3 (and .cse6 (= ~waterLevel~0 1))) (.cse7 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse2 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse4) .cse5 (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 (and .cse6 .cse4) (< |old(~waterLevel~0)| 2) .cse5 .cse7) (or .cse0 .cse1 .cse3 .cse7)))) [2022-11-03 02:49:37,786 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 742 765) no Hoare annotation was computed. [2022-11-03 02:49:37,786 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 661) no Hoare annotation was computed. [2022-11-03 02:49:37,787 INFO L902 garLoopResultBuilder]: At program point L66-1(lines 66 70) the Hoare annotation is: true [2022-11-03 02:49:37,787 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 52 81) no Hoare annotation was computed. [2022-11-03 02:49:37,787 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 52 81) the Hoare annotation is: true [2022-11-03 02:49:37,787 INFO L902 garLoopResultBuilder]: At program point L62-2(lines 62 76) the Hoare annotation is: true [2022-11-03 02:49:37,787 INFO L902 garLoopResultBuilder]: At program point L58(line 58) the Hoare annotation is: true [2022-11-03 02:49:37,787 INFO L899 garLoopResultBuilder]: For program point L58-1(line 58) no Hoare annotation was computed. [2022-11-03 02:49:37,788 INFO L902 garLoopResultBuilder]: At program point L77(lines 52 81) the Hoare annotation is: true [2022-11-03 02:49:37,788 INFO L899 garLoopResultBuilder]: For program point L73(line 73) no Hoare annotation was computed. [2022-11-03 02:49:37,788 INFO L899 garLoopResultBuilder]: For program point L66(lines 66 70) no Hoare annotation was computed. [2022-11-03 02:49:37,788 INFO L895 garLoopResultBuilder]: At program point L700(line 700) the Hoare annotation is: (let ((.cse3 (= 0 ~systemActive~0))) (let ((.cse5 (= 1 ~systemActive~0)) (.cse4 (= ~waterLevel~0 1)) (.cse6 (not .cse3)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse1 (<= 2 ~waterLevel~0) .cse5 .cse2 (<= ~waterLevel~0 2) .cse6) (and .cse0 .cse1 .cse5 .cse2 .cse4 .cse6) (and .cse0 (= 2 ~waterLevel~0) .cse1 .cse2 .cse3)))) [2022-11-03 02:49:37,788 INFO L895 garLoopResultBuilder]: At program point L725(lines 678 727) the Hoare annotation is: (let ((.cse6 (= 1 ~systemActive~0)) (.cse4 (= ~waterLevel~0 1)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse5 (<= 2 ~waterLevel~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse7 (<= ~waterLevel~0 2)) (.cse3 (= 0 ~systemActive~0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse1 .cse5 .cse6 .cse2 .cse7 (let ((.cse8 (= ~methaneLevelCritical~0 0))) (or (and .cse0 (not .cse8)) (and .cse8 (= ~pumpRunning~0 1))))) (and .cse0 .cse1 .cse6 .cse2 .cse4) (and .cse0 .cse1 .cse5 .cse2 .cse7 .cse3))) [2022-11-03 02:49:37,789 INFO L899 garLoopResultBuilder]: For program point L688(lines 688 694) no Hoare annotation was computed. [2022-11-03 02:49:37,789 INFO L899 garLoopResultBuilder]: For program point L688-1(lines 688 694) no Hoare annotation was computed. [2022-11-03 02:49:37,789 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-03 02:49:37,789 INFO L899 garLoopResultBuilder]: For program point L957(lines 957 963) no Hoare annotation was computed. [2022-11-03 02:49:37,789 INFO L895 garLoopResultBuilder]: At program point L957-1(lines 957 963) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1 .cse2) (and (or (and .cse0 .cse1 .cse2 (= 0 ~systemActive~0)) (and .cse0 .cse1 (= 1 ~systemActive~0) .cse2)) (= ~waterLevel~0 1)))) [2022-11-03 02:49:37,790 INFO L895 garLoopResultBuilder]: At program point L140(lines 140 147) the Hoare annotation is: (let ((.cse2 (select |#memory_int| 22)) (.cse7 (select |#memory_int| 7)) (.cse10 (select |#memory_int| 28)) (.cse1 (select |#memory_int| 5)) (.cse8 (select |#memory_int| 24)) (.cse4 (select |#memory_int| 26)) (.cse6 (select |#memory_int| 23)) (.cse5 (select |#memory_int| 6)) (.cse3 (select |#memory_int| 27)) (.cse11 (select |#memory_int| 1)) (.cse0 (select |#memory_int| 8)) (.cse9 (select |#memory_int| 25))) (and (= (select .cse0 1) 0) (= 1 (select |#valid| 5)) (= (select |#length| 3) 12) (= (select |#valid| 15) 1) (= 104 (select .cse1 4)) (= (select .cse2 0) 79) (= 21 (select |#length| 11)) (= ~pumpRunning~0 0) (= (select |#length| 6) 5) (= (select |#valid| 26) 1) (= (select .cse3 2) 0) (= (select .cse4 3) 0) (= 116 (select .cse1 3)) (= 9 (select |#length| 16)) (= (select |#length| 20) 25) (= (select |#valid| 9) 1) (= (select |#length| 4) 13) (= (select |#length| 28) 2) (= (select .cse5 0) 67) (= (select |#length| 15) 30) (= (select |#valid| 11) 1) (= (select |#valid| 27) 1) (= ~methaneLevelCritical~0 0) (= (select |#length| 22) 3) (= 4 (select |#length| 26)) (= 102 (select .cse6 1)) (= 31 (select |#length| 2)) (= ~head~0.offset 0) (= |ULTIMATE.start_main_~tmp~0#1| 1) (= 30 (select |#length| 12)) (= (select .cse1 6) 0) (= (select |#length| 21) 13) (= (select |#length| 27) 3) (= 2 (select |#length| 1)) (= 1 |ULTIMATE.start_valid_product_~retValue_acc~13#1|) (= 41 (select .cse3 0)) (= (select |#valid| 3) 1) (= (select |#valid| 7) 1) (= (select .cse5 2) 73) (= (select |#valid| 18) 1) (= (select |#valid| 22) 1) (= (select .cse7 0) 79) (= (select .cse7 1) 75) (= 117 (select .cse8 2)) (= 1 ~systemActive~0) (= (select |#valid| 24) 1) (= (select |#length| 8) 2) (= 3 (select |#length| 25)) (= (select |#valid| 12) 1) (= (select |#length| 19) 9) (= 77 (select .cse1 1)) (= (select .cse9 1) 110) (= (select |#valid| 28) 1) (= (select .cse9 2) 0) (= 7 (select |#length| 5)) (= 102 (select .cse6 2)) (= (select .cse10 1) 0) (= (select |#valid| 4) 1) (= 9 (select |#length| 13)) (= (select .cse2 2) 0) (= (select |#valid| 1) 1) (= (select |#valid| 20) 1) (= 101 (select .cse1 2)) (= (select |#valid| 21) 1) (= 7 (select |#length| 24)) (= 58 (select .cse8 5)) (= (select .cse8 1) 80) (= (select .cse4 2) 102) (= (select .cse8 6) 0) (= (select .cse1 0) 44) (= (select |#length| 17) 25) (= (select |#valid| 14) 1) (= 109 (select .cse8 3)) (= 110 (select .cse2 1)) (= (select |#valid| 0) 0) (= 79 (select .cse4 0)) (= (select .cse7 2) 0) (= (select .cse10 0) 10) (= (select |#valid| 25) 1) (= ~head~0.base 0) (= 112 (select .cse8 4)) (= (select .cse6 3) 0) (= (select |#valid| 2) 1) (= 58 (select .cse1 5)) (= |#NULL.offset| 0) (= 44 (select .cse8 0)) (= ~waterLevel~0 1) (= 84 (select .cse5 3)) (= (select .cse4 1) 102) (= (select .cse11 0) 48) (= (select |#valid| 23) 1) (= 82 (select .cse5 1)) (= 4 (select |#length| 23)) (= (select .cse6 0) 79) (= (select .cse5 4) 0) (= 30 (select |#length| 9)) (= (select .cse3 1) 32) (= (select |#valid| 19) 1) (= |ULTIMATE.start_valid_product_#res#1| |ULTIMATE.start_valid_product_~retValue_acc~13#1|) (= (select |#valid| 16) 1) (= 3 (select |#length| 7)) (= (select |#valid| 6) 1) (= 30 (select |#length| 18)) (= (select .cse11 1) 0) (= (select |#valid| 17) 1) (= (select |#valid| 10) 1) (= (select |#valid| 8) 1) (= 41 (select .cse0 0)) (= (select |#valid| 13) 1) (< 0 |#StackHeapBarrier|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0) (= 9 (select |#length| 10)) (= 21 (select |#length| 14)) (= (select .cse9 0) 79))) [2022-11-03 02:49:37,791 INFO L902 garLoopResultBuilder]: At program point L140-2(lines 140 147) the Hoare annotation is: true [2022-11-03 02:49:37,791 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-03 02:49:37,791 INFO L902 garLoopResultBuilder]: At program point L731(lines 668 735) the Hoare annotation is: true [2022-11-03 02:49:37,791 INFO L899 garLoopResultBuilder]: For program point L698(lines 698 704) no Hoare annotation was computed. [2022-11-03 02:49:37,791 INFO L899 garLoopResultBuilder]: For program point L698-1(lines 698 704) no Hoare annotation was computed. [2022-11-03 02:49:37,792 INFO L895 garLoopResultBuilder]: At program point L690(line 690) the Hoare annotation is: (let ((.cse5 (= 1 ~systemActive~0)) (.cse4 (= ~waterLevel~0 1)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (= 0 ~systemActive~0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse1 (<= 2 ~waterLevel~0) .cse5 .cse2 (<= ~waterLevel~0 2) (let ((.cse6 (= ~methaneLevelCritical~0 0))) (or (and .cse0 (not .cse6)) (and .cse6 (= ~pumpRunning~0 1))))) (and .cse0 .cse1 .cse5 .cse2 .cse4) (and .cse0 (= 2 ~waterLevel~0) .cse1 .cse2 .cse3))) [2022-11-03 02:49:37,792 INFO L895 garLoopResultBuilder]: At program point L959(line 959) the Hoare annotation is: (let ((.cse0 (not (= ~pumpRunning~0 0)))) (and (or (< 1 |old(~waterLevel~0)|) .cse0) (= |ULTIMATE.start_main_~tmp~0#1| 1) (<= 2 ~waterLevel~0) (= 1 ~systemActive~0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0) (<= ~waterLevel~0 2) (or .cse0 (= ~methaneLevelCritical~0 0) (not (= |isMethaneLevelCritical_#res| 0))))) [2022-11-03 02:49:37,792 INFO L895 garLoopResultBuilder]: At program point L728(lines 677 729) the Hoare annotation is: false [2022-11-03 02:49:37,792 INFO L899 garLoopResultBuilder]: For program point L716(lines 716 722) no Hoare annotation was computed. [2022-11-03 02:49:37,792 INFO L895 garLoopResultBuilder]: At program point L716-2(lines 708 723) the Hoare annotation is: (let ((.cse5 (= 1 ~systemActive~0)) (.cse4 (= ~waterLevel~0 1)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (= 0 ~systemActive~0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and (= 2 ~waterLevel~0) .cse1 .cse5 .cse2) (and .cse0 .cse1 .cse5 .cse2 .cse4) (and .cse0 .cse1 (<= 2 ~waterLevel~0) .cse2 (<= ~waterLevel~0 2) .cse3))) [2022-11-03 02:49:37,793 INFO L899 garLoopResultBuilder]: For program point L679(lines 678 727) no Hoare annotation was computed. [2022-11-03 02:49:37,793 INFO L895 garLoopResultBuilder]: At program point L708(lines 708 723) the Hoare annotation is: (let ((.cse5 (= 1 ~systemActive~0)) (.cse4 (= ~waterLevel~0 1)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (= 0 ~systemActive~0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and (= 2 ~waterLevel~0) .cse1 .cse5 .cse2) (and .cse0 .cse1 .cse5 .cse2 .cse4) (and .cse0 .cse1 (<= 2 ~waterLevel~0) .cse2 (<= ~waterLevel~0 2) .cse3))) [2022-11-03 02:49:37,793 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 774 798) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= 1 ~systemActive~0)))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2) (or .cse0 .cse1 .cse2 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2)))) [2022-11-03 02:49:37,793 INFO L895 garLoopResultBuilder]: At program point L793(line 793) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1) (or .cse0 .cse1 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2)))) [2022-11-03 02:49:37,793 INFO L899 garLoopResultBuilder]: For program point L793-1(lines 774 798) no Hoare annotation was computed. [2022-11-03 02:49:37,794 INFO L895 garLoopResultBuilder]: At program point L864(line 864) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1) (or .cse0 .cse1 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~6#1| 1))))) [2022-11-03 02:49:37,794 INFO L895 garLoopResultBuilder]: At program point L864-1(line 864) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1) (or .cse0 .cse1 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~6#1| 1) (= |processEnvironment__wrappee__highWaterSensor_isMethaneAlarm_#t~ret42#1| ~methaneLevelCritical~0))))) [2022-11-03 02:49:37,794 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 774 798) no Hoare annotation was computed. [2022-11-03 02:49:37,794 INFO L895 garLoopResultBuilder]: At program point L788(line 788) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~6#1| 0)) (not (= ~waterLevel~0 1)) .cse0 .cse1) (or .cse0 .cse1 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2)))) [2022-11-03 02:49:37,794 INFO L899 garLoopResultBuilder]: For program point L782(lines 782 790) no Hoare annotation was computed. [2022-11-03 02:49:37,795 INFO L895 garLoopResultBuilder]: At program point L778(lines 778 795) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= 1 ~systemActive~0)))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2) (or .cse0 .cse1 .cse2 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2)))) [2022-11-03 02:49:37,795 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 174 185) no Hoare annotation was computed. [2022-11-03 02:49:37,795 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 174 185) the Hoare annotation is: (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse3 (= ~waterLevel~0 1)) (.cse0 (not (= ~pumpRunning~0 0))) (.cse5 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse6 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or (let ((.cse4 (= ~methaneLevelCritical~0 0))) (and (or .cse0 .cse4) (or (not .cse4) (not (= ~pumpRunning~0 1))))) .cse2 .cse5 (not (<= |old(~waterLevel~0)| 2)) (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 .cse1 .cse3 .cse6) (or .cse0 (not (= |old(~waterLevel~0)| 2)) .cse5 .cse6))) [2022-11-03 02:49:37,798 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:49:37,801 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-03 02:49:37,843 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 03.11 02:49:37 BoogieIcfgContainer [2022-11-03 02:49:37,844 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-03 02:49:37,844 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-03 02:49:37,844 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-03 02:49:37,845 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-03 02:49:37,845 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 02:44:48" (3/4) ... [2022-11-03 02:49:37,848 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-03 02:49:37,854 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-11-03 02:49:37,854 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-03 02:49:37,854 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-03 02:49:37,854 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2022-11-03 02:49:37,854 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-03 02:49:37,855 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-03 02:49:37,855 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 02:49:37,855 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-03 02:49:37,862 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 77 nodes and edges [2022-11-03 02:49:37,863 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 28 nodes and edges [2022-11-03 02:49:37,863 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 13 nodes and edges [2022-11-03 02:49:37,864 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-03 02:49:37,864 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-11-03 02:49:37,865 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 02:49:37,865 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 02:49:37,902 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((unknown-#memory_int-unknown[8][1] == 0 && 1 == \valid[5]) && unknown-#length-unknown[3] == 12) && \valid[15] == 1) && 104 == unknown-#memory_int-unknown[5][4]) && unknown-#memory_int-unknown[22][0] == 79) && 21 == unknown-#length-unknown[11]) && pumpRunning == 0) && unknown-#length-unknown[6] == 5) && \valid[26] == 1) && unknown-#memory_int-unknown[27][2] == 0) && unknown-#memory_int-unknown[26][3] == 0) && 116 == unknown-#memory_int-unknown[5][3]) && 9 == unknown-#length-unknown[16]) && unknown-#length-unknown[20] == 25) && \valid[9] == 1) && unknown-#length-unknown[4] == 13) && unknown-#length-unknown[28] == 2) && unknown-#memory_int-unknown[6][0] == 67) && unknown-#length-unknown[15] == 30) && \valid[11] == 1) && \valid[27] == 1) && methaneLevelCritical == 0) && unknown-#length-unknown[22] == 3) && 4 == unknown-#length-unknown[26]) && 102 == unknown-#memory_int-unknown[23][1]) && 31 == unknown-#length-unknown[2]) && head == 0) && tmp == 1) && 30 == unknown-#length-unknown[12]) && unknown-#memory_int-unknown[5][6] == 0) && unknown-#length-unknown[21] == 13) && unknown-#length-unknown[27] == 3) && 2 == unknown-#length-unknown[1]) && 1 == retValue_acc) && 41 == unknown-#memory_int-unknown[27][0]) && \valid[3] == 1) && \valid[7] == 1) && unknown-#memory_int-unknown[6][2] == 73) && \valid[18] == 1) && \valid[22] == 1) && unknown-#memory_int-unknown[7][0] == 79) && unknown-#memory_int-unknown[7][1] == 75) && 117 == unknown-#memory_int-unknown[24][2]) && 1 == systemActive) && \valid[24] == 1) && unknown-#length-unknown[8] == 2) && 3 == unknown-#length-unknown[25]) && \valid[12] == 1) && unknown-#length-unknown[19] == 9) && 77 == unknown-#memory_int-unknown[5][1]) && unknown-#memory_int-unknown[25][1] == 110) && \valid[28] == 1) && unknown-#memory_int-unknown[25][2] == 0) && 7 == unknown-#length-unknown[5]) && 102 == unknown-#memory_int-unknown[23][2]) && unknown-#memory_int-unknown[28][1] == 0) && \valid[4] == 1) && 9 == unknown-#length-unknown[13]) && unknown-#memory_int-unknown[22][2] == 0) && \valid[1] == 1) && \valid[20] == 1) && 101 == unknown-#memory_int-unknown[5][2]) && \valid[21] == 1) && 7 == unknown-#length-unknown[24]) && 58 == unknown-#memory_int-unknown[24][5]) && unknown-#memory_int-unknown[24][1] == 80) && unknown-#memory_int-unknown[26][2] == 102) && unknown-#memory_int-unknown[24][6] == 0) && unknown-#memory_int-unknown[5][0] == 44) && unknown-#length-unknown[17] == 25) && \valid[14] == 1) && 109 == unknown-#memory_int-unknown[24][3]) && 110 == unknown-#memory_int-unknown[22][1]) && \valid[0] == 0) && 79 == unknown-#memory_int-unknown[26][0]) && unknown-#memory_int-unknown[7][2] == 0) && unknown-#memory_int-unknown[28][0] == 10) && \valid[25] == 1) && head == 0) && 112 == unknown-#memory_int-unknown[24][4]) && unknown-#memory_int-unknown[23][3] == 0) && \valid[2] == 1) && 58 == unknown-#memory_int-unknown[5][5]) && #NULL == 0) && 44 == unknown-#memory_int-unknown[24][0]) && waterLevel == 1) && 84 == unknown-#memory_int-unknown[6][3]) && unknown-#memory_int-unknown[26][1] == 102) && unknown-#memory_int-unknown[1][0] == 48) && \valid[23] == 1) && 82 == unknown-#memory_int-unknown[6][1]) && 4 == unknown-#length-unknown[23]) && unknown-#memory_int-unknown[23][0] == 79) && unknown-#memory_int-unknown[6][4] == 0) && 30 == unknown-#length-unknown[9]) && unknown-#memory_int-unknown[27][1] == 32) && \valid[19] == 1) && \result == retValue_acc) && \valid[16] == 1) && 3 == unknown-#length-unknown[7]) && \valid[6] == 1) && 30 == unknown-#length-unknown[18]) && unknown-#memory_int-unknown[1][1] == 0) && \valid[17] == 1) && \valid[10] == 1) && \valid[8] == 1) && 41 == unknown-#memory_int-unknown[8][0]) && \valid[13] == 1) && 0 < unknown-#StackHeapBarrier-unknown) && cleanupTimeShifts == 4) && #NULL == 0) && 9 == unknown-#length-unknown[10]) && 21 == unknown-#length-unknown[14]) && unknown-#memory_int-unknown[25][0] == 79 [2022-11-03 02:49:37,903 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1)) && (((!(1 == systemActive) || (pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || \old(waterLevel) < 2) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || !(0 == systemActive)) [2022-11-03 02:49:37,904 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(0 == systemActive)) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1))) && (((!(1 == systemActive) || (pumpRunning == \old(pumpRunning) && ((pumpRunning == 0 && \old(waterLevel) == waterLevel) || (!(pumpRunning == 0) && \old(waterLevel) == waterLevel + 1)))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) || !(0 == systemActive)) [2022-11-03 02:49:37,904 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(0 == systemActive)) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1))) && (((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || methaneLevelCritical == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || \old(waterLevel) < 2) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1))) && ((((!(1 == systemActive) || \old(waterLevel) < 2) || \old(pumpRunning) == 0) || ((pumpRunning == 0 && tmp == 1) && waterLevel == 1)) || 2 < \old(waterLevel))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) || !(0 == systemActive)) [2022-11-03 02:49:37,904 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(1 == systemActive)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || waterLevel < 2) [2022-11-03 02:49:37,905 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((!(1 == systemActive) || \old(pumpRunning) == 0) || ((pumpRunning == 0 && tmp == 1) && waterLevel == 1)) || 2 < \old(waterLevel)) || !(2 <= \old(waterLevel))) && (((((tmp == 0 || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || \old(waterLevel) < 2) || ((tmp == 0 && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(tmp == 0))) && ((((tmp == 0 || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 1)) || !(0 == systemActive)) || !(tmp == 0))) && ((((tmp == 0 || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || !(0 == systemActive))) && (((((((pumpRunning == 0 && \old(waterLevel) == waterLevel) && !(tmp == 0)) || !(\old(pumpRunning) == 0)) || methaneLevelCritical == 0) || !(1 == systemActive)) || \old(waterLevel) < 2) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((!(0 < waterLevel) && waterLevel <= \old(waterLevel)) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && waterLevel == 1))) && (((((!(\old(pumpRunning) == 0) || ((tmp == 0 && ((!(0 < waterLevel) && waterLevel <= \old(waterLevel)) || (pumpRunning == 0 && waterLevel <= \old(waterLevel)))) && \old(waterLevel) == waterLevel)) || \old(waterLevel) < 2) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((((((pumpRunning == 0 && \old(waterLevel) == waterLevel) && !(tmp == 0)) || !(\old(pumpRunning) == 0)) || methaneLevelCritical == 0) || \old(waterLevel) < 2) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) [2022-11-03 02:49:37,905 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((((((tmp == 0 || !(\old(pumpRunning) == 0)) || \old(waterLevel) < 2) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && (((((tmp == 0 || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((tmp == 0 || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || (tmp___0 == 0 && !(tmp == 0)))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 1)) || (tmp___0 == 0 && !(tmp == 0))) || !(0 == systemActive))) && ((((((((tmp == 0 && \old(pumpRunning) == 0) && \old(waterLevel) == waterLevel) && pumpRunning == 1) || !(1 == systemActive)) || ((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && tmp == 1) && waterLevel == 1) && !(0 == systemActive))) || (\old(pumpRunning) == 0 && !(methaneLevelCritical == 0))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((tmp == 0 || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) || \old(waterLevel) < 2) || !(\old(waterLevel) <= 2)) || (tmp___0 == 0 && !(tmp == 0))) || !(0 == systemActive))) && (((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && waterLevel == 1)) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) || !(1 == systemActive)) || \old(waterLevel) < 2) || !(\old(waterLevel) <= 2)) || (((pumpRunning == 0 && tmp___0 == 0) && \old(waterLevel) == waterLevel) && !(tmp == 0)))) && ((((!(\old(pumpRunning) == 0) || \old(waterLevel) < 2) || ((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) [2022-11-03 02:49:37,905 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || waterLevel < 2) || ((pumpRunning == 0 && tmp == 1) && aux-isMethaneLevelCritical()-aux == methaneLevelCritical)) [2022-11-03 02:49:37,908 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(0 == systemActive)) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) || !(0 == systemActive))) && ((!(1 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-11-03 02:49:37,955 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/witness.graphml [2022-11-03 02:49:37,958 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-03 02:49:37,959 INFO L158 Benchmark]: Toolchain (without parser) took 290767.70ms. Allocated memory was 111.1MB in the beginning and 1.2GB in the end (delta: 1.1GB). Free memory was 75.6MB in the beginning and 449.0MB in the end (delta: -373.4MB). Peak memory consumption was 743.7MB. Max. memory is 16.1GB. [2022-11-03 02:49:37,960 INFO L158 Benchmark]: CDTParser took 0.31ms. Allocated memory is still 111.1MB. Free memory is still 93.0MB. There was no memory consumed. Max. memory is 16.1GB. [2022-11-03 02:49:37,960 INFO L158 Benchmark]: CACSL2BoogieTranslator took 497.89ms. Allocated memory is still 111.1MB. Free memory was 75.4MB in the beginning and 79.7MB in the end (delta: -4.3MB). Peak memory consumption was 12.6MB. Max. memory is 16.1GB. [2022-11-03 02:49:37,961 INFO L158 Benchmark]: Boogie Procedure Inliner took 75.77ms. Allocated memory is still 111.1MB. Free memory was 79.7MB in the beginning and 77.3MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-03 02:49:37,961 INFO L158 Benchmark]: Boogie Preprocessor took 60.09ms. Allocated memory is still 111.1MB. Free memory was 77.3MB in the beginning and 75.4MB in the end (delta: 1.9MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-03 02:49:37,962 INFO L158 Benchmark]: RCFGBuilder took 781.32ms. Allocated memory is still 111.1MB. Free memory was 75.4MB in the beginning and 87.6MB in the end (delta: -12.1MB). Peak memory consumption was 36.7MB. Max. memory is 16.1GB. [2022-11-03 02:49:37,962 INFO L158 Benchmark]: TraceAbstraction took 289230.58ms. Allocated memory was 111.1MB in the beginning and 1.2GB in the end (delta: 1.1GB). Free memory was 87.0MB in the beginning and 455.3MB in the end (delta: -368.3MB). Peak memory consumption was 772.5MB. Max. memory is 16.1GB. [2022-11-03 02:49:37,963 INFO L158 Benchmark]: Witness Printer took 114.29ms. Allocated memory is still 1.2GB. Free memory was 455.3MB in the beginning and 449.0MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-03 02:49:37,968 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.31ms. Allocated memory is still 111.1MB. Free memory is still 93.0MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 497.89ms. Allocated memory is still 111.1MB. Free memory was 75.4MB in the beginning and 79.7MB in the end (delta: -4.3MB). Peak memory consumption was 12.6MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 75.77ms. Allocated memory is still 111.1MB. Free memory was 79.7MB in the beginning and 77.3MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 60.09ms. Allocated memory is still 111.1MB. Free memory was 77.3MB in the beginning and 75.4MB in the end (delta: 1.9MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 781.32ms. Allocated memory is still 111.1MB. Free memory was 75.4MB in the beginning and 87.6MB in the end (delta: -12.1MB). Peak memory consumption was 36.7MB. Max. memory is 16.1GB. * TraceAbstraction took 289230.58ms. Allocated memory was 111.1MB in the beginning and 1.2GB in the end (delta: 1.1GB). Free memory was 87.0MB in the beginning and 455.3MB in the end (delta: -368.3MB). Peak memory consumption was 772.5MB. Max. memory is 16.1GB. * Witness Printer took 114.29ms. Allocated memory is still 1.2GB. Free memory was 455.3MB in the beginning and 449.0MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 661]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 65 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 289.1s, OverallIterations: 12, TraceHistogramMax: 7, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 34.4s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 84.9s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 7261 SdHoareTripleChecker+Valid, 10.8s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 7219 mSDsluCounter, 5318 SdHoareTripleChecker+Invalid, 9.1s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 5377 mSDsCounter, 4353 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 10123 IncrementalHoareTripleChecker+Invalid, 14476 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 4353 mSolverCounterUnsat, 926 mSDtfsCounter, 10123 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 1878 GetRequests, 1210 SyntacticMatches, 66 SemanticMatches, 602 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 29048 ImplicationChecksByTransitivity, 140.9s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=2941occurred in iteration=11, InterpolantAutomatonStates: 303, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 2.4s AutomataMinimizationTime, 12 MinimizatonAttempts, 2538 StatesRemovedByMinimization, 9 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 38 LocationsWithAnnotation, 5709 PreInvPairs, 6340 NumberOfFragments, 2832 HoareAnnotationTreeSize, 5709 FomulaSimplifications, 42097 FormulaSimplificationTreeSizeReduction, 36.7s HoareSimplificationTime, 38 FomulaSimplificationsInter, 1252826 FormulaSimplificationTreeSizeReductionInter, 47.9s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.6s SatisfiabilityAnalysisTime, 12.4s InterpolantComputationTime, 1151 NumberOfCodeBlocks, 1151 NumberOfCodeBlocksAsserted, 18 NumberOfCheckSat, 1618 ConstructedInterpolants, 0 QuantifiedInterpolants, 8001 SizeOfPredicates, 76 NumberOfNonLiveVariables, 2922 ConjunctsInSsa, 221 ConjunctsInUnsatCore, 24 InterpolantComputations, 6 PerfectInterpolantSequences, 871/1427 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: OVERALL_TIME: 6.6s, ICFG_INTERPRETER_ENTERED_PROCEDURES: 4, DAG_INTERPRETER_EARLY_EXIT_QUERIES_NONTRIVIAL: 24, DAG_INTERPRETER_EARLY_EXITS: 3, TOOLS_POST_APPLICATIONS: 23, TOOLS_POST_TIME: 2.3s, TOOLS_POST_CALL_APPLICATIONS: 9, TOOLS_POST_CALL_TIME: 2.8s, TOOLS_POST_RETURN_APPLICATIONS: 6, TOOLS_POST_RETURN_TIME: 0.8s, TOOLS_QUANTIFIERELIM_APPLICATIONS: 38, TOOLS_QUANTIFIERELIM_TIME: 5.9s, TOOLS_QUANTIFIERELIM_MAX_TIME: 1.9s, FLUID_QUERY_TIME: 0.0s, FLUID_QUERIES: 62, FLUID_YES_ANSWERS: 0, DOMAIN_JOIN_APPLICATIONS: 3, DOMAIN_JOIN_TIME: 0.3s, DOMAIN_ALPHA_APPLICATIONS: 0, DOMAIN_ALPHA_TIME: 0.0s, DOMAIN_WIDEN_APPLICATIONS: 0, DOMAIN_WIDEN_TIME: 0.0s, DOMAIN_ISSUBSETEQ_APPLICATIONS: 0, DOMAIN_ISSUBSETEQ_TIME: 0.0s, DOMAIN_ISBOTTOM_APPLICATIONS: 24, DOMAIN_ISBOTTOM_TIME: 0.2s, LOOP_SUMMARIZER_APPLICATIONS: 0, LOOP_SUMMARIZER_CACHE_MISSES: 0, LOOP_SUMMARIZER_OVERALL_TIME: 0.0s, LOOP_SUMMARIZER_NEW_COMPUTATION_TIME: 0.0s, LOOP_SUMMARIZER_FIXPOINT_ITERATIONS: 0, CALL_SUMMARIZER_APPLICATIONS: 6, CALL_SUMMARIZER_CACHE_MISSES: 3, CALL_SUMMARIZER_OVERALL_TIME: 0.1s, CALL_SUMMARIZER_NEW_COMPUTATION_TIME: 0.1s, PROCEDURE_GRAPH_BUILDER_TIME: 0.0s, PATH_EXPR_TIME: 0.0s, REGEX_TO_DAG_TIME: 0.0s, DAG_COMPRESSION_TIME: 0.0s, DAG_COMPRESSION_PROCESSED_NODES: 286, DAG_COMPRESSION_RETAINED_NODES: 94, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 52]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 140]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 661]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(0 == systemActive)) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) || !(0 == systemActive))) && ((!(1 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 140]: Loop Invariant Derived loop invariant: (((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((unknown-#memory_int-unknown[8][1] == 0 && 1 == \valid[5]) && unknown-#length-unknown[3] == 12) && \valid[15] == 1) && 104 == unknown-#memory_int-unknown[5][4]) && unknown-#memory_int-unknown[22][0] == 79) && 21 == unknown-#length-unknown[11]) && pumpRunning == 0) && unknown-#length-unknown[6] == 5) && \valid[26] == 1) && unknown-#memory_int-unknown[27][2] == 0) && unknown-#memory_int-unknown[26][3] == 0) && 116 == unknown-#memory_int-unknown[5][3]) && 9 == unknown-#length-unknown[16]) && unknown-#length-unknown[20] == 25) && \valid[9] == 1) && unknown-#length-unknown[4] == 13) && unknown-#length-unknown[28] == 2) && unknown-#memory_int-unknown[6][0] == 67) && unknown-#length-unknown[15] == 30) && \valid[11] == 1) && \valid[27] == 1) && methaneLevelCritical == 0) && unknown-#length-unknown[22] == 3) && 4 == unknown-#length-unknown[26]) && 102 == unknown-#memory_int-unknown[23][1]) && 31 == unknown-#length-unknown[2]) && head == 0) && tmp == 1) && 30 == unknown-#length-unknown[12]) && unknown-#memory_int-unknown[5][6] == 0) && unknown-#length-unknown[21] == 13) && unknown-#length-unknown[27] == 3) && 2 == unknown-#length-unknown[1]) && 1 == retValue_acc) && 41 == unknown-#memory_int-unknown[27][0]) && \valid[3] == 1) && \valid[7] == 1) && unknown-#memory_int-unknown[6][2] == 73) && \valid[18] == 1) && \valid[22] == 1) && unknown-#memory_int-unknown[7][0] == 79) && unknown-#memory_int-unknown[7][1] == 75) && 117 == unknown-#memory_int-unknown[24][2]) && 1 == systemActive) && \valid[24] == 1) && unknown-#length-unknown[8] == 2) && 3 == unknown-#length-unknown[25]) && \valid[12] == 1) && unknown-#length-unknown[19] == 9) && 77 == unknown-#memory_int-unknown[5][1]) && unknown-#memory_int-unknown[25][1] == 110) && \valid[28] == 1) && unknown-#memory_int-unknown[25][2] == 0) && 7 == unknown-#length-unknown[5]) && 102 == unknown-#memory_int-unknown[23][2]) && unknown-#memory_int-unknown[28][1] == 0) && \valid[4] == 1) && 9 == unknown-#length-unknown[13]) && unknown-#memory_int-unknown[22][2] == 0) && \valid[1] == 1) && \valid[20] == 1) && 101 == unknown-#memory_int-unknown[5][2]) && \valid[21] == 1) && 7 == unknown-#length-unknown[24]) && 58 == unknown-#memory_int-unknown[24][5]) && unknown-#memory_int-unknown[24][1] == 80) && unknown-#memory_int-unknown[26][2] == 102) && unknown-#memory_int-unknown[24][6] == 0) && unknown-#memory_int-unknown[5][0] == 44) && unknown-#length-unknown[17] == 25) && \valid[14] == 1) && 109 == unknown-#memory_int-unknown[24][3]) && 110 == unknown-#memory_int-unknown[22][1]) && \valid[0] == 0) && 79 == unknown-#memory_int-unknown[26][0]) && unknown-#memory_int-unknown[7][2] == 0) && unknown-#memory_int-unknown[28][0] == 10) && \valid[25] == 1) && head == 0) && 112 == unknown-#memory_int-unknown[24][4]) && unknown-#memory_int-unknown[23][3] == 0) && \valid[2] == 1) && 58 == unknown-#memory_int-unknown[5][5]) && #NULL == 0) && 44 == unknown-#memory_int-unknown[24][0]) && waterLevel == 1) && 84 == unknown-#memory_int-unknown[6][3]) && unknown-#memory_int-unknown[26][1] == 102) && unknown-#memory_int-unknown[1][0] == 48) && \valid[23] == 1) && 82 == unknown-#memory_int-unknown[6][1]) && 4 == unknown-#length-unknown[23]) && unknown-#memory_int-unknown[23][0] == 79) && unknown-#memory_int-unknown[6][4] == 0) && 30 == unknown-#length-unknown[9]) && unknown-#memory_int-unknown[27][1] == 32) && \valid[19] == 1) && \result == retValue_acc) && \valid[16] == 1) && 3 == unknown-#length-unknown[7]) && \valid[6] == 1) && 30 == unknown-#length-unknown[18]) && unknown-#memory_int-unknown[1][1] == 0) && \valid[17] == 1) && \valid[10] == 1) && \valid[8] == 1) && 41 == unknown-#memory_int-unknown[8][0]) && \valid[13] == 1) && 0 < unknown-#StackHeapBarrier-unknown) && cleanupTimeShifts == 4) && #NULL == 0) && 9 == unknown-#length-unknown[10]) && 21 == unknown-#length-unknown[14]) && unknown-#memory_int-unknown[25][0] == 79 - InvariantResult [Line: 742]: Loop Invariant Derived loop invariant: (((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1)) && (((!(1 == systemActive) || (pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || \old(waterLevel) < 2) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || !(0 == systemActive)) - InvariantResult [Line: 864]: Loop Invariant Derived loop invariant: ((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || waterLevel < 2) || ((pumpRunning == 0 && tmp == 1) && aux-isMethaneLevelCritical()-aux == methaneLevelCritical)) - InvariantResult [Line: 678]: Loop Invariant Derived loop invariant: ((((((pumpRunning == 0 && tmp == 1) && splverifierCounter == 0) && 0 == systemActive) && waterLevel == 1) || (((((tmp == 1 && 2 <= waterLevel) && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1)))) || ((((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && splverifierCounter == 0) && waterLevel == 1)) || (((((pumpRunning == 0 && tmp == 1) && 2 <= waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && 0 == systemActive) - InvariantResult [Line: 957]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && 2 == waterLevel) && tmp == 1) && splverifierCounter == 0) || (((((pumpRunning == 0 && tmp == 1) && splverifierCounter == 0) && 0 == systemActive) || (((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && splverifierCounter == 0)) && waterLevel == 1) - InvariantResult [Line: 273]: Loop Invariant Derived loop invariant: ((((((((((((((!(1 == systemActive) || \old(pumpRunning) == 0) || ((pumpRunning == 0 && tmp == 1) && waterLevel == 1)) || 2 < \old(waterLevel)) || !(2 <= \old(waterLevel))) && (((((tmp == 0 || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || \old(waterLevel) < 2) || ((tmp == 0 && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(tmp == 0))) && ((((tmp == 0 || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 1)) || !(0 == systemActive)) || !(tmp == 0))) && ((((tmp == 0 || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || !(0 == systemActive))) && (((((((pumpRunning == 0 && \old(waterLevel) == waterLevel) && !(tmp == 0)) || !(\old(pumpRunning) == 0)) || methaneLevelCritical == 0) || !(1 == systemActive)) || \old(waterLevel) < 2) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((!(0 < waterLevel) && waterLevel <= \old(waterLevel)) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && waterLevel == 1))) && (((((!(\old(pumpRunning) == 0) || ((tmp == 0 && ((!(0 < waterLevel) && waterLevel <= \old(waterLevel)) || (pumpRunning == 0 && waterLevel <= \old(waterLevel)))) && \old(waterLevel) == waterLevel)) || \old(waterLevel) < 2) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((((((pumpRunning == 0 && \old(waterLevel) == waterLevel) && !(tmp == 0)) || !(\old(pumpRunning) == 0)) || methaneLevelCritical == 0) || \old(waterLevel) < 2) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) - InvariantResult [Line: 708]: Loop Invariant Derived loop invariant: ((((((pumpRunning == 0 && tmp == 1) && splverifierCounter == 0) && 0 == systemActive) && waterLevel == 1) || (((2 == waterLevel && tmp == 1) && 1 == systemActive) && splverifierCounter == 0)) || ((((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && splverifierCounter == 0) && waterLevel == 1)) || (((((pumpRunning == 0 && tmp == 1) && 2 <= waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && 0 == systemActive) - InvariantResult [Line: 668]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 778]: Loop Invariant Derived loop invariant: (((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(1 == systemActive)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || waterLevel < 2) - InvariantResult [Line: 62]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 804]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(0 == systemActive)) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1))) && (((!(1 == systemActive) || (pumpRunning == \old(pumpRunning) && ((pumpRunning == 0 && \old(waterLevel) == waterLevel) || (!(pumpRunning == 0) && \old(waterLevel) == waterLevel + 1)))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) || !(0 == systemActive)) - InvariantResult [Line: 677]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 265]: Loop Invariant Derived loop invariant: (((((((((((((((tmp == 0 || !(\old(pumpRunning) == 0)) || \old(waterLevel) < 2) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && (((((tmp == 0 || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((tmp == 0 || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || (tmp___0 == 0 && !(tmp == 0)))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 1)) || (tmp___0 == 0 && !(tmp == 0))) || !(0 == systemActive))) && ((((((((tmp == 0 && \old(pumpRunning) == 0) && \old(waterLevel) == waterLevel) && pumpRunning == 1) || !(1 == systemActive)) || ((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && tmp == 1) && waterLevel == 1) && !(0 == systemActive))) || (\old(pumpRunning) == 0 && !(methaneLevelCritical == 0))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((tmp == 0 || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) || \old(waterLevel) < 2) || !(\old(waterLevel) <= 2)) || (tmp___0 == 0 && !(tmp == 0))) || !(0 == systemActive))) && (((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && waterLevel == 1)) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) || !(1 == systemActive)) || \old(waterLevel) < 2) || !(\old(waterLevel) <= 2)) || (((pumpRunning == 0 && tmp___0 == 0) && \old(waterLevel) == waterLevel) && !(tmp == 0)))) && ((((!(\old(pumpRunning) == 0) || \old(waterLevel) < 2) || ((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) - InvariantResult [Line: 800]: Loop Invariant Derived loop invariant: ((((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(0 == systemActive)) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1))) && (((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || methaneLevelCritical == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || \old(waterLevel) < 2) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1))) && ((((!(1 == systemActive) || \old(waterLevel) < 2) || \old(pumpRunning) == 0) || ((pumpRunning == 0 && tmp == 1) && waterLevel == 1)) || 2 < \old(waterLevel))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) || !(0 == systemActive)) RESULT: Ultimate proved your program to be correct! [2022-11-03 02:49:38,051 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2bbdfb81-310b-4dc1-891f-147be7b9118e/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE