./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec2_product57.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 5e519f3a Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec2_product57.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 909de5fe3a7d5a638d67615e2b4d48b563eefeab07033d1b2a29843c731be596 --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-5e519f3 [2022-11-03 03:59:00,196 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-03 03:59:00,199 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-03 03:59:00,228 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-03 03:59:00,229 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-03 03:59:00,230 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-03 03:59:00,232 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-03 03:59:00,235 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-03 03:59:00,237 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-03 03:59:00,238 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-03 03:59:00,239 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-03 03:59:00,241 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-03 03:59:00,241 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-03 03:59:00,243 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-03 03:59:00,244 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-03 03:59:00,246 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-03 03:59:00,247 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-03 03:59:00,248 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-03 03:59:00,250 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-03 03:59:00,253 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-03 03:59:00,255 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-03 03:59:00,262 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-03 03:59:00,268 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-03 03:59:00,270 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-03 03:59:00,274 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-03 03:59:00,277 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-03 03:59:00,284 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-03 03:59:00,285 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-03 03:59:00,286 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-03 03:59:00,287 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-03 03:59:00,288 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-03 03:59:00,289 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-03 03:59:00,290 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-03 03:59:00,291 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-03 03:59:00,296 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-03 03:59:00,297 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-03 03:59:00,299 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-03 03:59:00,300 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-03 03:59:00,300 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-03 03:59:00,302 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-03 03:59:00,303 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-03 03:59:00,305 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-03 03:59:00,357 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-03 03:59:00,358 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-03 03:59:00,358 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-03 03:59:00,358 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-03 03:59:00,359 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-03 03:59:00,359 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-03 03:59:00,360 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-03 03:59:00,360 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-03 03:59:00,360 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-03 03:59:00,360 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-03 03:59:00,361 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-03 03:59:00,361 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-03 03:59:00,361 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-03 03:59:00,361 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-03 03:59:00,361 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-03 03:59:00,362 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-03 03:59:00,366 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-03 03:59:00,366 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-03 03:59:00,367 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-03 03:59:00,368 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-03 03:59:00,368 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-03 03:59:00,368 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-03 03:59:00,368 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-03 03:59:00,371 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-03 03:59:00,371 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-03 03:59:00,371 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-03 03:59:00,371 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-03 03:59:00,372 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-03 03:59:00,372 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-03 03:59:00,373 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-03 03:59:00,373 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-03 03:59:00,373 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-03 03:59:00,374 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 03:59:00,374 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-03 03:59:00,374 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-03 03:59:00,374 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-03 03:59:00,376 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-03 03:59:00,376 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-03 03:59:00,376 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-03 03:59:00,376 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-03 03:59:00,377 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-03 03:59:00,378 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 909de5fe3a7d5a638d67615e2b4d48b563eefeab07033d1b2a29843c731be596 [2022-11-03 03:59:00,695 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-03 03:59:00,716 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-03 03:59:00,719 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-03 03:59:00,720 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-03 03:59:00,721 INFO L275 PluginConnector]: CDTParser initialized [2022-11-03 03:59:00,722 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/../../sv-benchmarks/c/product-lines/minepump_spec2_product57.cil.c [2022-11-03 03:59:00,806 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/data/eb85a7a26/fbdd8ba3bdf54774b1eae320ab251f2b/FLAGf2ac96873 [2022-11-03 03:59:01,351 INFO L306 CDTParser]: Found 1 translation units. [2022-11-03 03:59:01,367 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/sv-benchmarks/c/product-lines/minepump_spec2_product57.cil.c [2022-11-03 03:59:01,384 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/data/eb85a7a26/fbdd8ba3bdf54774b1eae320ab251f2b/FLAGf2ac96873 [2022-11-03 03:59:01,614 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/data/eb85a7a26/fbdd8ba3bdf54774b1eae320ab251f2b [2022-11-03 03:59:01,618 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-03 03:59:01,621 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-03 03:59:01,626 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-03 03:59:01,626 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-03 03:59:01,631 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-03 03:59:01,633 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 03:59:01" (1/1) ... [2022-11-03 03:59:01,634 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@7130360c and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:59:01, skipping insertion in model container [2022-11-03 03:59:01,635 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 03:59:01" (1/1) ... [2022-11-03 03:59:01,645 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-03 03:59:01,717 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-03 03:59:02,138 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/sv-benchmarks/c/product-lines/minepump_spec2_product57.cil.c[19040,19053] [2022-11-03 03:59:02,142 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 03:59:02,154 INFO L203 MainTranslator]: Completed pre-run [2022-11-03 03:59:02,252 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/sv-benchmarks/c/product-lines/minepump_spec2_product57.cil.c[19040,19053] [2022-11-03 03:59:02,259 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 03:59:02,278 INFO L208 MainTranslator]: Completed translation [2022-11-03 03:59:02,279 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:59:02 WrapperNode [2022-11-03 03:59:02,279 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-03 03:59:02,280 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-03 03:59:02,280 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-03 03:59:02,281 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-03 03:59:02,291 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:59:02" (1/1) ... [2022-11-03 03:59:02,329 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:59:02" (1/1) ... [2022-11-03 03:59:02,389 INFO L138 Inliner]: procedures = 57, calls = 157, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 276 [2022-11-03 03:59:02,389 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-03 03:59:02,390 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-03 03:59:02,390 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-03 03:59:02,391 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-03 03:59:02,401 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:59:02" (1/1) ... [2022-11-03 03:59:02,401 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:59:02" (1/1) ... [2022-11-03 03:59:02,417 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:59:02" (1/1) ... [2022-11-03 03:59:02,418 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:59:02" (1/1) ... [2022-11-03 03:59:02,439 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:59:02" (1/1) ... [2022-11-03 03:59:02,444 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:59:02" (1/1) ... [2022-11-03 03:59:02,446 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:59:02" (1/1) ... [2022-11-03 03:59:02,447 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:59:02" (1/1) ... [2022-11-03 03:59:02,450 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-03 03:59:02,451 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-03 03:59:02,451 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-03 03:59:02,452 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-03 03:59:02,453 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:59:02" (1/1) ... [2022-11-03 03:59:02,472 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 03:59:02,487 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 03:59:02,505 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-03 03:59:02,518 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-03 03:59:02,567 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-03 03:59:02,567 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-03 03:59:02,567 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-03 03:59:02,567 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-03 03:59:02,568 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-03 03:59:02,568 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-03 03:59:02,568 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-03 03:59:02,568 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-11-03 03:59:02,568 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-11-03 03:59:02,569 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 03:59:02,569 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 03:59:02,569 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-03 03:59:02,570 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-03 03:59:02,570 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-03 03:59:02,570 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-03 03:59:02,570 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-03 03:59:02,570 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-03 03:59:02,571 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-03 03:59:02,684 INFO L235 CfgBuilder]: Building ICFG [2022-11-03 03:59:02,686 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-03 03:59:03,105 INFO L276 CfgBuilder]: Performing block encoding [2022-11-03 03:59:03,281 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-03 03:59:03,281 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-03 03:59:03,284 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 03:59:03 BoogieIcfgContainer [2022-11-03 03:59:03,285 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-03 03:59:03,287 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-03 03:59:03,288 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-03 03:59:03,291 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-03 03:59:03,292 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.11 03:59:01" (1/3) ... [2022-11-03 03:59:03,293 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@9718ab4 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 03:59:03, skipping insertion in model container [2022-11-03 03:59:03,293 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:59:02" (2/3) ... [2022-11-03 03:59:03,293 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@9718ab4 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 03:59:03, skipping insertion in model container [2022-11-03 03:59:03,293 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 03:59:03" (3/3) ... [2022-11-03 03:59:03,297 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec2_product57.cil.c [2022-11-03 03:59:03,316 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-03 03:59:03,317 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-03 03:59:03,398 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-03 03:59:03,406 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@45246441, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-03 03:59:03,406 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-03 03:59:03,412 INFO L276 IsEmpty]: Start isEmpty. Operand has 58 states, 37 states have (on average 1.4324324324324325) internal successors, (53), 45 states have internal predecessors, (53), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-11-03 03:59:03,423 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2022-11-03 03:59:03,423 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:59:03,424 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:59:03,424 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:59:03,430 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:59:03,431 INFO L85 PathProgramCache]: Analyzing trace with hash 1271470515, now seen corresponding path program 1 times [2022-11-03 03:59:03,443 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:59:03,443 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [797161891] [2022-11-03 03:59:03,444 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:59:03,444 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:59:03,660 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:59:03,796 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 03:59:03,797 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:59:03,798 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [797161891] [2022-11-03 03:59:03,799 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [797161891] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 03:59:03,800 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 03:59:03,800 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-03 03:59:03,802 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [883526615] [2022-11-03 03:59:03,805 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 03:59:03,810 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-03 03:59:03,812 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:59:03,853 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-03 03:59:03,854 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 03:59:03,857 INFO L87 Difference]: Start difference. First operand has 58 states, 37 states have (on average 1.4324324324324325) internal successors, (53), 45 states have internal predecessors, (53), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 03:59:03,992 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:59:03,992 INFO L93 Difference]: Finished difference Result 114 states and 155 transitions. [2022-11-03 03:59:03,993 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-03 03:59:03,995 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 17 [2022-11-03 03:59:03,995 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:59:04,014 INFO L225 Difference]: With dead ends: 114 [2022-11-03 03:59:04,015 INFO L226 Difference]: Without dead ends: 53 [2022-11-03 03:59:04,021 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 03:59:04,026 INFO L413 NwaCegarLoop]: 57 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 57 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 03:59:04,027 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 57 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 03:59:04,053 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 53 states. [2022-11-03 03:59:04,089 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 53 to 53. [2022-11-03 03:59:04,091 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 53 states, 34 states have (on average 1.3235294117647058) internal successors, (45), 41 states have internal predecessors, (45), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-03 03:59:04,099 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 53 states to 53 states and 68 transitions. [2022-11-03 03:59:04,101 INFO L78 Accepts]: Start accepts. Automaton has 53 states and 68 transitions. Word has length 17 [2022-11-03 03:59:04,102 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:59:04,102 INFO L495 AbstractCegarLoop]: Abstraction has 53 states and 68 transitions. [2022-11-03 03:59:04,103 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 03:59:04,103 INFO L276 IsEmpty]: Start isEmpty. Operand 53 states and 68 transitions. [2022-11-03 03:59:04,108 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 19 [2022-11-03 03:59:04,109 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:59:04,109 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:59:04,110 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-03 03:59:04,110 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:59:04,112 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:59:04,112 INFO L85 PathProgramCache]: Analyzing trace with hash -1930877448, now seen corresponding path program 1 times [2022-11-03 03:59:04,112 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:59:04,112 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [861053553] [2022-11-03 03:59:04,113 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:59:04,113 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:59:04,153 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:59:04,263 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 03:59:04,264 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:59:04,265 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [861053553] [2022-11-03 03:59:04,265 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [861053553] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 03:59:04,266 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 03:59:04,266 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 03:59:04,266 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1434566556] [2022-11-03 03:59:04,267 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 03:59:04,269 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 03:59:04,271 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:59:04,271 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 03:59:04,273 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 03:59:04,274 INFO L87 Difference]: Start difference. First operand 53 states and 68 transitions. Second operand has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 03:59:04,370 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:59:04,371 INFO L93 Difference]: Finished difference Result 83 states and 107 transitions. [2022-11-03 03:59:04,371 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 03:59:04,371 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 18 [2022-11-03 03:59:04,372 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:59:04,373 INFO L225 Difference]: With dead ends: 83 [2022-11-03 03:59:04,373 INFO L226 Difference]: Without dead ends: 45 [2022-11-03 03:59:04,374 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 03:59:04,375 INFO L413 NwaCegarLoop]: 43 mSDtfsCounter, 7 mSDsluCounter, 45 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 10 SdHoareTripleChecker+Valid, 77 SdHoareTripleChecker+Invalid, 25 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-03 03:59:04,376 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [10 Valid, 77 Invalid, 25 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-03 03:59:04,377 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 45 states. [2022-11-03 03:59:04,384 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 45 to 45. [2022-11-03 03:59:04,385 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 45 states, 29 states have (on average 1.3448275862068966) internal successors, (39), 36 states have internal predecessors, (39), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-03 03:59:04,386 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 45 states to 45 states and 57 transitions. [2022-11-03 03:59:04,394 INFO L78 Accepts]: Start accepts. Automaton has 45 states and 57 transitions. Word has length 18 [2022-11-03 03:59:04,395 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:59:04,395 INFO L495 AbstractCegarLoop]: Abstraction has 45 states and 57 transitions. [2022-11-03 03:59:04,397 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 03:59:04,397 INFO L276 IsEmpty]: Start isEmpty. Operand 45 states and 57 transitions. [2022-11-03 03:59:04,399 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2022-11-03 03:59:04,400 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:59:04,400 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:59:04,401 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-03 03:59:04,401 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:59:04,402 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:59:04,402 INFO L85 PathProgramCache]: Analyzing trace with hash -869841070, now seen corresponding path program 1 times [2022-11-03 03:59:04,402 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:59:04,403 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1441843054] [2022-11-03 03:59:04,403 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:59:04,403 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:59:04,448 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:59:04,621 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 03:59:04,621 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:59:04,621 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1441843054] [2022-11-03 03:59:04,622 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1441843054] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 03:59:04,622 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 03:59:04,622 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-03 03:59:04,622 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [404318933] [2022-11-03 03:59:04,622 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 03:59:04,623 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-03 03:59:04,623 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:59:04,623 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-03 03:59:04,624 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-03 03:59:04,624 INFO L87 Difference]: Start difference. First operand 45 states and 57 transitions. Second operand has 4 states, 4 states have (on average 4.25) internal successors, (17), 4 states have internal predecessors, (17), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 03:59:04,752 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:59:04,753 INFO L93 Difference]: Finished difference Result 88 states and 113 transitions. [2022-11-03 03:59:04,753 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-11-03 03:59:04,753 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 4.25) internal successors, (17), 4 states have internal predecessors, (17), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 20 [2022-11-03 03:59:04,754 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:59:04,754 INFO L225 Difference]: With dead ends: 88 [2022-11-03 03:59:04,755 INFO L226 Difference]: Without dead ends: 45 [2022-11-03 03:59:04,755 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-03 03:59:04,757 INFO L413 NwaCegarLoop]: 38 mSDtfsCounter, 53 mSDsluCounter, 27 mSDsCounter, 0 mSdLazyCounter, 44 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 53 SdHoareTripleChecker+Valid, 55 SdHoareTripleChecker+Invalid, 50 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 44 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 03:59:04,757 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [53 Valid, 55 Invalid, 50 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 44 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 03:59:04,758 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 45 states. [2022-11-03 03:59:04,764 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 45 to 45. [2022-11-03 03:59:04,765 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 45 states, 29 states have (on average 1.3103448275862069) internal successors, (38), 36 states have internal predecessors, (38), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-03 03:59:04,765 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 45 states to 45 states and 56 transitions. [2022-11-03 03:59:04,766 INFO L78 Accepts]: Start accepts. Automaton has 45 states and 56 transitions. Word has length 20 [2022-11-03 03:59:04,766 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:59:04,766 INFO L495 AbstractCegarLoop]: Abstraction has 45 states and 56 transitions. [2022-11-03 03:59:04,766 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 4.25) internal successors, (17), 4 states have internal predecessors, (17), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 03:59:04,767 INFO L276 IsEmpty]: Start isEmpty. Operand 45 states and 56 transitions. [2022-11-03 03:59:04,767 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2022-11-03 03:59:04,768 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:59:04,768 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:59:04,768 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-03 03:59:04,768 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:59:04,769 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:59:04,769 INFO L85 PathProgramCache]: Analyzing trace with hash -416116077, now seen corresponding path program 1 times [2022-11-03 03:59:04,769 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:59:04,769 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [157906172] [2022-11-03 03:59:04,769 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:59:04,770 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:59:04,816 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:59:04,948 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 03:59:04,948 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:59:04,948 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [157906172] [2022-11-03 03:59:04,948 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [157906172] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 03:59:04,949 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 03:59:04,949 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 03:59:04,949 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1549722969] [2022-11-03 03:59:04,949 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 03:59:04,950 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 03:59:04,952 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:59:04,953 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 03:59:04,953 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 03:59:04,953 INFO L87 Difference]: Start difference. First operand 45 states and 56 transitions. Second operand has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 03:59:05,075 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:59:05,075 INFO L93 Difference]: Finished difference Result 123 states and 156 transitions. [2022-11-03 03:59:05,075 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 03:59:05,076 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2022-11-03 03:59:05,076 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:59:05,077 INFO L225 Difference]: With dead ends: 123 [2022-11-03 03:59:05,078 INFO L226 Difference]: Without dead ends: 80 [2022-11-03 03:59:05,078 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 03:59:05,080 INFO L413 NwaCegarLoop]: 54 mSDtfsCounter, 38 mSDsluCounter, 40 mSDsCounter, 0 mSdLazyCounter, 28 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 38 SdHoareTripleChecker+Valid, 88 SdHoareTripleChecker+Invalid, 32 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 28 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 03:59:05,081 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [38 Valid, 88 Invalid, 32 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 28 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 03:59:05,082 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 80 states. [2022-11-03 03:59:05,105 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 80 to 78. [2022-11-03 03:59:05,108 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 78 states, 52 states have (on average 1.2692307692307692) internal successors, (66), 59 states have internal predecessors, (66), 13 states have call successors, (13), 12 states have call predecessors, (13), 12 states have return successors, (17), 13 states have call predecessors, (17), 13 states have call successors, (17) [2022-11-03 03:59:05,109 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 78 states to 78 states and 96 transitions. [2022-11-03 03:59:05,111 INFO L78 Accepts]: Start accepts. Automaton has 78 states and 96 transitions. Word has length 23 [2022-11-03 03:59:05,112 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:59:05,112 INFO L495 AbstractCegarLoop]: Abstraction has 78 states and 96 transitions. [2022-11-03 03:59:05,112 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.666666666666667) internal successors, (20), 3 states have internal predecessors, (20), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 03:59:05,112 INFO L276 IsEmpty]: Start isEmpty. Operand 78 states and 96 transitions. [2022-11-03 03:59:05,114 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2022-11-03 03:59:05,115 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:59:05,116 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:59:05,116 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-03 03:59:05,116 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:59:05,117 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:59:05,117 INFO L85 PathProgramCache]: Analyzing trace with hash 149140191, now seen corresponding path program 1 times [2022-11-03 03:59:05,117 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:59:05,118 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1232788756] [2022-11-03 03:59:05,118 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:59:05,118 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:59:05,145 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:59:05,294 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 03:59:05,294 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:59:05,294 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1232788756] [2022-11-03 03:59:05,295 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1232788756] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 03:59:05,295 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 03:59:05,295 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-03 03:59:05,298 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2130374686] [2022-11-03 03:59:05,299 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 03:59:05,304 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-03 03:59:05,305 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:59:05,306 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-03 03:59:05,306 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-03 03:59:05,308 INFO L87 Difference]: Start difference. First operand 78 states and 96 transitions. Second operand has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-03 03:59:05,490 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:59:05,491 INFO L93 Difference]: Finished difference Result 226 states and 285 transitions. [2022-11-03 03:59:05,491 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-11-03 03:59:05,492 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) Word has length 31 [2022-11-03 03:59:05,492 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:59:05,505 INFO L225 Difference]: With dead ends: 226 [2022-11-03 03:59:05,506 INFO L226 Difference]: Without dead ends: 150 [2022-11-03 03:59:05,507 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-11-03 03:59:05,511 INFO L413 NwaCegarLoop]: 49 mSDtfsCounter, 32 mSDsluCounter, 209 mSDsCounter, 0 mSdLazyCounter, 98 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 35 SdHoareTripleChecker+Valid, 214 SdHoareTripleChecker+Invalid, 100 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 98 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 03:59:05,516 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [35 Valid, 214 Invalid, 100 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 98 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 03:59:05,518 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 150 states. [2022-11-03 03:59:05,560 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 150 to 142. [2022-11-03 03:59:05,561 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 142 states, 95 states have (on average 1.231578947368421) internal successors, (117), 106 states have internal predecessors, (117), 24 states have call successors, (24), 22 states have call predecessors, (24), 22 states have return successors, (32), 24 states have call predecessors, (32), 24 states have call successors, (32) [2022-11-03 03:59:05,565 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 142 states to 142 states and 173 transitions. [2022-11-03 03:59:05,566 INFO L78 Accepts]: Start accepts. Automaton has 142 states and 173 transitions. Word has length 31 [2022-11-03 03:59:05,566 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:59:05,566 INFO L495 AbstractCegarLoop]: Abstraction has 142 states and 173 transitions. [2022-11-03 03:59:05,567 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 4.8) internal successors, (24), 5 states have internal predecessors, (24), 2 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 3 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-03 03:59:05,567 INFO L276 IsEmpty]: Start isEmpty. Operand 142 states and 173 transitions. [2022-11-03 03:59:05,574 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-11-03 03:59:05,574 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:59:05,574 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:59:05,574 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-03 03:59:05,575 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:59:05,575 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:59:05,575 INFO L85 PathProgramCache]: Analyzing trace with hash -1045968445, now seen corresponding path program 1 times [2022-11-03 03:59:05,576 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:59:05,576 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1137625645] [2022-11-03 03:59:05,576 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:59:05,576 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:59:05,611 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:59:05,789 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 03:59:05,790 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:59:05,790 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1137625645] [2022-11-03 03:59:05,790 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1137625645] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 03:59:05,790 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 03:59:05,791 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-03 03:59:05,791 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [239233587] [2022-11-03 03:59:05,791 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 03:59:05,791 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-03 03:59:05,792 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:59:05,792 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-03 03:59:05,792 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2022-11-03 03:59:05,793 INFO L87 Difference]: Start difference. First operand 142 states and 173 transitions. Second operand has 5 states, 5 states have (on average 5.0) internal successors, (25), 5 states have internal predecessors, (25), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-03 03:59:06,098 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:59:06,098 INFO L93 Difference]: Finished difference Result 262 states and 322 transitions. [2022-11-03 03:59:06,099 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2022-11-03 03:59:06,099 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 5.0) internal successors, (25), 5 states have internal predecessors, (25), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 34 [2022-11-03 03:59:06,100 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:59:06,102 INFO L225 Difference]: With dead ends: 262 [2022-11-03 03:59:06,102 INFO L226 Difference]: Without dead ends: 186 [2022-11-03 03:59:06,103 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=27, Invalid=45, Unknown=0, NotChecked=0, Total=72 [2022-11-03 03:59:06,104 INFO L413 NwaCegarLoop]: 50 mSDtfsCounter, 56 mSDsluCounter, 121 mSDsCounter, 0 mSdLazyCounter, 133 mSolverCounterSat, 28 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 59 SdHoareTripleChecker+Valid, 150 SdHoareTripleChecker+Invalid, 161 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 28 IncrementalHoareTripleChecker+Valid, 133 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-03 03:59:06,105 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [59 Valid, 150 Invalid, 161 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [28 Valid, 133 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-03 03:59:06,106 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 186 states. [2022-11-03 03:59:06,137 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 186 to 176. [2022-11-03 03:59:06,138 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 176 states, 119 states have (on average 1.2016806722689075) internal successors, (143), 130 states have internal predecessors, (143), 28 states have call successors, (28), 22 states have call predecessors, (28), 28 states have return successors, (42), 30 states have call predecessors, (42), 28 states have call successors, (42) [2022-11-03 03:59:06,140 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 176 states to 176 states and 213 transitions. [2022-11-03 03:59:06,140 INFO L78 Accepts]: Start accepts. Automaton has 176 states and 213 transitions. Word has length 34 [2022-11-03 03:59:06,141 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:59:06,141 INFO L495 AbstractCegarLoop]: Abstraction has 176 states and 213 transitions. [2022-11-03 03:59:06,141 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 5.0) internal successors, (25), 5 states have internal predecessors, (25), 2 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-03 03:59:06,141 INFO L276 IsEmpty]: Start isEmpty. Operand 176 states and 213 transitions. [2022-11-03 03:59:06,142 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2022-11-03 03:59:06,143 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:59:06,143 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:59:06,143 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-03 03:59:06,143 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:59:06,144 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:59:06,144 INFO L85 PathProgramCache]: Analyzing trace with hash 566959656, now seen corresponding path program 1 times [2022-11-03 03:59:06,144 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:59:06,144 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [455736489] [2022-11-03 03:59:06,145 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:59:06,145 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:59:06,163 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:59:06,219 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 03:59:06,219 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:59:06,219 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [455736489] [2022-11-03 03:59:06,220 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [455736489] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 03:59:06,220 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 03:59:06,220 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 03:59:06,220 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [855547889] [2022-11-03 03:59:06,220 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 03:59:06,221 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 03:59:06,221 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:59:06,221 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 03:59:06,221 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 03:59:06,222 INFO L87 Difference]: Start difference. First operand 176 states and 213 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-03 03:59:06,315 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:59:06,315 INFO L93 Difference]: Finished difference Result 250 states and 312 transitions. [2022-11-03 03:59:06,315 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 03:59:06,316 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 35 [2022-11-03 03:59:06,316 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:59:06,318 INFO L225 Difference]: With dead ends: 250 [2022-11-03 03:59:06,318 INFO L226 Difference]: Without dead ends: 248 [2022-11-03 03:59:06,319 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 03:59:06,320 INFO L413 NwaCegarLoop]: 50 mSDtfsCounter, 32 mSDsluCounter, 51 mSDsCounter, 0 mSdLazyCounter, 29 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 32 SdHoareTripleChecker+Valid, 89 SdHoareTripleChecker+Invalid, 34 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 29 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 03:59:06,321 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [32 Valid, 89 Invalid, 34 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 29 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 03:59:06,322 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 248 states. [2022-11-03 03:59:06,360 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 248 to 242. [2022-11-03 03:59:06,361 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 242 states, 162 states have (on average 1.2098765432098766) internal successors, (196), 178 states have internal predecessors, (196), 40 states have call successors, (40), 31 states have call predecessors, (40), 39 states have return successors, (65), 41 states have call predecessors, (65), 40 states have call successors, (65) [2022-11-03 03:59:06,363 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 242 states to 242 states and 301 transitions. [2022-11-03 03:59:06,364 INFO L78 Accepts]: Start accepts. Automaton has 242 states and 301 transitions. Word has length 35 [2022-11-03 03:59:06,364 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:59:06,364 INFO L495 AbstractCegarLoop]: Abstraction has 242 states and 301 transitions. [2022-11-03 03:59:06,365 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 2 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-03 03:59:06,365 INFO L276 IsEmpty]: Start isEmpty. Operand 242 states and 301 transitions. [2022-11-03 03:59:06,367 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 66 [2022-11-03 03:59:06,367 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:59:06,367 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:59:06,368 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-03 03:59:06,368 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:59:06,368 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:59:06,369 INFO L85 PathProgramCache]: Analyzing trace with hash 510088418, now seen corresponding path program 1 times [2022-11-03 03:59:06,369 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:59:06,369 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [976593868] [2022-11-03 03:59:06,369 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:59:06,369 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:59:06,393 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:59:06,829 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 7 proven. 16 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-11-03 03:59:06,830 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:59:06,830 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [976593868] [2022-11-03 03:59:06,830 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [976593868] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 03:59:06,830 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1692605694] [2022-11-03 03:59:06,830 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:59:06,830 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 03:59:06,831 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 03:59:06,832 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 03:59:06,854 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-03 03:59:06,981 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:59:07,000 INFO L263 TraceCheckSpWp]: Trace formula consists of 453 conjuncts, 29 conjunts are in the unsatisfiable core [2022-11-03 03:59:07,019 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 03:59:07,484 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 25 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 03:59:07,484 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 03:59:08,110 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 17 proven. 5 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2022-11-03 03:59:08,110 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1692605694] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 03:59:08,110 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [860618864] [2022-11-03 03:59:08,130 INFO L159 IcfgInterpreter]: Started Sifa with 41 locations of interest [2022-11-03 03:59:08,131 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 03:59:08,135 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 03:59:08,141 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 03:59:08,141 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 03:59:12,277 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 31 for LOIs [2022-11-03 03:59:12,634 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 60 for LOIs [2022-11-03 03:59:13,153 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 50 for LOIs [2022-11-03 03:59:13,165 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 309 for LOIs [2022-11-03 03:59:13,269 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 36 for LOIs [2022-11-03 03:59:13,271 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 03:59:19,901 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '3486#(and (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~8#1|) (<= 0 (+ |timeShift___utac_acc__Specification2_spec__2_~tmp___0~0#1| 2147483648)) (= ~head~0.offset 0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification2_spec__2_~tmp___0~0#1|) (= 1 ~systemActive~0) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~8#1|) (<= 0 ~methAndRunningLastTime~0) (<= 0 |old(~methAndRunningLastTime~0)|) (<= 0 ~methaneLevelCritical~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (<= |timeShift___utac_acc__Specification2_spec__2_~tmp~1#1| 1) (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp___0~0#1| 0)) (not (= ~methAndRunningLastTime~0 0)) (<= |timeShift___utac_acc__Specification2_spec__2_~tmp___0~0#1| 2147483647) (<= 0 |#StackHeapBarrier|) (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp~1#1| 0)) (= |timeShift___utac_acc__Specification2_spec__2_~tmp~1#1| ~methaneLevelCritical~0) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 03:59:19,902 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 03:59:19,902 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 03:59:19,902 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 10, 9] total 24 [2022-11-03 03:59:19,902 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1838443890] [2022-11-03 03:59:19,903 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 03:59:19,903 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 24 states [2022-11-03 03:59:19,904 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:59:19,904 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 24 interpolants. [2022-11-03 03:59:19,905 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=305, Invalid=2451, Unknown=0, NotChecked=0, Total=2756 [2022-11-03 03:59:19,906 INFO L87 Difference]: Start difference. First operand 242 states and 301 transitions. Second operand has 24 states, 18 states have (on average 4.888888888888889) internal successors, (88), 18 states have internal predecessors, (88), 9 states have call successors, (19), 6 states have call predecessors, (19), 13 states have return successors, (20), 12 states have call predecessors, (20), 9 states have call successors, (20) [2022-11-03 03:59:24,233 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:59:24,233 INFO L93 Difference]: Finished difference Result 1076 states and 1507 transitions. [2022-11-03 03:59:24,234 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 62 states. [2022-11-03 03:59:24,234 INFO L78 Accepts]: Start accepts. Automaton has has 24 states, 18 states have (on average 4.888888888888889) internal successors, (88), 18 states have internal predecessors, (88), 9 states have call successors, (19), 6 states have call predecessors, (19), 13 states have return successors, (20), 12 states have call predecessors, (20), 9 states have call successors, (20) Word has length 65 [2022-11-03 03:59:24,235 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:59:24,246 INFO L225 Difference]: With dead ends: 1076 [2022-11-03 03:59:24,246 INFO L226 Difference]: Without dead ends: 793 [2022-11-03 03:59:24,254 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 278 GetRequests, 171 SyntacticMatches, 2 SemanticMatches, 105 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4057 ImplicationChecksByTransitivity, 9.0s TimeCoverageRelationStatistics Valid=1255, Invalid=10087, Unknown=0, NotChecked=0, Total=11342 [2022-11-03 03:59:24,255 INFO L413 NwaCegarLoop]: 107 mSDtfsCounter, 985 mSDsluCounter, 440 mSDsCounter, 0 mSdLazyCounter, 2031 mSolverCounterSat, 841 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 992 SdHoareTripleChecker+Valid, 431 SdHoareTripleChecker+Invalid, 2872 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 841 IncrementalHoareTripleChecker+Valid, 2031 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.0s IncrementalHoareTripleChecker+Time [2022-11-03 03:59:24,255 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [992 Valid, 431 Invalid, 2872 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [841 Valid, 2031 Invalid, 0 Unknown, 0 Unchecked, 2.0s Time] [2022-11-03 03:59:24,257 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 793 states. [2022-11-03 03:59:24,348 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 793 to 591. [2022-11-03 03:59:24,349 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 591 states, 396 states have (on average 1.1691919191919191) internal successors, (463), 427 states have internal predecessors, (463), 98 states have call successors, (98), 78 states have call predecessors, (98), 96 states have return successors, (143), 103 states have call predecessors, (143), 98 states have call successors, (143) [2022-11-03 03:59:24,353 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 591 states to 591 states and 704 transitions. [2022-11-03 03:59:24,354 INFO L78 Accepts]: Start accepts. Automaton has 591 states and 704 transitions. Word has length 65 [2022-11-03 03:59:24,354 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:59:24,355 INFO L495 AbstractCegarLoop]: Abstraction has 591 states and 704 transitions. [2022-11-03 03:59:24,355 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 24 states, 18 states have (on average 4.888888888888889) internal successors, (88), 18 states have internal predecessors, (88), 9 states have call successors, (19), 6 states have call predecessors, (19), 13 states have return successors, (20), 12 states have call predecessors, (20), 9 states have call successors, (20) [2022-11-03 03:59:24,355 INFO L276 IsEmpty]: Start isEmpty. Operand 591 states and 704 transitions. [2022-11-03 03:59:24,357 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 67 [2022-11-03 03:59:24,357 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:59:24,358 INFO L195 NwaCegarLoop]: trace histogram [4, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:59:24,412 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-03 03:59:24,582 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 03:59:24,583 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:59:24,583 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:59:24,583 INFO L85 PathProgramCache]: Analyzing trace with hash 1361903642, now seen corresponding path program 1 times [2022-11-03 03:59:24,583 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:59:24,583 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [450369777] [2022-11-03 03:59:24,584 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:59:24,584 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:59:24,613 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:59:24,794 INFO L134 CoverageAnalysis]: Checked inductivity of 37 backedges. 18 proven. 0 refuted. 0 times theorem prover too weak. 19 trivial. 0 not checked. [2022-11-03 03:59:24,794 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:59:24,794 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [450369777] [2022-11-03 03:59:24,794 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [450369777] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 03:59:24,794 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 03:59:24,795 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-03 03:59:24,795 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1196387428] [2022-11-03 03:59:24,795 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 03:59:24,796 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-03 03:59:24,796 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:59:24,796 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-03 03:59:24,796 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-03 03:59:24,797 INFO L87 Difference]: Start difference. First operand 591 states and 704 transitions. Second operand has 4 states, 4 states have (on average 10.25) internal successors, (41), 4 states have internal predecessors, (41), 3 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 2 states have call successors, (7) [2022-11-03 03:59:24,974 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:59:24,974 INFO L93 Difference]: Finished difference Result 1019 states and 1250 transitions. [2022-11-03 03:59:24,975 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-03 03:59:24,975 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 10.25) internal successors, (41), 4 states have internal predecessors, (41), 3 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 2 states have call successors, (7) Word has length 66 [2022-11-03 03:59:24,977 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:59:24,981 INFO L225 Difference]: With dead ends: 1019 [2022-11-03 03:59:24,981 INFO L226 Difference]: Without dead ends: 475 [2022-11-03 03:59:24,983 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-03 03:59:24,986 INFO L413 NwaCegarLoop]: 64 mSDtfsCounter, 34 mSDsluCounter, 95 mSDsCounter, 0 mSdLazyCounter, 87 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 34 SdHoareTripleChecker+Valid, 138 SdHoareTripleChecker+Invalid, 89 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 87 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 03:59:24,987 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [34 Valid, 138 Invalid, 89 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 87 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 03:59:24,988 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 475 states. [2022-11-03 03:59:25,049 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 475 to 454. [2022-11-03 03:59:25,050 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 454 states, 303 states have (on average 1.1518151815181519) internal successors, (349), 329 states have internal predecessors, (349), 75 states have call successors, (75), 65 states have call predecessors, (75), 75 states have return successors, (99), 77 states have call predecessors, (99), 75 states have call successors, (99) [2022-11-03 03:59:25,053 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 454 states to 454 states and 523 transitions. [2022-11-03 03:59:25,055 INFO L78 Accepts]: Start accepts. Automaton has 454 states and 523 transitions. Word has length 66 [2022-11-03 03:59:25,055 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:59:25,055 INFO L495 AbstractCegarLoop]: Abstraction has 454 states and 523 transitions. [2022-11-03 03:59:25,056 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 10.25) internal successors, (41), 4 states have internal predecessors, (41), 3 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 2 states have call successors, (7) [2022-11-03 03:59:25,056 INFO L276 IsEmpty]: Start isEmpty. Operand 454 states and 523 transitions. [2022-11-03 03:59:25,059 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 94 [2022-11-03 03:59:25,060 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:59:25,060 INFO L195 NwaCegarLoop]: trace histogram [4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:59:25,060 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2022-11-03 03:59:25,060 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:59:25,061 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:59:25,061 INFO L85 PathProgramCache]: Analyzing trace with hash -749793150, now seen corresponding path program 1 times [2022-11-03 03:59:25,061 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:59:25,061 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1526974904] [2022-11-03 03:59:25,062 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:59:25,062 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:59:25,103 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:59:25,603 INFO L134 CoverageAnalysis]: Checked inductivity of 78 backedges. 34 proven. 14 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2022-11-03 03:59:25,603 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:59:25,603 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1526974904] [2022-11-03 03:59:25,603 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1526974904] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 03:59:25,604 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [34887212] [2022-11-03 03:59:25,604 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:59:25,604 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 03:59:25,604 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 03:59:25,605 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 03:59:25,628 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-03 03:59:25,728 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:59:25,731 INFO L263 TraceCheckSpWp]: Trace formula consists of 542 conjuncts, 17 conjunts are in the unsatisfiable core [2022-11-03 03:59:25,735 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 03:59:25,967 INFO L134 CoverageAnalysis]: Checked inductivity of 78 backedges. 48 proven. 0 refuted. 0 times theorem prover too weak. 30 trivial. 0 not checked. [2022-11-03 03:59:25,967 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-03 03:59:25,968 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [34887212] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 03:59:25,968 INFO L184 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2022-11-03 03:59:25,968 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [8] total 14 [2022-11-03 03:59:25,968 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [816035616] [2022-11-03 03:59:25,969 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 03:59:25,969 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-03 03:59:25,969 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:59:25,970 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-03 03:59:25,970 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=41, Invalid=141, Unknown=0, NotChecked=0, Total=182 [2022-11-03 03:59:25,970 INFO L87 Difference]: Start difference. First operand 454 states and 523 transitions. Second operand has 8 states, 8 states have (on average 6.0) internal successors, (48), 8 states have internal predecessors, (48), 5 states have call successors, (9), 4 states have call predecessors, (9), 3 states have return successors, (9), 3 states have call predecessors, (9), 5 states have call successors, (9) [2022-11-03 03:59:26,595 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:59:26,595 INFO L93 Difference]: Finished difference Result 1019 states and 1197 transitions. [2022-11-03 03:59:26,596 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 14 states. [2022-11-03 03:59:26,596 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 6.0) internal successors, (48), 8 states have internal predecessors, (48), 5 states have call successors, (9), 4 states have call predecessors, (9), 3 states have return successors, (9), 3 states have call predecessors, (9), 5 states have call successors, (9) Word has length 93 [2022-11-03 03:59:26,597 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:59:26,601 INFO L225 Difference]: With dead ends: 1019 [2022-11-03 03:59:26,601 INFO L226 Difference]: Without dead ends: 596 [2022-11-03 03:59:26,603 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 109 GetRequests, 90 SyntacticMatches, 0 SemanticMatches, 19 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 65 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=95, Invalid=325, Unknown=0, NotChecked=0, Total=420 [2022-11-03 03:59:26,604 INFO L413 NwaCegarLoop]: 51 mSDtfsCounter, 125 mSDsluCounter, 136 mSDsCounter, 0 mSdLazyCounter, 240 mSolverCounterSat, 64 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 130 SdHoareTripleChecker+Valid, 158 SdHoareTripleChecker+Invalid, 304 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 64 IncrementalHoareTripleChecker+Valid, 240 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-03 03:59:26,604 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [130 Valid, 158 Invalid, 304 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [64 Valid, 240 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-03 03:59:26,605 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 596 states. [2022-11-03 03:59:26,687 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 596 to 567. [2022-11-03 03:59:26,689 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 567 states, 388 states have (on average 1.1443298969072164) internal successors, (444), 411 states have internal predecessors, (444), 90 states have call successors, (90), 88 states have call predecessors, (90), 88 states have return successors, (117), 86 states have call predecessors, (117), 90 states have call successors, (117) [2022-11-03 03:59:26,692 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 567 states to 567 states and 651 transitions. [2022-11-03 03:59:26,692 INFO L78 Accepts]: Start accepts. Automaton has 567 states and 651 transitions. Word has length 93 [2022-11-03 03:59:26,693 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:59:26,693 INFO L495 AbstractCegarLoop]: Abstraction has 567 states and 651 transitions. [2022-11-03 03:59:26,693 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 6.0) internal successors, (48), 8 states have internal predecessors, (48), 5 states have call successors, (9), 4 states have call predecessors, (9), 3 states have return successors, (9), 3 states have call predecessors, (9), 5 states have call successors, (9) [2022-11-03 03:59:26,693 INFO L276 IsEmpty]: Start isEmpty. Operand 567 states and 651 transitions. [2022-11-03 03:59:26,696 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 97 [2022-11-03 03:59:26,696 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:59:26,696 INFO L195 NwaCegarLoop]: trace histogram [4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:59:26,736 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-03 03:59:26,922 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-03 03:59:26,922 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:59:26,923 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:59:26,924 INFO L85 PathProgramCache]: Analyzing trace with hash 1873478361, now seen corresponding path program 1 times [2022-11-03 03:59:26,924 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:59:26,924 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [141302739] [2022-11-03 03:59:26,924 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:59:26,924 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:59:26,957 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:59:27,951 INFO L134 CoverageAnalysis]: Checked inductivity of 78 backedges. 34 proven. 17 refuted. 0 times theorem prover too weak. 27 trivial. 0 not checked. [2022-11-03 03:59:27,952 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:59:27,952 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [141302739] [2022-11-03 03:59:27,952 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [141302739] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 03:59:27,952 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [708784542] [2022-11-03 03:59:27,953 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:59:27,953 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 03:59:27,953 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 03:59:27,954 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 03:59:27,981 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-11-03 03:59:28,086 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:59:28,089 INFO L263 TraceCheckSpWp]: Trace formula consists of 548 conjuncts, 34 conjunts are in the unsatisfiable core [2022-11-03 03:59:28,093 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 03:59:28,638 INFO L134 CoverageAnalysis]: Checked inductivity of 78 backedges. 51 proven. 25 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 03:59:28,638 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 03:59:29,551 INFO L134 CoverageAnalysis]: Checked inductivity of 78 backedges. 41 proven. 10 refuted. 0 times theorem prover too weak. 27 trivial. 0 not checked. [2022-11-03 03:59:29,551 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [708784542] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 03:59:29,552 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [967170177] [2022-11-03 03:59:29,557 INFO L159 IcfgInterpreter]: Started Sifa with 44 locations of interest [2022-11-03 03:59:29,557 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 03:59:29,558 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 03:59:29,558 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 03:59:29,558 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 03:59:35,667 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 47 for LOIs [2022-11-03 03:59:35,677 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 31 for LOIs [2022-11-03 03:59:35,918 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 60 for LOIs [2022-11-03 03:59:36,313 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 50 for LOIs [2022-11-03 03:59:36,324 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 45 for LOIs [2022-11-03 03:59:36,331 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 36 for LOIs [2022-11-03 03:59:36,334 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 03:59:43,003 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '11734#(and (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~8#1|) (<= 0 (+ |timeShift___utac_acc__Specification2_spec__2_~tmp___0~0#1| 2147483648)) (= ~head~0.offset 0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification2_spec__2_~tmp___0~0#1|) (= 1 ~systemActive~0) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~8#1|) (<= 0 ~methAndRunningLastTime~0) (<= 0 |old(~methAndRunningLastTime~0)|) (<= 0 ~methaneLevelCritical~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (<= |timeShift___utac_acc__Specification2_spec__2_~tmp~1#1| 1) (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp___0~0#1| 0)) (not (= ~methAndRunningLastTime~0 0)) (<= |timeShift___utac_acc__Specification2_spec__2_~tmp___0~0#1| 2147483647) (<= 0 |#StackHeapBarrier|) (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp~1#1| 0)) (= |timeShift___utac_acc__Specification2_spec__2_~tmp~1#1| ~methaneLevelCritical~0) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 03:59:43,003 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 03:59:43,004 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 03:59:43,004 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [13, 14, 15] total 35 [2022-11-03 03:59:43,004 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [957153144] [2022-11-03 03:59:43,004 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 03:59:43,005 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 35 states [2022-11-03 03:59:43,005 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:59:43,006 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 35 interpolants. [2022-11-03 03:59:43,007 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=521, Invalid=3769, Unknown=0, NotChecked=0, Total=4290 [2022-11-03 03:59:43,007 INFO L87 Difference]: Start difference. First operand 567 states and 651 transitions. Second operand has 35 states, 32 states have (on average 3.90625) internal successors, (125), 27 states have internal predecessors, (125), 16 states have call successors, (33), 14 states have call predecessors, (33), 13 states have return successors, (31), 13 states have call predecessors, (31), 16 states have call successors, (31) [2022-11-03 03:59:46,298 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:59:46,298 INFO L93 Difference]: Finished difference Result 2008 states and 2338 transitions. [2022-11-03 03:59:46,299 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 40 states. [2022-11-03 03:59:46,300 INFO L78 Accepts]: Start accepts. Automaton has has 35 states, 32 states have (on average 3.90625) internal successors, (125), 27 states have internal predecessors, (125), 16 states have call successors, (33), 14 states have call predecessors, (33), 13 states have return successors, (31), 13 states have call predecessors, (31), 16 states have call successors, (31) Word has length 96 [2022-11-03 03:59:46,300 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:59:46,308 INFO L225 Difference]: With dead ends: 2008 [2022-11-03 03:59:46,308 INFO L226 Difference]: Without dead ends: 1491 [2022-11-03 03:59:46,313 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 343 GetRequests, 235 SyntacticMatches, 9 SemanticMatches, 99 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4191 ImplicationChecksByTransitivity, 9.0s TimeCoverageRelationStatistics Valid=1315, Invalid=8785, Unknown=0, NotChecked=0, Total=10100 [2022-11-03 03:59:46,314 INFO L413 NwaCegarLoop]: 94 mSDtfsCounter, 1009 mSDsluCounter, 627 mSDsCounter, 0 mSdLazyCounter, 1215 mSolverCounterSat, 655 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1010 SdHoareTripleChecker+Valid, 572 SdHoareTripleChecker+Invalid, 1870 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 655 IncrementalHoareTripleChecker+Valid, 1215 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.2s IncrementalHoareTripleChecker+Time [2022-11-03 03:59:46,314 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1010 Valid, 572 Invalid, 1870 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [655 Valid, 1215 Invalid, 0 Unknown, 0 Unchecked, 1.2s Time] [2022-11-03 03:59:46,317 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1491 states. [2022-11-03 03:59:46,550 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1491 to 1211. [2022-11-03 03:59:46,553 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1211 states, 839 states have (on average 1.135876042908224) internal successors, (953), 880 states have internal predecessors, (953), 191 states have call successors, (191), 177 states have call predecessors, (191), 180 states have return successors, (238), 178 states have call predecessors, (238), 191 states have call successors, (238) [2022-11-03 03:59:46,559 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1211 states to 1211 states and 1382 transitions. [2022-11-03 03:59:46,560 INFO L78 Accepts]: Start accepts. Automaton has 1211 states and 1382 transitions. Word has length 96 [2022-11-03 03:59:46,560 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:59:46,561 INFO L495 AbstractCegarLoop]: Abstraction has 1211 states and 1382 transitions. [2022-11-03 03:59:46,561 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 35 states, 32 states have (on average 3.90625) internal successors, (125), 27 states have internal predecessors, (125), 16 states have call successors, (33), 14 states have call predecessors, (33), 13 states have return successors, (31), 13 states have call predecessors, (31), 16 states have call successors, (31) [2022-11-03 03:59:46,561 INFO L276 IsEmpty]: Start isEmpty. Operand 1211 states and 1382 transitions. [2022-11-03 03:59:46,566 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 146 [2022-11-03 03:59:46,566 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:59:46,567 INFO L195 NwaCegarLoop]: trace histogram [7, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 4, 4, 4, 4, 4, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:59:46,614 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2022-11-03 03:59:46,792 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2022-11-03 03:59:46,793 INFO L420 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:59:46,793 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:59:46,793 INFO L85 PathProgramCache]: Analyzing trace with hash -2009431574, now seen corresponding path program 1 times [2022-11-03 03:59:46,793 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:59:46,793 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1433770171] [2022-11-03 03:59:46,794 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:59:46,794 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:59:46,842 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:59:48,108 INFO L134 CoverageAnalysis]: Checked inductivity of 241 backedges. 85 proven. 84 refuted. 0 times theorem prover too weak. 72 trivial. 0 not checked. [2022-11-03 03:59:48,108 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:59:48,108 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1433770171] [2022-11-03 03:59:48,108 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1433770171] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 03:59:48,108 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [460960946] [2022-11-03 03:59:48,109 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:59:48,109 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 03:59:48,109 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 03:59:48,110 INFO L229 MonitoredProcess]: Starting monitored process 5 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 03:59:48,134 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2022-11-03 03:59:48,300 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:59:48,304 INFO L263 TraceCheckSpWp]: Trace formula consists of 726 conjuncts, 36 conjunts are in the unsatisfiable core [2022-11-03 03:59:48,309 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 03:59:48,954 INFO L134 CoverageAnalysis]: Checked inductivity of 241 backedges. 151 proven. 42 refuted. 0 times theorem prover too weak. 48 trivial. 0 not checked. [2022-11-03 03:59:48,954 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 03:59:49,977 INFO L134 CoverageAnalysis]: Checked inductivity of 241 backedges. 105 proven. 58 refuted. 0 times theorem prover too weak. 78 trivial. 0 not checked. [2022-11-03 03:59:49,978 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [460960946] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 03:59:49,978 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [225598353] [2022-11-03 03:59:49,984 INFO L159 IcfgInterpreter]: Started Sifa with 44 locations of interest [2022-11-03 03:59:49,985 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 03:59:49,985 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 03:59:49,986 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 03:59:49,986 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 03:59:55,116 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 47 for LOIs [2022-11-03 03:59:55,124 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 31 for LOIs [2022-11-03 03:59:55,337 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 60 for LOIs [2022-11-03 03:59:55,753 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 50 for LOIs [2022-11-03 03:59:55,762 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 45 for LOIs [2022-11-03 03:59:55,768 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 36 for LOIs [2022-11-03 03:59:55,770 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 04:00:02,520 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '17644#(and (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~8#1|) (<= 0 (+ |timeShift___utac_acc__Specification2_spec__2_~tmp___0~0#1| 2147483648)) (= ~head~0.offset 0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification2_spec__2_~tmp___0~0#1|) (= 1 ~systemActive~0) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~8#1|) (<= 0 ~methAndRunningLastTime~0) (<= 0 |old(~methAndRunningLastTime~0)|) (<= 0 ~methaneLevelCritical~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (<= |timeShift___utac_acc__Specification2_spec__2_~tmp~1#1| 1) (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp___0~0#1| 0)) (not (= ~methAndRunningLastTime~0 0)) (<= |timeShift___utac_acc__Specification2_spec__2_~tmp___0~0#1| 2147483647) (<= 0 |#StackHeapBarrier|) (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp~1#1| 0)) (= |timeShift___utac_acc__Specification2_spec__2_~tmp~1#1| ~methaneLevelCritical~0) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 04:00:02,520 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 04:00:02,520 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 04:00:02,521 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [18, 13, 13] total 35 [2022-11-03 04:00:02,521 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1588021607] [2022-11-03 04:00:02,521 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 04:00:02,522 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 35 states [2022-11-03 04:00:02,522 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 04:00:02,522 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 35 interpolants. [2022-11-03 04:00:02,524 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=473, Invalid=3817, Unknown=0, NotChecked=0, Total=4290 [2022-11-03 04:00:02,524 INFO L87 Difference]: Start difference. First operand 1211 states and 1382 transitions. Second operand has 35 states, 33 states have (on average 5.2727272727272725) internal successors, (174), 33 states have internal predecessors, (174), 22 states have call successors, (40), 9 states have call predecessors, (40), 14 states have return successors, (42), 18 states have call predecessors, (42), 22 states have call successors, (42) [2022-11-03 04:00:03,661 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 04:00:03,661 INFO L93 Difference]: Finished difference Result 1614 states and 1857 transitions. [2022-11-03 04:00:03,662 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2022-11-03 04:00:03,662 INFO L78 Accepts]: Start accepts. Automaton has has 35 states, 33 states have (on average 5.2727272727272725) internal successors, (174), 33 states have internal predecessors, (174), 22 states have call successors, (40), 9 states have call predecessors, (40), 14 states have return successors, (42), 18 states have call predecessors, (42), 22 states have call successors, (42) Word has length 145 [2022-11-03 04:00:03,662 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 04:00:03,663 INFO L225 Difference]: With dead ends: 1614 [2022-11-03 04:00:03,663 INFO L226 Difference]: Without dead ends: 0 [2022-11-03 04:00:03,668 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 473 GetRequests, 384 SyntacticMatches, 13 SemanticMatches, 76 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3072 ImplicationChecksByTransitivity, 7.9s TimeCoverageRelationStatistics Valid=757, Invalid=5249, Unknown=0, NotChecked=0, Total=6006 [2022-11-03 04:00:03,669 INFO L413 NwaCegarLoop]: 47 mSDtfsCounter, 549 mSDsluCounter, 259 mSDsCounter, 0 mSdLazyCounter, 447 mSolverCounterSat, 373 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 552 SdHoareTripleChecker+Valid, 244 SdHoareTripleChecker+Invalid, 820 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 373 IncrementalHoareTripleChecker+Valid, 447 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2022-11-03 04:00:03,670 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [552 Valid, 244 Invalid, 820 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [373 Valid, 447 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2022-11-03 04:00:03,670 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-03 04:00:03,671 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-03 04:00:03,671 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 04:00:03,671 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-03 04:00:03,672 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 145 [2022-11-03 04:00:03,672 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 04:00:03,672 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-03 04:00:03,672 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 35 states, 33 states have (on average 5.2727272727272725) internal successors, (174), 33 states have internal predecessors, (174), 22 states have call successors, (40), 9 states have call predecessors, (40), 14 states have return successors, (42), 18 states have call predecessors, (42), 22 states have call successors, (42) [2022-11-03 04:00:03,673 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-03 04:00:03,673 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-03 04:00:03,676 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-03 04:00:03,725 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2022-11-03 04:00:03,890 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11,5 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 04:00:03,893 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-03 04:00:11,853 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 370 376) no Hoare annotation was computed. [2022-11-03 04:00:11,854 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 370 376) the Hoare annotation is: true [2022-11-03 04:00:11,854 INFO L895 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 122 133) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)) (.cse2 (not (= ~methAndRunningLastTime~0 0)))) (and (or (not (= ~pumpRunning~0 0)) (not (< 0 ~waterLevel~0)) .cse0 .cse1 (not (<= ~waterLevel~0 1)) .cse2) (or .cse0 .cse1 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) .cse2))) [2022-11-03 04:00:11,855 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 122 133) no Hoare annotation was computed. [2022-11-03 04:00:11,855 INFO L895 garLoopResultBuilder]: At program point L993(line 993) the Hoare annotation is: (let ((.cse0 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or .cse0 .cse1 (not (<= |old(~waterLevel~0)| 2)) (not (<= 2 |old(~waterLevel~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1))) [2022-11-03 04:00:11,855 INFO L899 garLoopResultBuilder]: For program point L350-1(lines 349 368) no Hoare annotation was computed. [2022-11-03 04:00:11,856 INFO L895 garLoopResultBuilder]: At program point L317(line 317) the Hoare annotation is: (let ((.cse11 (= ~methaneLevelCritical~0 0))) (let ((.cse3 (= ~methAndRunningLastTime~0 0)) (.cse2 (= ~pumpRunning~0 0)) (.cse9 (not .cse11)) (.cse10 (= 1 ~systemActive~0))) (let ((.cse4 (= ~waterLevel~0 1)) (.cse7 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse1 (not .cse10)) (.cse8 (< |old(~waterLevel~0)| 2)) (.cse5 (and .cse3 .cse10 (<= ~waterLevel~0 |old(~waterLevel~0)|) (<= |old(~waterLevel~0)| ~waterLevel~0) (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) (not (= ~methaneLevelCritical~0 1))) (or (and .cse2 .cse9) (and .cse11 (= ~pumpRunning~0 1))))) (.cse6 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (and .cse2 .cse3 (= |timeShift_processEnvironment_~tmp~3#1| 1) .cse4) .cse5 .cse6 (not (<= 2 |old(~waterLevel~0)|))) (or .cse7 (and .cse2 .cse3 .cse4) .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1) (or .cse0 .cse1 .cse8 .cse9 (not (= |old(~pumpRunning~0)| 1)) .cse4 .cse6) (or .cse7 .cse0 .cse1 .cse8 .cse5 .cse6))))) [2022-11-03 04:00:11,856 INFO L895 garLoopResultBuilder]: At program point L412(lines 412 420) the Hoare annotation is: (let ((.cse2 (not (<= |old(~waterLevel~0)| 2))) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or .cse0 .cse1 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~methAndRunningLastTime~0 0) (= |timeShift_processEnvironment_~tmp~3#1| 1) (= ~waterLevel~0 1)) .cse2 (not (<= 2 |old(~waterLevel~0)|))) (or .cse3 .cse0 .cse1 (< |old(~waterLevel~0)| 2) .cse2) (or .cse3 .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1))) [2022-11-03 04:00:11,856 INFO L899 garLoopResultBuilder]: For program point L317-1(line 317) no Hoare annotation was computed. [2022-11-03 04:00:11,857 INFO L895 garLoopResultBuilder]: At program point L408(lines 408 425) the Hoare annotation is: (let ((.cse2 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse3 (not (= 1 ~systemActive~0))) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse0 (= ~pumpRunning~0 0))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and .cse0 .cse1 (= ~waterLevel~0 1)) .cse2 (not (= |old(~waterLevel~0)| 1)) .cse3) (or .cse2 .cse3 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse1 (or (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0)) (and (not .cse0) (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))))) (not (<= |old(~waterLevel~0)| 2)) (not (<= 2 |old(~waterLevel~0)|))))) [2022-11-03 04:00:11,857 INFO L899 garLoopResultBuilder]: For program point L323(lines 323 333) no Hoare annotation was computed. [2022-11-03 04:00:11,857 INFO L895 garLoopResultBuilder]: At program point L418(line 418) the Hoare annotation is: (let ((.cse0 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or .cse0 .cse1 (not (<= |old(~waterLevel~0)| 2)) (not (<= 2 |old(~waterLevel~0)|))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1))) [2022-11-03 04:00:11,858 INFO L895 garLoopResultBuilder]: At program point L319(lines 319 336) the Hoare annotation is: (let ((.cse17 (= ~methaneLevelCritical~0 0))) (let ((.cse11 (not (= |old(~pumpRunning~0)| 0))) (.cse4 (= ~methAndRunningLastTime~0 0)) (.cse2 (= ~pumpRunning~0 0)) (.cse14 (not .cse17))) (let ((.cse7 (and .cse2 .cse14)) (.cse8 (and .cse17 (= ~pumpRunning~0 1))) (.cse5 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse13 (and .cse4 (= |timeShift___utac_acc__Specification2_spec__2_~tmp~1#1| 0))) (.cse15 (< |old(~waterLevel~0)| 2)) (.cse16 (and (or .cse11 .cse17) (or .cse14 (not (= |old(~pumpRunning~0)| 1))))) (.cse10 (not (<= |old(~waterLevel~0)| 2))) (.cse6 (not (= ~methaneLevelCritical~0 1))) (.cse9 (= |timeShift___utac_acc__Specification2_spec__2_~tmp~1#1| ~methaneLevelCritical~0)) (.cse0 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse12 (not (= |old(~waterLevel~0)| 1))) (.cse1 (not (= 1 ~systemActive~0))) (.cse3 (= ~waterLevel~0 1))) (and (or .cse0 .cse1 (and .cse2 (= |timeShift_processEnvironment_~tmp~3#1| 1) .cse3) (and .cse4 .cse5 (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse6) (or .cse7 .cse8) .cse9) .cse10 (not (<= 2 |old(~waterLevel~0)|))) (or .cse11 .cse0 .cse12 .cse1 .cse13 .cse14) (or .cse11 .cse0 .cse1 .cse7 .cse8 (not (= |old(~waterLevel~0)| 2))) (or (and .cse14 .cse5) .cse0 .cse1 .cse15 .cse16 (and .cse11 .cse3) .cse10) (or .cse0 .cse1 .cse13 .cse15 .cse16 .cse14 .cse10) (or .cse11 .cse0 .cse12 .cse1 .cse6 .cse9) (or .cse11 .cse0 .cse12 .cse1 (and .cse2 .cse3)))))) [2022-11-03 04:00:11,858 INFO L895 garLoopResultBuilder]: At program point L319-1(lines 311 339) the Hoare annotation is: (let ((.cse19 (= ~methaneLevelCritical~0 0))) (let ((.cse16 (= ~pumpRunning~0 0)) (.cse7 (not (= |old(~pumpRunning~0)| 0))) (.cse4 (not .cse19))) (let ((.cse6 (= |timeShift___utac_acc__Specification2_spec__2_~tmp~1#1| 0)) (.cse2 (< |old(~waterLevel~0)| 2)) (.cse3 (and (or .cse7 .cse19) (or .cse4 (not (= |old(~pumpRunning~0)| 1))))) (.cse8 (not (= |old(~waterLevel~0)| 1))) (.cse0 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse14 (= ~waterLevel~0 1)) (.cse18 (not (= 0 ~systemActive~0))) (.cse12 (and .cse16 .cse4)) (.cse13 (and .cse19 (= ~pumpRunning~0 1))) (.cse17 (= ~methAndRunningLastTime~0 0)) (.cse9 (or (= |timeShift___utac_acc__Specification2_spec__2_~tmp___0~0#1| 0) (= ~pumpRunning~0 |timeShift___utac_acc__Specification2_spec__2_~tmp___0~0#1|))) (.cse15 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse10 (= |timeShift___utac_acc__Specification2_spec__2_~tmp~1#1| ~methaneLevelCritical~0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse11 (not (= ~methaneLevelCritical~0 1)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5 .cse6) (or .cse7 .cse0 .cse8 .cse1 .cse4 .cse6) (or .cse7 .cse0 .cse8 .cse1 (and .cse9 .cse10) .cse11) (or .cse7 .cse0 .cse1 .cse12 .cse13 (not (= |old(~waterLevel~0)| 2))) (or .cse0 .cse1 .cse2 .cse3 (and .cse7 .cse14) .cse5 (and .cse4 .cse9 .cse15)) (or .cse7 .cse0 .cse8 .cse1 (and .cse16 .cse17 .cse14 .cse18)) (let ((.cse20 (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse11))) (or .cse0 .cse1 (and .cse16 .cse17 (= |timeShift_processEnvironment_~tmp~3#1| 1) .cse14 .cse18) (and .cse17 (or .cse19 (not (= |processEnvironment__wrappee__highWaterSensor_isMethaneAlarm_#t~ret16#1| 0))) .cse15 .cse20 (or .cse12 .cse13) (or .cse19 (not (= |isMethaneLevelCritical_#res| 0))) .cse10) (and .cse16 .cse17 .cse4 .cse9 .cse15 .cse20 .cse10) .cse5 (not (<= 2 |old(~waterLevel~0)|)))))))) [2022-11-03 04:00:11,859 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 346 369) the Hoare annotation is: (let ((.cse0 (= ~methAndRunningLastTime~0 0)) (.cse1 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse2 (not (= 1 ~systemActive~0)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) .cse0 (= ~waterLevel~0 1)) .cse1 (not (= |old(~waterLevel~0)| 1)) .cse2) (or (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse1 .cse2 (not (<= |old(~waterLevel~0)| 2)) (not (<= 2 |old(~waterLevel~0)|))))) [2022-11-03 04:00:11,859 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 346 369) no Hoare annotation was computed. [2022-11-03 04:00:11,859 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 993) no Hoare annotation was computed. [2022-11-03 04:00:11,860 INFO L895 garLoopResultBuilder]: At program point L423(line 423) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse2 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse3 (not (= 1 ~systemActive~0))) (.cse4 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (and .cse0 .cse1 (= ~waterLevel~0 1)) .cse2 (not (= |old(~waterLevel~0)| 1)) .cse3) (or .cse2 .cse3 .cse4 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 .cse1) (not (<= 2 |old(~waterLevel~0)|))) (or .cse2 .cse3 (< |old(~waterLevel~0)| 2) (= |old(~waterLevel~0)| ~waterLevel~0) .cse4))) [2022-11-03 04:00:11,860 INFO L895 garLoopResultBuilder]: At program point L423-1(lines 404 428) the Hoare annotation is: (let ((.cse11 (= ~methaneLevelCritical~0 0))) (let ((.cse3 (= ~methAndRunningLastTime~0 0)) (.cse2 (= ~pumpRunning~0 0)) (.cse9 (not .cse11)) (.cse10 (= 1 ~systemActive~0))) (let ((.cse4 (= ~waterLevel~0 1)) (.cse7 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse1 (not .cse10)) (.cse8 (< |old(~waterLevel~0)| 2)) (.cse5 (and .cse3 .cse10 (<= ~waterLevel~0 |old(~waterLevel~0)|) (<= |old(~waterLevel~0)| ~waterLevel~0) (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) (not (= ~methaneLevelCritical~0 1))) (or (and .cse2 .cse9) (and .cse11 (= ~pumpRunning~0 1))))) (.cse6 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 (and .cse2 .cse3 (= |timeShift_processEnvironment_~tmp~3#1| 1) .cse4) .cse5 .cse6 (not (<= 2 |old(~waterLevel~0)|))) (or .cse7 (and .cse2 .cse3 .cse4) .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1) (or .cse0 .cse1 .cse8 .cse9 (not (= |old(~pumpRunning~0)| 1)) .cse4 .cse6) (or .cse7 .cse0 .cse1 .cse8 .cse5 .cse6))))) [2022-11-03 04:00:11,860 INFO L899 garLoopResultBuilder]: For program point L357-1(lines 357 363) no Hoare annotation was computed. [2022-11-03 04:00:11,860 INFO L899 garLoopResultBuilder]: For program point L324(lines 324 330) no Hoare annotation was computed. [2022-11-03 04:00:11,861 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 201 230) no Hoare annotation was computed. [2022-11-03 04:00:11,861 INFO L899 garLoopResultBuilder]: For program point L222(line 222) no Hoare annotation was computed. [2022-11-03 04:00:11,861 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 201 230) the Hoare annotation is: true [2022-11-03 04:00:11,861 INFO L899 garLoopResultBuilder]: For program point L215(lines 215 219) no Hoare annotation was computed. [2022-11-03 04:00:11,861 INFO L902 garLoopResultBuilder]: At program point L215-1(lines 215 219) the Hoare annotation is: true [2022-11-03 04:00:11,862 INFO L902 garLoopResultBuilder]: At program point L211-2(lines 211 225) the Hoare annotation is: true [2022-11-03 04:00:11,862 INFO L902 garLoopResultBuilder]: At program point L207(line 207) the Hoare annotation is: true [2022-11-03 04:00:11,862 INFO L899 garLoopResultBuilder]: For program point L207-1(line 207) no Hoare annotation was computed. [2022-11-03 04:00:11,862 INFO L902 garLoopResultBuilder]: At program point L226(lines 201 230) the Hoare annotation is: true [2022-11-03 04:00:11,862 INFO L902 garLoopResultBuilder]: At program point isMethaneLevelCriticalENTRY(lines 134 142) the Hoare annotation is: true [2022-11-03 04:00:11,863 INFO L899 garLoopResultBuilder]: For program point isMethaneLevelCriticalEXIT(lines 134 142) no Hoare annotation was computed. [2022-11-03 04:00:11,863 INFO L895 garLoopResultBuilder]: At program point L614(lines 567 615) the Hoare annotation is: false [2022-11-03 04:00:11,863 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-03 04:00:11,863 INFO L899 garLoopResultBuilder]: For program point L569(lines 568 613) no Hoare annotation was computed. [2022-11-03 04:00:11,863 INFO L895 garLoopResultBuilder]: At program point L590(line 590) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_main_~tmp~0#1| ~systemActive~0)) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 (= ~pumpRunning~0 0) .cse1 .cse2 .cse3 (= ~waterLevel~0 1)) (and .cse0 .cse1 (<= 2 ~waterLevel~0) .cse2 .cse3 (<= ~waterLevel~0 2)))) [2022-11-03 04:00:11,864 INFO L895 garLoopResultBuilder]: At program point L611(lines 568 613) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_main_~tmp~0#1| ~systemActive~0)) (.cse2 (= ~methAndRunningLastTime~0 0)) (.cse3 (= 1 ~systemActive~0)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse1 (= ~pumpRunning~0 0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 (= ~waterLevel~0 1)) (and .cse0 .cse2 (<= 2 ~waterLevel~0) .cse3 .cse4 (<= ~waterLevel~0 2) (let ((.cse5 (= ~methaneLevelCritical~0 0))) (or (and .cse1 (not .cse5)) (and .cse5 (= ~pumpRunning~0 1))))))) [2022-11-03 04:00:11,864 INFO L899 garLoopResultBuilder]: For program point L578(lines 578 584) no Hoare annotation was computed. [2022-11-03 04:00:11,864 INFO L899 garLoopResultBuilder]: For program point L578-1(lines 578 584) no Hoare annotation was computed. [2022-11-03 04:00:11,864 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-03 04:00:11,865 INFO L895 garLoopResultBuilder]: At program point L286(lines 286 293) the Hoare annotation is: (and (= |ULTIMATE.start_main_~tmp~0#1| ~systemActive~0) (= ~pumpRunning~0 0) (= ~methAndRunningLastTime~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-03 04:00:11,865 INFO L902 garLoopResultBuilder]: At program point L286-2(lines 286 293) the Hoare annotation is: true [2022-11-03 04:00:11,865 INFO L895 garLoopResultBuilder]: At program point L604-2(lines 598 609) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_main_~tmp~0#1| ~systemActive~0)) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 (= ~pumpRunning~0 0) .cse1 .cse2 .cse3 (= ~waterLevel~0 1)) (and .cse0 .cse1 (<= 2 ~waterLevel~0) .cse2 .cse3 (<= ~waterLevel~0 2)))) [2022-11-03 04:00:11,865 INFO L899 garLoopResultBuilder]: For program point L588(lines 588 594) no Hoare annotation was computed. [2022-11-03 04:00:11,865 INFO L899 garLoopResultBuilder]: For program point L588-1(lines 588 594) no Hoare annotation was computed. [2022-11-03 04:00:11,866 INFO L902 garLoopResultBuilder]: At program point L617(lines 558 621) the Hoare annotation is: true [2022-11-03 04:00:11,866 INFO L895 garLoopResultBuilder]: At program point L580(line 580) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_main_~tmp~0#1| ~systemActive~0)) (.cse2 (= ~methAndRunningLastTime~0 0)) (.cse3 (= 1 ~systemActive~0)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse1 (= ~pumpRunning~0 0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 (= ~waterLevel~0 1)) (and .cse0 .cse2 (<= 2 ~waterLevel~0) .cse3 .cse4 (<= ~waterLevel~0 2) (let ((.cse5 (= ~methaneLevelCritical~0 0))) (or (and .cse1 (not .cse5)) (and .cse5 (= ~pumpRunning~0 1))))))) [2022-11-03 04:00:11,866 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 378 402) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= 1 ~systemActive~0))) (.cse3 (not (= ~methAndRunningLastTime~0 0)))) (and (or .cse0 .cse1 .cse2 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) .cse3) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2 .cse3))) [2022-11-03 04:00:11,866 INFO L895 garLoopResultBuilder]: At program point L382(lines 382 399) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= 1 ~systemActive~0))) (.cse3 (not (= ~methAndRunningLastTime~0 0)))) (and (or .cse0 .cse1 .cse2 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) .cse3) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2 .cse3))) [2022-11-03 04:00:11,867 INFO L895 garLoopResultBuilder]: At program point L397(line 397) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methAndRunningLastTime~0 0)))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2) (or .cse0 .cse1 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) .cse2))) [2022-11-03 04:00:11,867 INFO L899 garLoopResultBuilder]: For program point L397-1(lines 378 402) no Hoare annotation was computed. [2022-11-03 04:00:11,867 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 378 402) no Hoare annotation was computed. [2022-11-03 04:00:11,867 INFO L895 garLoopResultBuilder]: At program point L468(line 468) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methAndRunningLastTime~0 0)))) (and (or .cse0 .cse1 (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~2#1| 1)) (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) .cse2) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2))) [2022-11-03 04:00:11,868 INFO L895 garLoopResultBuilder]: At program point L468-1(line 468) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methAndRunningLastTime~0 0)))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2) (or (and (= |processEnvironment__wrappee__highWaterSensor_isMethaneAlarm_#t~ret16#1| ~methaneLevelCritical~0) (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~2#1| 1)) .cse0 .cse1 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) .cse2))) [2022-11-03 04:00:11,868 INFO L895 garLoopResultBuilder]: At program point L392(line 392) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methAndRunningLastTime~0 0)))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2 (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~2#1| 0))) (or .cse0 .cse1 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) .cse2))) [2022-11-03 04:00:11,868 INFO L899 garLoopResultBuilder]: For program point L386(lines 386 394) no Hoare annotation was computed. [2022-11-03 04:00:11,868 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 110 121) no Hoare annotation was computed. [2022-11-03 04:00:11,869 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 110 121) the Hoare annotation is: (let ((.cse0 (not (= ~pumpRunning~0 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methAndRunningLastTime~0 0)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1 (= ~waterLevel~0 1) .cse2) (or (let ((.cse3 (= ~methaneLevelCritical~0 0))) (and (or .cse0 .cse3) (or (not .cse3) (not (= ~pumpRunning~0 1))))) .cse1 (< |old(~waterLevel~0)| 2) (= |old(~waterLevel~0)| ~waterLevel~0) (not (<= |old(~waterLevel~0)| 2)) .cse2))) [2022-11-03 04:00:11,872 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 04:00:11,875 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-03 04:00:11,948 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 03.11 04:00:11 BoogieIcfgContainer [2022-11-03 04:00:11,959 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-03 04:00:11,960 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-03 04:00:11,960 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-03 04:00:11,961 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-03 04:00:11,961 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 03:59:03" (3/4) ... [2022-11-03 04:00:11,965 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-03 04:00:11,973 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-03 04:00:11,974 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-03 04:00:11,974 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-03 04:00:11,974 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-03 04:00:11,974 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2022-11-03 04:00:11,975 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 04:00:11,975 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-03 04:00:11,994 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 81 nodes and edges [2022-11-03 04:00:11,997 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 25 nodes and edges [2022-11-03 04:00:11,999 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 13 nodes and edges [2022-11-03 04:00:12,000 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-03 04:00:12,000 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-11-03 04:00:12,001 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 04:00:12,001 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 04:00:12,036 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && waterLevel == 1)) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) && ((((((pumpRunning == \old(pumpRunning) && methAndRunningLastTime == 0) && \old(waterLevel) == waterLevel) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-11-03 04:00:12,037 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && waterLevel == 1)) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) && ((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || ((pumpRunning == \old(pumpRunning) && methAndRunningLastTime == 0) && ((pumpRunning == 0 && \old(waterLevel) == waterLevel) || (!(pumpRunning == 0) && \old(waterLevel) == waterLevel + 1)))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-11-03 04:00:12,038 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || (((pumpRunning == 0 && methAndRunningLastTime == 0) && tmp == 1) && waterLevel == 1)) || (((((methAndRunningLastTime == 0 && 1 == systemActive) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1)))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && ((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && waterLevel == 1)) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive))) && ((((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || \old(waterLevel) < 2) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || waterLevel == 1) || !(\old(waterLevel) <= 2))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || \old(waterLevel) < 2) || (((((methAndRunningLastTime == 0 && 1 == systemActive) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1)))) || !(\old(waterLevel) <= 2)) [2022-11-03 04:00:12,038 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || waterLevel < 2) || !(methAndRunningLastTime == 0)) && ((((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(1 == systemActive)) || !(methAndRunningLastTime == 0)) [2022-11-03 04:00:12,040 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && tmp == 1) && waterLevel == 1)) || ((((methAndRunningLastTime == 0 && \old(waterLevel) == waterLevel) && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1))) && tmp == methaneLevelCritical)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (methAndRunningLastTime == 0 && tmp == 0)) || !(methaneLevelCritical == 0))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || (pumpRunning == 0 && !(methaneLevelCritical == 0))) || (methaneLevelCritical == 0 && pumpRunning == 1)) || !(\old(waterLevel) == 2))) && (((((((!(methaneLevelCritical == 0) && \old(waterLevel) == waterLevel) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || \old(waterLevel) < 2) || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || (!(\old(pumpRunning) == 0) && waterLevel == 1)) || !(\old(waterLevel) <= 2))) && ((((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || (methAndRunningLastTime == 0 && tmp == 0)) || \old(waterLevel) < 2) || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || tmp == methaneLevelCritical)) && ((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1)) [2022-11-03 04:00:12,041 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || \old(waterLevel) < 2) || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || tmp == 0) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || tmp == 0)) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || ((tmp___0 == 0 || pumpRunning == tmp___0) && tmp == methaneLevelCritical)) || !(methaneLevelCritical == 1))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || (pumpRunning == 0 && !(methaneLevelCritical == 0))) || (methaneLevelCritical == 0 && pumpRunning == 1)) || !(\old(waterLevel) == 2))) && ((((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || \old(waterLevel) < 2) || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || (!(\old(pumpRunning) == 0) && waterLevel == 1)) || !(\old(waterLevel) <= 2)) || ((!(methaneLevelCritical == 0) && (tmp___0 == 0 || pumpRunning == tmp___0)) && \old(waterLevel) == waterLevel))) && ((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((pumpRunning == 0 && methAndRunningLastTime == 0) && waterLevel == 1) && !(0 == systemActive)))) && ((((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || ((((pumpRunning == 0 && methAndRunningLastTime == 0) && tmp == 1) && waterLevel == 1) && !(0 == systemActive))) || ((((((methAndRunningLastTime == 0 && (methaneLevelCritical == 0 || !(aux-isMethaneLevelCritical()-aux == 0))) && \old(waterLevel) == waterLevel) && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1))) && (methaneLevelCritical == 0 || !(\result == 0))) && tmp == methaneLevelCritical)) || ((((((pumpRunning == 0 && methAndRunningLastTime == 0) && !(methaneLevelCritical == 0)) && (tmp___0 == 0 || pumpRunning == tmp___0)) && \old(waterLevel) == waterLevel) && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && tmp == methaneLevelCritical)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-11-03 04:00:12,041 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || !(methAndRunningLastTime == 0)) && (((((((aux-isMethaneLevelCritical()-aux == methaneLevelCritical && pumpRunning == 0) && tmp == 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || !(waterLevel <= 2)) || waterLevel < 2) || !(methAndRunningLastTime == 0)) [2022-11-03 04:00:12,042 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && (((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) [2022-11-03 04:00:12,045 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || (((pumpRunning == \old(pumpRunning) && methAndRunningLastTime == 0) && tmp == 1) && waterLevel == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && ((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || \old(waterLevel) < 2) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) [2022-11-03 04:00:12,110 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/witness.graphml [2022-11-03 04:00:12,111 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-03 04:00:12,112 INFO L158 Benchmark]: Toolchain (without parser) took 70491.00ms. Allocated memory was 125.8MB in the beginning and 610.3MB in the end (delta: 484.4MB). Free memory was 85.6MB in the beginning and 309.6MB in the end (delta: -224.0MB). Peak memory consumption was 260.1MB. Max. memory is 16.1GB. [2022-11-03 04:00:12,112 INFO L158 Benchmark]: CDTParser took 0.27ms. Allocated memory is still 125.8MB. Free memory is still 103.5MB. There was no memory consumed. Max. memory is 16.1GB. [2022-11-03 04:00:12,113 INFO L158 Benchmark]: CACSL2BoogieTranslator took 653.86ms. Allocated memory is still 125.8MB. Free memory was 85.4MB in the beginning and 90.4MB in the end (delta: -5.0MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2022-11-03 04:00:12,113 INFO L158 Benchmark]: Boogie Procedure Inliner took 109.35ms. Allocated memory is still 125.8MB. Free memory was 90.4MB in the beginning and 87.7MB in the end (delta: 2.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-03 04:00:12,114 INFO L158 Benchmark]: Boogie Preprocessor took 60.13ms. Allocated memory is still 125.8MB. Free memory was 87.7MB in the beginning and 86.2MB in the end (delta: 1.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-03 04:00:12,115 INFO L158 Benchmark]: RCFGBuilder took 833.78ms. Allocated memory is still 125.8MB. Free memory was 86.2MB in the beginning and 54.1MB in the end (delta: 32.1MB). Peak memory consumption was 31.5MB. Max. memory is 16.1GB. [2022-11-03 04:00:12,115 INFO L158 Benchmark]: TraceAbstraction took 68672.07ms. Allocated memory was 125.8MB in the beginning and 610.3MB in the end (delta: 484.4MB). Free memory was 53.8MB in the beginning and 315.9MB in the end (delta: -262.1MB). Peak memory consumption was 329.7MB. Max. memory is 16.1GB. [2022-11-03 04:00:12,115 INFO L158 Benchmark]: Witness Printer took 150.79ms. Allocated memory is still 610.3MB. Free memory was 315.9MB in the beginning and 309.6MB in the end (delta: 6.3MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-11-03 04:00:12,119 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.27ms. Allocated memory is still 125.8MB. Free memory is still 103.5MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 653.86ms. Allocated memory is still 125.8MB. Free memory was 85.4MB in the beginning and 90.4MB in the end (delta: -5.0MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 109.35ms. Allocated memory is still 125.8MB. Free memory was 90.4MB in the beginning and 87.7MB in the end (delta: 2.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 60.13ms. Allocated memory is still 125.8MB. Free memory was 87.7MB in the beginning and 86.2MB in the end (delta: 1.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 833.78ms. Allocated memory is still 125.8MB. Free memory was 86.2MB in the beginning and 54.1MB in the end (delta: 32.1MB). Peak memory consumption was 31.5MB. Max. memory is 16.1GB. * TraceAbstraction took 68672.07ms. Allocated memory was 125.8MB in the beginning and 610.3MB in the end (delta: 484.4MB). Free memory was 53.8MB in the beginning and 315.9MB in the end (delta: -262.1MB). Peak memory consumption was 329.7MB. Max. memory is 16.1GB. * Witness Printer took 150.79ms. Allocated memory is still 610.3MB. Free memory was 315.9MB in the beginning and 309.6MB in the end (delta: 6.3MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 993]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 58 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 68.5s, OverallIterations: 12, TraceHistogramMax: 7, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 10.9s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 8.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2945 SdHoareTripleChecker+Valid, 4.7s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2920 mSDsluCounter, 2273 SdHoareTripleChecker+Invalid, 3.9s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2050 mSDsCounter, 1981 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 4394 IncrementalHoareTripleChecker+Invalid, 6375 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 1981 mSolverCounterUnsat, 704 mSDtfsCounter, 4394 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 1248 GetRequests, 902 SyntacticMatches, 24 SemanticMatches, 322 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 11392 ImplicationChecksByTransitivity, 26.4s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1211occurred in iteration=11, InterpolantAutomatonStates: 170, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.7s AutomataMinimizationTime, 12 MinimizatonAttempts, 558 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 34 LocationsWithAnnotation, 2164 PreInvPairs, 2351 NumberOfFragments, 1878 HoareAnnotationTreeSize, 2164 FomulaSimplifications, 7945 FormulaSimplificationTreeSizeReduction, 1.0s HoareSimplificationTime, 34 FomulaSimplificationsInter, 39978 FormulaSimplificationTreeSizeReductionInter, 6.9s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.7s SatisfiabilityAnalysisTime, 8.8s InterpolantComputationTime, 1042 NumberOfCodeBlocks, 1042 NumberOfCodeBlocksAsserted, 16 NumberOfCheckSat, 1329 ConstructedInterpolants, 0 QuantifiedInterpolants, 4583 SizeOfPredicates, 42 NumberOfNonLiveVariables, 2269 ConjunctsInSsa, 116 ConjunctsInUnsatCore, 19 InterpolantComputations, 9 PerfectInterpolantSequences, 960/1233 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 319]: Loop Invariant Derived loop invariant: ((((((((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && tmp == 1) && waterLevel == 1)) || ((((methAndRunningLastTime == 0 && \old(waterLevel) == waterLevel) && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1))) && tmp == methaneLevelCritical)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (methAndRunningLastTime == 0 && tmp == 0)) || !(methaneLevelCritical == 0))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || (pumpRunning == 0 && !(methaneLevelCritical == 0))) || (methaneLevelCritical == 0 && pumpRunning == 1)) || !(\old(waterLevel) == 2))) && (((((((!(methaneLevelCritical == 0) && \old(waterLevel) == waterLevel) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || \old(waterLevel) < 2) || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || (!(\old(pumpRunning) == 0) && waterLevel == 1)) || !(\old(waterLevel) <= 2))) && ((((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || (methAndRunningLastTime == 0 && tmp == 0)) || \old(waterLevel) < 2) || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || tmp == methaneLevelCritical)) && ((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1)) - InvariantResult [Line: 567]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 211]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 346]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && waterLevel == 1)) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) && ((((((pumpRunning == \old(pumpRunning) && methAndRunningLastTime == 0) && \old(waterLevel) == waterLevel) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 404]: Loop Invariant Derived loop invariant: (((((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || (((pumpRunning == 0 && methAndRunningLastTime == 0) && tmp == 1) && waterLevel == 1)) || (((((methAndRunningLastTime == 0 && 1 == systemActive) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1)))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && ((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && waterLevel == 1)) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive))) && ((((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || \old(waterLevel) < 2) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || waterLevel == 1) || !(\old(waterLevel) <= 2))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || \old(waterLevel) < 2) || (((((methAndRunningLastTime == 0 && 1 == systemActive) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1)))) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 311]: Loop Invariant Derived loop invariant: (((((((((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || \old(waterLevel) < 2) || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || tmp == 0) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || tmp == 0)) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || ((tmp___0 == 0 || pumpRunning == tmp___0) && tmp == methaneLevelCritical)) || !(methaneLevelCritical == 1))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || (pumpRunning == 0 && !(methaneLevelCritical == 0))) || (methaneLevelCritical == 0 && pumpRunning == 1)) || !(\old(waterLevel) == 2))) && ((((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || \old(waterLevel) < 2) || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || (!(\old(pumpRunning) == 0) && waterLevel == 1)) || !(\old(waterLevel) <= 2)) || ((!(methaneLevelCritical == 0) && (tmp___0 == 0 || pumpRunning == tmp___0)) && \old(waterLevel) == waterLevel))) && ((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((pumpRunning == 0 && methAndRunningLastTime == 0) && waterLevel == 1) && !(0 == systemActive)))) && ((((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || ((((pumpRunning == 0 && methAndRunningLastTime == 0) && tmp == 1) && waterLevel == 1) && !(0 == systemActive))) || ((((((methAndRunningLastTime == 0 && (methaneLevelCritical == 0 || !(aux-isMethaneLevelCritical()-aux == 0))) && \old(waterLevel) == waterLevel) && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1))) && (methaneLevelCritical == 0 || !(\result == 0))) && tmp == methaneLevelCritical)) || ((((((pumpRunning == 0 && methAndRunningLastTime == 0) && !(methaneLevelCritical == 0)) && (tmp___0 == 0 || pumpRunning == tmp___0)) && \old(waterLevel) == waterLevel) && (pumpRunning == \old(pumpRunning) || !(methaneLevelCritical == 1))) && tmp == methaneLevelCritical)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 286]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 412]: Loop Invariant Derived loop invariant: (((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || (((pumpRunning == \old(pumpRunning) && methAndRunningLastTime == 0) && tmp == 1) && waterLevel == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && ((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || \old(waterLevel) < 2) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) - InvariantResult [Line: 408]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && waterLevel == 1)) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) && ((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || ((pumpRunning == \old(pumpRunning) && methAndRunningLastTime == 0) && ((pumpRunning == 0 && \old(waterLevel) == waterLevel) || (!(pumpRunning == 0) && \old(waterLevel) == waterLevel + 1)))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 468]: Loop Invariant Derived loop invariant: (((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || !(methAndRunningLastTime == 0)) && (((((((aux-isMethaneLevelCritical()-aux == methaneLevelCritical && pumpRunning == 0) && tmp == 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || !(waterLevel <= 2)) || waterLevel < 2) || !(methAndRunningLastTime == 0)) - InvariantResult [Line: 993]: Loop Invariant Derived loop invariant: (((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && (((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) - InvariantResult [Line: 568]: Loop Invariant Derived loop invariant: (((((tmp == systemActive && pumpRunning == 0) && methAndRunningLastTime == 0) && 1 == systemActive) && splverifierCounter == 0) && waterLevel == 1) || ((((((tmp == systemActive && methAndRunningLastTime == 0) && 2 <= waterLevel) && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1))) - InvariantResult [Line: 558]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 201]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 382]: Loop Invariant Derived loop invariant: (((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || waterLevel < 2) || !(methAndRunningLastTime == 0)) && ((((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(1 == systemActive)) || !(methAndRunningLastTime == 0)) - InvariantResult [Line: 286]: Loop Invariant Derived loop invariant: ((((tmp == systemActive && pumpRunning == 0) && methAndRunningLastTime == 0) && methaneLevelCritical == 0) && 1 == systemActive) && waterLevel == 1 RESULT: Ultimate proved your program to be correct! [2022-11-03 04:00:12,216 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_55a73e02-b548-4ffb-8aef-7e9a942183c5/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE