./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec4_product08.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 5e519f3a Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_682c8877-c0ba-4d56-91fe-9c934f8ce23e/bin/utaipan-7li7fVZpFI/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_682c8877-c0ba-4d56-91fe-9c934f8ce23e/bin/utaipan-7li7fVZpFI/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_682c8877-c0ba-4d56-91fe-9c934f8ce23e/bin/utaipan-7li7fVZpFI/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_682c8877-c0ba-4d56-91fe-9c934f8ce23e/bin/utaipan-7li7fVZpFI/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec4_product08.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_682c8877-c0ba-4d56-91fe-9c934f8ce23e/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_682c8877-c0ba-4d56-91fe-9c934f8ce23e/bin/utaipan-7li7fVZpFI --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 315d60eb588d6482efeebc0b747aa91d22e611dd88f8ad5f52fb821083a93df1 --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-5e519f3 [2022-11-03 02:50:07,200 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-03 02:50:07,202 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-03 02:50:07,245 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-03 02:50:07,246 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-03 02:50:07,250 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-03 02:50:07,252 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-03 02:50:07,256 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-03 02:50:07,258 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-03 02:50:07,263 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-03 02:50:07,264 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-03 02:50:07,266 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-03 02:50:07,266 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-03 02:50:07,268 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-03 02:50:07,269 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-03 02:50:07,270 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-03 02:50:07,271 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-03 02:50:07,272 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-03 02:50:07,273 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-03 02:50:07,274 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-03 02:50:07,276 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-03 02:50:07,283 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-03 02:50:07,287 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-03 02:50:07,288 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-03 02:50:07,295 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-03 02:50:07,296 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-03 02:50:07,296 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-03 02:50:07,297 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-03 02:50:07,297 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-03 02:50:07,298 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-03 02:50:07,298 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-03 02:50:07,299 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-03 02:50:07,300 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-03 02:50:07,300 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-03 02:50:07,301 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-03 02:50:07,301 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-03 02:50:07,302 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-03 02:50:07,302 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-03 02:50:07,303 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-03 02:50:07,304 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-03 02:50:07,304 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-03 02:50:07,309 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_682c8877-c0ba-4d56-91fe-9c934f8ce23e/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-03 02:50:07,348 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-03 02:50:07,348 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-03 02:50:07,348 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-03 02:50:07,349 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-03 02:50:07,349 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-03 02:50:07,349 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-03 02:50:07,350 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-03 02:50:07,350 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-03 02:50:07,350 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-03 02:50:07,350 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-03 02:50:07,350 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-03 02:50:07,351 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-03 02:50:07,351 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-03 02:50:07,351 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-03 02:50:07,351 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-03 02:50:07,351 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-03 02:50:07,352 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-03 02:50:07,352 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-03 02:50:07,352 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-03 02:50:07,353 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-03 02:50:07,353 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-03 02:50:07,353 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-03 02:50:07,353 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-03 02:50:07,353 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-03 02:50:07,354 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-03 02:50:07,354 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-03 02:50:07,354 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-03 02:50:07,354 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-03 02:50:07,354 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-03 02:50:07,355 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-03 02:50:07,355 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-03 02:50:07,359 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-03 02:50:07,359 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 02:50:07,360 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-03 02:50:07,360 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-03 02:50:07,360 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-03 02:50:07,360 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-03 02:50:07,360 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-03 02:50:07,360 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-03 02:50:07,360 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-03 02:50:07,361 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-03 02:50:07,361 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_682c8877-c0ba-4d56-91fe-9c934f8ce23e/bin/utaipan-7li7fVZpFI/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_682c8877-c0ba-4d56-91fe-9c934f8ce23e/bin/utaipan-7li7fVZpFI Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 315d60eb588d6482efeebc0b747aa91d22e611dd88f8ad5f52fb821083a93df1 [2022-11-03 02:50:07,616 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-03 02:50:07,640 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-03 02:50:07,643 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-03 02:50:07,644 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-03 02:50:07,645 INFO L275 PluginConnector]: CDTParser initialized [2022-11-03 02:50:07,647 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_682c8877-c0ba-4d56-91fe-9c934f8ce23e/bin/utaipan-7li7fVZpFI/../../sv-benchmarks/c/product-lines/minepump_spec4_product08.cil.c [2022-11-03 02:50:07,720 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_682c8877-c0ba-4d56-91fe-9c934f8ce23e/bin/utaipan-7li7fVZpFI/data/32e0a2ea6/d04a164eb20b43f39f3f7b8dd6c4aa84/FLAGfac3356d4 [2022-11-03 02:50:08,300 INFO L306 CDTParser]: Found 1 translation units. [2022-11-03 02:50:08,300 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_682c8877-c0ba-4d56-91fe-9c934f8ce23e/sv-benchmarks/c/product-lines/minepump_spec4_product08.cil.c [2022-11-03 02:50:08,315 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_682c8877-c0ba-4d56-91fe-9c934f8ce23e/bin/utaipan-7li7fVZpFI/data/32e0a2ea6/d04a164eb20b43f39f3f7b8dd6c4aa84/FLAGfac3356d4 [2022-11-03 02:50:08,650 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_682c8877-c0ba-4d56-91fe-9c934f8ce23e/bin/utaipan-7li7fVZpFI/data/32e0a2ea6/d04a164eb20b43f39f3f7b8dd6c4aa84 [2022-11-03 02:50:08,653 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-03 02:50:08,654 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-03 02:50:08,656 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-03 02:50:08,656 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-03 02:50:08,659 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-03 02:50:08,660 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 02:50:08" (1/1) ... [2022-11-03 02:50:08,661 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6cbcac4f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:50:08, skipping insertion in model container [2022-11-03 02:50:08,662 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 02:50:08" (1/1) ... [2022-11-03 02:50:08,668 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-03 02:50:08,711 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-03 02:50:08,997 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_682c8877-c0ba-4d56-91fe-9c934f8ce23e/sv-benchmarks/c/product-lines/minepump_spec4_product08.cil.c[17389,17402] [2022-11-03 02:50:09,017 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 02:50:09,029 INFO L203 MainTranslator]: Completed pre-run [2022-11-03 02:50:09,097 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_682c8877-c0ba-4d56-91fe-9c934f8ce23e/sv-benchmarks/c/product-lines/minepump_spec4_product08.cil.c[17389,17402] [2022-11-03 02:50:09,098 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 02:50:09,114 INFO L208 MainTranslator]: Completed translation [2022-11-03 02:50:09,115 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:50:09 WrapperNode [2022-11-03 02:50:09,119 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-03 02:50:09,121 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-03 02:50:09,121 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-03 02:50:09,122 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-03 02:50:09,129 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:50:09" (1/1) ... [2022-11-03 02:50:09,147 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:50:09" (1/1) ... [2022-11-03 02:50:09,175 INFO L138 Inliner]: procedures = 52, calls = 151, calls flagged for inlining = 21, calls inlined = 18, statements flattened = 219 [2022-11-03 02:50:09,175 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-03 02:50:09,176 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-03 02:50:09,176 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-03 02:50:09,176 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-03 02:50:09,185 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:50:09" (1/1) ... [2022-11-03 02:50:09,186 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:50:09" (1/1) ... [2022-11-03 02:50:09,188 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:50:09" (1/1) ... [2022-11-03 02:50:09,188 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:50:09" (1/1) ... [2022-11-03 02:50:09,194 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:50:09" (1/1) ... [2022-11-03 02:50:09,199 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:50:09" (1/1) ... [2022-11-03 02:50:09,200 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:50:09" (1/1) ... [2022-11-03 02:50:09,202 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:50:09" (1/1) ... [2022-11-03 02:50:09,204 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-03 02:50:09,205 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-03 02:50:09,205 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-03 02:50:09,205 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-03 02:50:09,206 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:50:09" (1/1) ... [2022-11-03 02:50:09,219 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 02:50:09,239 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_682c8877-c0ba-4d56-91fe-9c934f8ce23e/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:50:09,255 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_682c8877-c0ba-4d56-91fe-9c934f8ce23e/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-03 02:50:09,258 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_682c8877-c0ba-4d56-91fe-9c934f8ce23e/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-03 02:50:09,301 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-03 02:50:09,302 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-03 02:50:09,302 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-03 02:50:09,302 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-03 02:50:09,302 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-03 02:50:09,302 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-03 02:50:09,303 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-03 02:50:09,303 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-03 02:50:09,303 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-03 02:50:09,303 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-11-03 02:50:09,303 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-11-03 02:50:09,303 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-03 02:50:09,304 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-03 02:50:09,304 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-03 02:50:09,304 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-03 02:50:09,305 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-03 02:50:09,410 INFO L235 CfgBuilder]: Building ICFG [2022-11-03 02:50:09,412 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-03 02:50:09,753 INFO L276 CfgBuilder]: Performing block encoding [2022-11-03 02:50:09,838 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-03 02:50:09,839 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-03 02:50:09,841 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 02:50:09 BoogieIcfgContainer [2022-11-03 02:50:09,841 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-03 02:50:09,844 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-03 02:50:09,844 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-03 02:50:09,847 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-03 02:50:09,848 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.11 02:50:08" (1/3) ... [2022-11-03 02:50:09,848 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@171db448 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 02:50:09, skipping insertion in model container [2022-11-03 02:50:09,849 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:50:09" (2/3) ... [2022-11-03 02:50:09,849 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@171db448 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 02:50:09, skipping insertion in model container [2022-11-03 02:50:09,849 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 02:50:09" (3/3) ... [2022-11-03 02:50:09,850 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec4_product08.cil.c [2022-11-03 02:50:09,869 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-03 02:50:09,869 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-03 02:50:09,918 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-03 02:50:09,934 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@223f8eef, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-03 02:50:09,936 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-03 02:50:09,942 INFO L276 IsEmpty]: Start isEmpty. Operand has 52 states, 34 states have (on average 1.4705882352941178) internal successors, (50), 41 states have internal predecessors, (50), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 8 states have call predecessors, (10), 10 states have call successors, (10) [2022-11-03 02:50:09,949 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 13 [2022-11-03 02:50:09,950 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:50:09,950 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:50:09,951 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:50:09,961 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:50:09,962 INFO L85 PathProgramCache]: Analyzing trace with hash -1306583832, now seen corresponding path program 1 times [2022-11-03 02:50:09,974 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:50:09,975 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1134444336] [2022-11-03 02:50:09,976 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:50:09,976 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:50:10,164 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:50:10,299 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:50:10,299 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:50:10,300 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1134444336] [2022-11-03 02:50:10,300 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1134444336] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:50:10,301 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:50:10,301 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-03 02:50:10,303 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1379778735] [2022-11-03 02:50:10,303 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:50:10,307 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-03 02:50:10,309 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:50:10,341 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-03 02:50:10,342 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 02:50:10,345 INFO L87 Difference]: Start difference. First operand has 52 states, 34 states have (on average 1.4705882352941178) internal successors, (50), 41 states have internal predecessors, (50), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 8 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 5.0) internal successors, (10), 2 states have internal predecessors, (10), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 02:50:10,454 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:50:10,456 INFO L93 Difference]: Finished difference Result 102 states and 141 transitions. [2022-11-03 02:50:10,457 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-03 02:50:10,459 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 5.0) internal successors, (10), 2 states have internal predecessors, (10), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 12 [2022-11-03 02:50:10,459 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:50:10,474 INFO L225 Difference]: With dead ends: 102 [2022-11-03 02:50:10,474 INFO L226 Difference]: Without dead ends: 47 [2022-11-03 02:50:10,479 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 02:50:10,483 INFO L413 NwaCegarLoop]: 51 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 16 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 51 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 16 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:50:10,485 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 51 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 16 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:50:10,508 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 47 states. [2022-11-03 02:50:10,536 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 47 to 47. [2022-11-03 02:50:10,538 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 47 states, 31 states have (on average 1.3548387096774193) internal successors, (42), 37 states have internal predecessors, (42), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-03 02:50:10,541 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 47 states to 47 states and 61 transitions. [2022-11-03 02:50:10,543 INFO L78 Accepts]: Start accepts. Automaton has 47 states and 61 transitions. Word has length 12 [2022-11-03 02:50:10,543 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:50:10,544 INFO L495 AbstractCegarLoop]: Abstraction has 47 states and 61 transitions. [2022-11-03 02:50:10,545 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 5.0) internal successors, (10), 2 states have internal predecessors, (10), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 02:50:10,545 INFO L276 IsEmpty]: Start isEmpty. Operand 47 states and 61 transitions. [2022-11-03 02:50:10,547 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 14 [2022-11-03 02:50:10,548 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:50:10,548 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:50:10,548 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-03 02:50:10,549 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:50:10,551 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:50:10,551 INFO L85 PathProgramCache]: Analyzing trace with hash -1904549865, now seen corresponding path program 1 times [2022-11-03 02:50:10,551 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:50:10,552 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1996533496] [2022-11-03 02:50:10,552 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:50:10,552 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:50:10,594 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:50:10,711 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:50:10,711 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:50:10,711 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1996533496] [2022-11-03 02:50:10,712 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1996533496] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:50:10,712 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:50:10,712 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 02:50:10,712 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1459324507] [2022-11-03 02:50:10,712 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:50:10,714 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 02:50:10,714 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:50:10,715 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 02:50:10,715 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 02:50:10,715 INFO L87 Difference]: Start difference. First operand 47 states and 61 transitions. Second operand has 3 states, 3 states have (on average 3.6666666666666665) internal successors, (11), 3 states have internal predecessors, (11), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 02:50:10,754 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:50:10,754 INFO L93 Difference]: Finished difference Result 66 states and 84 transitions. [2022-11-03 02:50:10,755 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 02:50:10,755 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 3.6666666666666665) internal successors, (11), 3 states have internal predecessors, (11), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 13 [2022-11-03 02:50:10,755 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:50:10,756 INFO L225 Difference]: With dead ends: 66 [2022-11-03 02:50:10,757 INFO L226 Difference]: Without dead ends: 39 [2022-11-03 02:50:10,757 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 02:50:10,759 INFO L413 NwaCegarLoop]: 37 mSDtfsCounter, 14 mSDsluCounter, 30 mSDsCounter, 0 mSdLazyCounter, 22 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 18 SdHoareTripleChecker+Valid, 58 SdHoareTripleChecker+Invalid, 22 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 22 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-03 02:50:10,759 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [18 Valid, 58 Invalid, 22 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 22 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-03 02:50:10,760 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 39 states. [2022-11-03 02:50:10,765 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 39 to 39. [2022-11-03 02:50:10,766 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 39 states, 26 states have (on average 1.3846153846153846) internal successors, (36), 32 states have internal predecessors, (36), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 5 states have call predecessors, (7), 7 states have call successors, (7) [2022-11-03 02:50:10,767 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 39 states to 39 states and 50 transitions. [2022-11-03 02:50:10,767 INFO L78 Accepts]: Start accepts. Automaton has 39 states and 50 transitions. Word has length 13 [2022-11-03 02:50:10,767 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:50:10,767 INFO L495 AbstractCegarLoop]: Abstraction has 39 states and 50 transitions. [2022-11-03 02:50:10,768 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 3.6666666666666665) internal successors, (11), 3 states have internal predecessors, (11), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 02:50:10,768 INFO L276 IsEmpty]: Start isEmpty. Operand 39 states and 50 transitions. [2022-11-03 02:50:10,769 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 17 [2022-11-03 02:50:10,769 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:50:10,769 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:50:10,769 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-03 02:50:10,770 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:50:10,770 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:50:10,770 INFO L85 PathProgramCache]: Analyzing trace with hash 191064212, now seen corresponding path program 1 times [2022-11-03 02:50:10,771 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:50:10,771 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [184246429] [2022-11-03 02:50:10,771 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:50:10,771 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:50:10,788 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:50:10,873 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:50:10,873 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:50:10,874 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [184246429] [2022-11-03 02:50:10,874 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [184246429] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:50:10,874 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:50:10,874 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-03 02:50:10,875 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [743731899] [2022-11-03 02:50:10,875 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:50:10,875 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-03 02:50:10,875 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:50:10,876 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-03 02:50:10,876 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-03 02:50:10,877 INFO L87 Difference]: Start difference. First operand 39 states and 50 transitions. Second operand has 4 states, 4 states have (on average 3.75) internal successors, (15), 4 states have internal predecessors, (15), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 02:50:10,960 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:50:10,961 INFO L93 Difference]: Finished difference Result 105 states and 136 transitions. [2022-11-03 02:50:10,961 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-03 02:50:10,961 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 3.75) internal successors, (15), 4 states have internal predecessors, (15), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 16 [2022-11-03 02:50:10,962 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:50:10,963 INFO L225 Difference]: With dead ends: 105 [2022-11-03 02:50:10,964 INFO L226 Difference]: Without dead ends: 68 [2022-11-03 02:50:10,964 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-03 02:50:10,966 INFO L413 NwaCegarLoop]: 41 mSDtfsCounter, 73 mSDsluCounter, 67 mSDsCounter, 0 mSdLazyCounter, 43 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 77 SdHoareTripleChecker+Valid, 89 SdHoareTripleChecker+Invalid, 52 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 43 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:50:10,966 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [77 Valid, 89 Invalid, 52 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 43 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:50:10,967 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 68 states. [2022-11-03 02:50:10,978 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 68 to 65. [2022-11-03 02:50:10,978 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 65 states, 44 states have (on average 1.3863636363636365) internal successors, (61), 53 states have internal predecessors, (61), 11 states have call successors, (11), 9 states have call predecessors, (11), 9 states have return successors, (12), 8 states have call predecessors, (12), 11 states have call successors, (12) [2022-11-03 02:50:10,980 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 65 states to 65 states and 84 transitions. [2022-11-03 02:50:10,980 INFO L78 Accepts]: Start accepts. Automaton has 65 states and 84 transitions. Word has length 16 [2022-11-03 02:50:10,980 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:50:10,980 INFO L495 AbstractCegarLoop]: Abstraction has 65 states and 84 transitions. [2022-11-03 02:50:10,981 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 3.75) internal successors, (15), 4 states have internal predecessors, (15), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 02:50:10,981 INFO L276 IsEmpty]: Start isEmpty. Operand 65 states and 84 transitions. [2022-11-03 02:50:10,982 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2022-11-03 02:50:10,982 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:50:10,982 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:50:10,982 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-03 02:50:10,983 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:50:10,983 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:50:10,983 INFO L85 PathProgramCache]: Analyzing trace with hash 2096232658, now seen corresponding path program 1 times [2022-11-03 02:50:10,983 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:50:10,984 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1956762562] [2022-11-03 02:50:10,984 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:50:10,984 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:50:11,000 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:50:11,305 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:50:11,306 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:50:11,306 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1956762562] [2022-11-03 02:50:11,306 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1956762562] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:50:11,307 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:50:11,307 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-03 02:50:11,307 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1919722890] [2022-11-03 02:50:11,307 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:50:11,308 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-03 02:50:11,309 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:50:11,309 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-03 02:50:11,310 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-11-03 02:50:11,310 INFO L87 Difference]: Start difference. First operand 65 states and 84 transitions. Second operand has 6 states, 6 states have (on average 3.0) internal successors, (18), 5 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 02:50:11,456 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:50:11,457 INFO L93 Difference]: Finished difference Result 194 states and 266 transitions. [2022-11-03 02:50:11,457 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-11-03 02:50:11,458 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 3.0) internal successors, (18), 5 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 19 [2022-11-03 02:50:11,458 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:50:11,459 INFO L225 Difference]: With dead ends: 194 [2022-11-03 02:50:11,460 INFO L226 Difference]: Without dead ends: 131 [2022-11-03 02:50:11,461 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=20, Invalid=36, Unknown=0, NotChecked=0, Total=56 [2022-11-03 02:50:11,462 INFO L413 NwaCegarLoop]: 40 mSDtfsCounter, 78 mSDsluCounter, 138 mSDsCounter, 0 mSdLazyCounter, 72 mSolverCounterSat, 24 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 78 SdHoareTripleChecker+Valid, 155 SdHoareTripleChecker+Invalid, 96 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 24 IncrementalHoareTripleChecker+Valid, 72 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:50:11,463 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [78 Valid, 155 Invalid, 96 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [24 Valid, 72 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:50:11,464 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 131 states. [2022-11-03 02:50:11,480 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 131 to 108. [2022-11-03 02:50:11,481 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 108 states, 77 states have (on average 1.3376623376623376) internal successors, (103), 88 states have internal predecessors, (103), 16 states have call successors, (16), 14 states have call predecessors, (16), 14 states have return successors, (18), 13 states have call predecessors, (18), 16 states have call successors, (18) [2022-11-03 02:50:11,482 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 108 states to 108 states and 137 transitions. [2022-11-03 02:50:11,483 INFO L78 Accepts]: Start accepts. Automaton has 108 states and 137 transitions. Word has length 19 [2022-11-03 02:50:11,483 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:50:11,483 INFO L495 AbstractCegarLoop]: Abstraction has 108 states and 137 transitions. [2022-11-03 02:50:11,484 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 3.0) internal successors, (18), 5 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 02:50:11,484 INFO L276 IsEmpty]: Start isEmpty. Operand 108 states and 137 transitions. [2022-11-03 02:50:11,485 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2022-11-03 02:50:11,485 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:50:11,485 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:50:11,486 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-03 02:50:11,486 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:50:11,486 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:50:11,486 INFO L85 PathProgramCache]: Analyzing trace with hash 1633194727, now seen corresponding path program 1 times [2022-11-03 02:50:11,487 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:50:11,487 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1966455089] [2022-11-03 02:50:11,487 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:50:11,487 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:50:11,505 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:50:11,788 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:50:11,789 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:50:11,789 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1966455089] [2022-11-03 02:50:11,789 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1966455089] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:50:11,789 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:50:11,789 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-11-03 02:50:11,791 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [32323289] [2022-11-03 02:50:11,791 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:50:11,792 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-03 02:50:11,792 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:50:11,793 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-03 02:50:11,796 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=35, Unknown=0, NotChecked=0, Total=56 [2022-11-03 02:50:11,796 INFO L87 Difference]: Start difference. First operand 108 states and 137 transitions. Second operand has 8 states, 7 states have (on average 2.7142857142857144) internal successors, (19), 6 states have internal predecessors, (19), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:50:12,040 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:50:12,040 INFO L93 Difference]: Finished difference Result 229 states and 298 transitions. [2022-11-03 02:50:12,041 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2022-11-03 02:50:12,042 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 2.7142857142857144) internal successors, (19), 6 states have internal predecessors, (19), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 22 [2022-11-03 02:50:12,042 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:50:12,047 INFO L225 Difference]: With dead ends: 229 [2022-11-03 02:50:12,047 INFO L226 Difference]: Without dead ends: 166 [2022-11-03 02:50:12,057 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 9 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=46, Invalid=64, Unknown=0, NotChecked=0, Total=110 [2022-11-03 02:50:12,061 INFO L413 NwaCegarLoop]: 37 mSDtfsCounter, 197 mSDsluCounter, 93 mSDsCounter, 0 mSdLazyCounter, 85 mSolverCounterSat, 81 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 198 SdHoareTripleChecker+Valid, 112 SdHoareTripleChecker+Invalid, 166 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 81 IncrementalHoareTripleChecker+Valid, 85 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-03 02:50:12,064 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [198 Valid, 112 Invalid, 166 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [81 Valid, 85 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-03 02:50:12,065 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 166 states. [2022-11-03 02:50:12,104 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 166 to 157. [2022-11-03 02:50:12,106 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 157 states, 112 states have (on average 1.3125) internal successors, (147), 127 states have internal predecessors, (147), 23 states have call successors, (23), 21 states have call predecessors, (23), 21 states have return successors, (26), 20 states have call predecessors, (26), 23 states have call successors, (26) [2022-11-03 02:50:12,111 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 157 states to 157 states and 196 transitions. [2022-11-03 02:50:12,112 INFO L78 Accepts]: Start accepts. Automaton has 157 states and 196 transitions. Word has length 22 [2022-11-03 02:50:12,112 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:50:12,113 INFO L495 AbstractCegarLoop]: Abstraction has 157 states and 196 transitions. [2022-11-03 02:50:12,113 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 2.7142857142857144) internal successors, (19), 6 states have internal predecessors, (19), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:50:12,113 INFO L276 IsEmpty]: Start isEmpty. Operand 157 states and 196 transitions. [2022-11-03 02:50:12,121 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2022-11-03 02:50:12,122 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:50:12,122 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:50:12,123 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-03 02:50:12,123 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:50:12,123 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:50:12,123 INFO L85 PathProgramCache]: Analyzing trace with hash -1607583920, now seen corresponding path program 1 times [2022-11-03 02:50:12,124 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:50:12,125 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1868955185] [2022-11-03 02:50:12,125 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:50:12,125 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:50:12,142 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:50:12,724 INFO L134 CoverageAnalysis]: Checked inductivity of 16 backedges. 1 proven. 15 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:50:12,724 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:50:12,725 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1868955185] [2022-11-03 02:50:12,725 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1868955185] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:50:12,725 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [636921327] [2022-11-03 02:50:12,725 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:50:12,726 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:50:12,726 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_682c8877-c0ba-4d56-91fe-9c934f8ce23e/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:50:12,731 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_682c8877-c0ba-4d56-91fe-9c934f8ce23e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:50:12,738 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_682c8877-c0ba-4d56-91fe-9c934f8ce23e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-03 02:50:12,837 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:50:12,841 INFO L263 TraceCheckSpWp]: Trace formula consists of 358 conjuncts, 46 conjunts are in the unsatisfiable core [2022-11-03 02:50:12,848 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:50:13,346 INFO L134 CoverageAnalysis]: Checked inductivity of 16 backedges. 0 proven. 8 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-03 02:50:13,347 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 02:50:15,000 INFO L134 CoverageAnalysis]: Checked inductivity of 16 backedges. 0 proven. 16 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:50:15,000 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [636921327] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 02:50:15,001 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [419168342] [2022-11-03 02:50:15,023 INFO L159 IcfgInterpreter]: Started Sifa with 25 locations of interest [2022-11-03 02:50:15,023 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 02:50:15,028 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 02:50:15,034 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 02:50:15,034 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 02:50:26,816 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 45 for LOIs [2022-11-03 02:50:26,825 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 43 for LOIs [2022-11-03 02:50:26,876 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 02:50:31,823 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '2091#(and (<= |timeShift___utac_acc__Specification4_spec__1_~tmp___0~0#1| 2147483647) (= ~pumpRunning~0 |old(~pumpRunning~0)|) (<= 0 (+ |timeShift___utac_acc__Specification4_spec__1_~tmp___0~0#1| 2147483648)) (= ~methaneLevelCritical~0 0) (not (= |timeShift___utac_acc__Specification4_spec__1_~tmp___0~0#1| 0)) (= |timeShift_getWaterLevel_~retValue_acc~1#1| ~waterLevel~0) (= ~head~0.offset 0) (= |timeShift___utac_acc__Specification4_spec__1_~tmp~4#1| |timeShift_getWaterLevel_#res#1|) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~9#1|) (= |timeShift___utac_acc__Specification4_spec__1_~tmp~4#1| 0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| |timeShift_getWaterLevel_#res#1|) (or (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) (= |old(~waterLevel~0)| ~waterLevel~0)) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~9#1|) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification4_spec__1_~tmp___0~0#1|) (= ~head~0.base 0) (= |#NULL.offset| 0) (= 0 ~systemActive~0) (<= 0 |#StackHeapBarrier|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 02:50:31,823 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 02:50:31,823 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 02:50:31,824 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [14, 9, 13] total 30 [2022-11-03 02:50:31,824 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [347998239] [2022-11-03 02:50:31,824 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 02:50:31,825 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 31 states [2022-11-03 02:50:31,825 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:50:31,825 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 31 interpolants. [2022-11-03 02:50:31,826 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=310, Invalid=2342, Unknown=0, NotChecked=0, Total=2652 [2022-11-03 02:50:31,827 INFO L87 Difference]: Start difference. First operand 157 states and 196 transitions. Second operand has 31 states, 26 states have (on average 3.1538461538461537) internal successors, (82), 23 states have internal predecessors, (82), 8 states have call successors, (12), 10 states have call predecessors, (12), 8 states have return successors, (9), 6 states have call predecessors, (9), 6 states have call successors, (9) [2022-11-03 02:50:32,354 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:50:32,355 INFO L93 Difference]: Finished difference Result 207 states and 264 transitions. [2022-11-03 02:50:32,356 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2022-11-03 02:50:32,358 INFO L78 Accepts]: Start accepts. Automaton has has 31 states, 26 states have (on average 3.1538461538461537) internal successors, (82), 23 states have internal predecessors, (82), 8 states have call successors, (12), 10 states have call predecessors, (12), 8 states have return successors, (9), 6 states have call predecessors, (9), 6 states have call successors, (9) Word has length 40 [2022-11-03 02:50:32,359 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:50:32,359 INFO L225 Difference]: With dead ends: 207 [2022-11-03 02:50:32,360 INFO L226 Difference]: Without dead ends: 0 [2022-11-03 02:50:32,363 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 139 GetRequests, 84 SyntacticMatches, 0 SemanticMatches, 55 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1309 ImplicationChecksByTransitivity, 5.8s TimeCoverageRelationStatistics Valid=439, Invalid=2753, Unknown=0, NotChecked=0, Total=3192 [2022-11-03 02:50:32,369 INFO L413 NwaCegarLoop]: 36 mSDtfsCounter, 319 mSDsluCounter, 261 mSDsCounter, 0 mSdLazyCounter, 236 mSolverCounterSat, 158 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 321 SdHoareTripleChecker+Valid, 236 SdHoareTripleChecker+Invalid, 394 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 158 IncrementalHoareTripleChecker+Valid, 236 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-03 02:50:32,370 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [321 Valid, 236 Invalid, 394 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [158 Valid, 236 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-03 02:50:32,371 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-03 02:50:32,371 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-03 02:50:32,371 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 02:50:32,371 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-03 02:50:32,372 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 40 [2022-11-03 02:50:32,372 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:50:32,372 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-03 02:50:32,372 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 31 states, 26 states have (on average 3.1538461538461537) internal successors, (82), 23 states have internal predecessors, (82), 8 states have call successors, (12), 10 states have call predecessors, (12), 8 states have return successors, (9), 6 states have call predecessors, (9), 6 states have call successors, (9) [2022-11-03 02:50:32,373 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-03 02:50:32,373 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-03 02:50:32,375 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-03 02:50:32,410 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_682c8877-c0ba-4d56-91fe-9c934f8ce23e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2022-11-03 02:50:32,603 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_682c8877-c0ba-4d56-91fe-9c934f8ce23e/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable5 [2022-11-03 02:50:32,605 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-03 02:50:33,650 INFO L902 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 739 746) the Hoare annotation is: true [2022-11-03 02:50:33,650 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 739 746) no Hoare annotation was computed. [2022-11-03 02:50:33,650 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 698 704) no Hoare annotation was computed. [2022-11-03 02:50:33,650 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 698 704) the Hoare annotation is: true [2022-11-03 02:50:33,650 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 82 93) the Hoare annotation is: true [2022-11-03 02:50:33,650 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 82 93) no Hoare annotation was computed. [2022-11-03 02:50:33,651 INFO L895 garLoopResultBuilder]: At program point L725(line 725) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (not (= 0 ~systemActive~0)))) (and (or (and .cse0 (= ~waterLevel~0 1) .cse1) .cse2 (not (= |old(~waterLevel~0)| 1))) (or .cse2 (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) (not (= |old(~waterLevel~0)| 2))))) [2022-11-03 02:50:33,651 INFO L895 garLoopResultBuilder]: At program point L725-1(lines 706 730) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (not (= 0 ~systemActive~0)))) (and (or (and .cse0 (= ~waterLevel~0 1) .cse1) .cse2 (not (= |old(~waterLevel~0)| 1))) (or .cse2 (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) (not (= |old(~waterLevel~0)| 2))))) [2022-11-03 02:50:33,651 INFO L895 garLoopResultBuilder]: At program point L685-1(lines 685 691) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 (= ~waterLevel~0 1))) (or .cse0 (and .cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (not (= |old(~waterLevel~0)| 2))))) [2022-11-03 02:50:33,651 INFO L899 garLoopResultBuilder]: For program point L714(lines 714 722) no Hoare annotation was computed. [2022-11-03 02:50:33,651 INFO L895 garLoopResultBuilder]: At program point L710(lines 710 727) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (not (= 0 ~systemActive~0)))) (and (or (and .cse0 (= ~waterLevel~0 1) .cse1) .cse2 (not (= |old(~waterLevel~0)| 1))) (or .cse2 (and .cse0 (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) (not (= |old(~waterLevel~0)| 2))))) [2022-11-03 02:50:33,652 INFO L895 garLoopResultBuilder]: At program point L900(line 900) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 2))) (or .cse0 (not (= |old(~waterLevel~0)| 1))))) [2022-11-03 02:50:33,652 INFO L899 garLoopResultBuilder]: For program point L653(lines 653 659) no Hoare annotation was computed. [2022-11-03 02:50:33,652 INFO L895 garLoopResultBuilder]: At program point L649(lines 649 662) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0))) (and (or .cse0 (not (= |old(~waterLevel~0)| 2)) (and .cse1 (= 2 |timeShift___utac_acc__Specification4_spec__1_~tmp~4#1|) (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 (= |timeShift___utac_acc__Specification4_spec__1_~tmp~4#1| ~waterLevel~0) (= ~waterLevel~0 1))))) [2022-11-03 02:50:33,652 INFO L895 garLoopResultBuilder]: At program point L649-1(lines 641 665) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0))) (and (or .cse0 (not (= |old(~waterLevel~0)| 2)) (and .cse1 (= 2 |timeShift___utac_acc__Specification4_spec__1_~tmp~4#1|) (= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 (= |timeShift___utac_acc__Specification4_spec__1_~tmp~4#1| ~waterLevel~0) (= ~waterLevel~0 1))))) [2022-11-03 02:50:33,652 INFO L899 garLoopResultBuilder]: For program point L678-1(lines 677 696) no Hoare annotation was computed. [2022-11-03 02:50:33,652 INFO L895 garLoopResultBuilder]: At program point L720(line 720) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 2))) (or .cse0 (not (= |old(~waterLevel~0)| 1))))) [2022-11-03 02:50:33,653 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 674 697) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 (= ~waterLevel~0 1))) (or .cse0 (and .cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (not (= |old(~waterLevel~0)| 2))))) [2022-11-03 02:50:33,653 INFO L895 garLoopResultBuilder]: At program point L716(line 716) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 2))) (or .cse0 (not (= |old(~waterLevel~0)| 1))))) [2022-11-03 02:50:33,653 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 674 697) no Hoare annotation was computed. [2022-11-03 02:50:33,653 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 900) no Hoare annotation was computed. [2022-11-03 02:50:33,653 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 176 205) no Hoare annotation was computed. [2022-11-03 02:50:33,653 INFO L899 garLoopResultBuilder]: For program point L190(lines 190 194) no Hoare annotation was computed. [2022-11-03 02:50:33,654 INFO L902 garLoopResultBuilder]: At program point L190-1(lines 190 194) the Hoare annotation is: true [2022-11-03 02:50:33,654 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 176 205) the Hoare annotation is: true [2022-11-03 02:50:33,654 INFO L902 garLoopResultBuilder]: At program point L186-2(lines 186 200) the Hoare annotation is: true [2022-11-03 02:50:33,654 INFO L902 garLoopResultBuilder]: At program point L182(line 182) the Hoare annotation is: true [2022-11-03 02:50:33,654 INFO L899 garLoopResultBuilder]: For program point L182-1(line 182) no Hoare annotation was computed. [2022-11-03 02:50:33,654 INFO L902 garLoopResultBuilder]: At program point L201(lines 176 205) the Hoare annotation is: true [2022-11-03 02:50:33,654 INFO L899 garLoopResultBuilder]: For program point L197(line 197) no Hoare annotation was computed. [2022-11-03 02:50:33,654 INFO L902 garLoopResultBuilder]: At program point L890(lines 827 894) the Hoare annotation is: true [2022-11-03 02:50:33,655 INFO L899 garLoopResultBuilder]: For program point L857(lines 857 863) no Hoare annotation was computed. [2022-11-03 02:50:33,655 INFO L899 garLoopResultBuilder]: For program point L857-1(lines 857 863) no Hoare annotation was computed. [2022-11-03 02:50:33,655 INFO L895 garLoopResultBuilder]: At program point L849(line 849) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1 .cse2) (and .cse0 .cse1 .cse2 (= ~waterLevel~0 1)))) [2022-11-03 02:50:33,655 INFO L895 garLoopResultBuilder]: At program point L259(lines 259 266) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_main_~tmp~0#1| 1) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-11-03 02:50:33,655 INFO L902 garLoopResultBuilder]: At program point L259-2(lines 259 266) the Hoare annotation is: true [2022-11-03 02:50:33,655 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-03 02:50:33,656 INFO L895 garLoopResultBuilder]: At program point L887(lines 836 888) the Hoare annotation is: false [2022-11-03 02:50:33,656 INFO L899 garLoopResultBuilder]: For program point L875(lines 875 881) no Hoare annotation was computed. [2022-11-03 02:50:33,656 INFO L895 garLoopResultBuilder]: At program point L809(line 809) the Hoare annotation is: false [2022-11-03 02:50:33,656 INFO L895 garLoopResultBuilder]: At program point L875-2(lines 867 882) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1 .cse2) (and .cse0 .cse1 .cse2 (= ~waterLevel~0 1)))) [2022-11-03 02:50:33,656 INFO L899 garLoopResultBuilder]: For program point L838(lines 837 886) no Hoare annotation was computed. [2022-11-03 02:50:33,656 INFO L895 garLoopResultBuilder]: At program point L867(lines 867 882) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1 .cse2) (and .cse0 .cse1 .cse2 (= ~waterLevel~0 1)))) [2022-11-03 02:50:33,656 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-03 02:50:33,657 INFO L895 garLoopResultBuilder]: At program point L859(line 859) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1 .cse2) (and .cse0 .cse1 .cse2 (= ~waterLevel~0 1)))) [2022-11-03 02:50:33,657 INFO L895 garLoopResultBuilder]: At program point L884(lines 837 886) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1 .cse2) (and .cse0 .cse1 .cse2 (= ~waterLevel~0 1)))) [2022-11-03 02:50:33,657 INFO L899 garLoopResultBuilder]: For program point L847(lines 847 853) no Hoare annotation was computed. [2022-11-03 02:50:33,657 INFO L899 garLoopResultBuilder]: For program point L847-1(lines 847 853) no Hoare annotation was computed. [2022-11-03 02:50:33,657 INFO L899 garLoopResultBuilder]: For program point L807(lines 807 813) no Hoare annotation was computed. [2022-11-03 02:50:33,657 INFO L895 garLoopResultBuilder]: At program point L807-1(lines 807 813) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1 .cse2) (and .cse0 .cse1 .cse2 (= ~waterLevel~0 1)))) [2022-11-03 02:50:33,657 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 70 81) no Hoare annotation was computed. [2022-11-03 02:50:33,658 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 70 81) the Hoare annotation is: (let ((.cse0 (not (= ~pumpRunning~0 0)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1)) (or .cse0 (not (= |old(~waterLevel~0)| 2)) (= |old(~waterLevel~0)| ~waterLevel~0)))) [2022-11-03 02:50:33,661 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1] [2022-11-03 02:50:33,663 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-03 02:50:33,700 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 03.11 02:50:33 BoogieIcfgContainer [2022-11-03 02:50:33,700 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-03 02:50:33,701 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-03 02:50:33,701 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-03 02:50:33,701 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-03 02:50:33,701 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 02:50:09" (3/4) ... [2022-11-03 02:50:33,704 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-03 02:50:33,709 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-11-03 02:50:33,709 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-03 02:50:33,709 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-03 02:50:33,709 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-03 02:50:33,710 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-03 02:50:33,710 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-03 02:50:33,725 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 66 nodes and edges [2022-11-03 02:50:33,726 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 26 nodes and edges [2022-11-03 02:50:33,726 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 12 nodes and edges [2022-11-03 02:50:33,726 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-03 02:50:33,727 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-11-03 02:50:33,727 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 02:50:33,727 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 02:50:33,754 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) && ((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2)) [2022-11-03 02:50:33,755 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) && ((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2)) [2022-11-03 02:50:33,756 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) && ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && !(0 == systemActive))) || !(\old(waterLevel) == 2)) [2022-11-03 02:50:33,756 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) && ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && !(0 == systemActive))) || !(\old(waterLevel) == 2)) [2022-11-03 02:50:33,757 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) || ((pumpRunning == 0 && 2 == tmp) && \old(waterLevel) == waterLevel)) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == 0 && tmp == waterLevel) && waterLevel == 1)) [2022-11-03 02:50:33,758 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) || ((pumpRunning == 0 && 2 == tmp) && \old(waterLevel) == waterLevel)) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == 0 && tmp == waterLevel) && waterLevel == 1)) [2022-11-03 02:50:33,758 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) && (!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) [2022-11-03 02:50:33,788 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_682c8877-c0ba-4d56-91fe-9c934f8ce23e/bin/utaipan-7li7fVZpFI/witness.graphml [2022-11-03 02:50:33,788 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-03 02:50:33,789 INFO L158 Benchmark]: Toolchain (without parser) took 25134.86ms. Allocated memory was 136.3MB in the beginning and 352.3MB in the end (delta: 216.0MB). Free memory was 105.7MB in the beginning and 158.0MB in the end (delta: -52.3MB). Peak memory consumption was 163.0MB. Max. memory is 16.1GB. [2022-11-03 02:50:33,789 INFO L158 Benchmark]: CDTParser took 0.20ms. Allocated memory is still 102.8MB. Free memory is still 59.4MB. There was no memory consumed. Max. memory is 16.1GB. [2022-11-03 02:50:33,790 INFO L158 Benchmark]: CACSL2BoogieTranslator took 463.80ms. Allocated memory is still 136.3MB. Free memory was 105.3MB in the beginning and 104.2MB in the end (delta: 1.1MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2022-11-03 02:50:33,790 INFO L158 Benchmark]: Boogie Procedure Inliner took 54.26ms. Allocated memory is still 136.3MB. Free memory was 104.2MB in the beginning and 101.7MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-03 02:50:33,790 INFO L158 Benchmark]: Boogie Preprocessor took 28.27ms. Allocated memory is still 136.3MB. Free memory was 101.7MB in the beginning and 100.1MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-03 02:50:33,791 INFO L158 Benchmark]: RCFGBuilder took 636.61ms. Allocated memory is still 136.3MB. Free memory was 100.1MB in the beginning and 75.3MB in the end (delta: 24.7MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2022-11-03 02:50:33,791 INFO L158 Benchmark]: TraceAbstraction took 23856.26ms. Allocated memory was 136.3MB in the beginning and 352.3MB in the end (delta: 216.0MB). Free memory was 74.4MB in the beginning and 163.3MB in the end (delta: -88.9MB). Peak memory consumption was 128.1MB. Max. memory is 16.1GB. [2022-11-03 02:50:33,791 INFO L158 Benchmark]: Witness Printer took 87.92ms. Allocated memory is still 352.3MB. Free memory was 163.3MB in the beginning and 158.0MB in the end (delta: 5.2MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-03 02:50:33,796 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.20ms. Allocated memory is still 102.8MB. Free memory is still 59.4MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 463.80ms. Allocated memory is still 136.3MB. Free memory was 105.3MB in the beginning and 104.2MB in the end (delta: 1.1MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 54.26ms. Allocated memory is still 136.3MB. Free memory was 104.2MB in the beginning and 101.7MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 28.27ms. Allocated memory is still 136.3MB. Free memory was 101.7MB in the beginning and 100.1MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 636.61ms. Allocated memory is still 136.3MB. Free memory was 100.1MB in the beginning and 75.3MB in the end (delta: 24.7MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * TraceAbstraction took 23856.26ms. Allocated memory was 136.3MB in the beginning and 352.3MB in the end (delta: 216.0MB). Free memory was 74.4MB in the beginning and 163.3MB in the end (delta: -88.9MB). Peak memory consumption was 128.1MB. Max. memory is 16.1GB. * Witness Printer took 87.92ms. Allocated memory is still 352.3MB. Free memory was 163.3MB in the beginning and 158.0MB in the end (delta: 5.2MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 900]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 52 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 23.8s, OverallIterations: 6, TraceHistogramMax: 2, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 1.3s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 1.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 692 SdHoareTripleChecker+Valid, 0.7s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 681 mSDsluCounter, 701 SdHoareTripleChecker+Invalid, 0.6s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 589 mSDsCounter, 273 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 474 IncrementalHoareTripleChecker+Invalid, 747 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 273 mSolverCounterUnsat, 242 mSDtfsCounter, 474 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 169 GetRequests, 95 SyntacticMatches, 0 SemanticMatches, 74 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1320 ImplicationChecksByTransitivity, 6.0s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=157occurred in iteration=5, InterpolantAutomatonStates: 35, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.1s AutomataMinimizationTime, 6 MinimizatonAttempts, 35 StatesRemovedByMinimization, 3 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 31 LocationsWithAnnotation, 257 PreInvPairs, 324 NumberOfFragments, 538 HoareAnnotationTreeSize, 257 FomulaSimplifications, 696 FormulaSimplificationTreeSizeReduction, 0.1s HoareSimplificationTime, 31 FomulaSimplificationsInter, 2265 FormulaSimplificationTreeSizeReductionInter, 1.0s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.0s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 3.7s InterpolantComputationTime, 162 NumberOfCodeBlocks, 162 NumberOfCodeBlocksAsserted, 7 NumberOfCheckSat, 194 ConstructedInterpolants, 0 QuantifiedInterpolants, 2016 SizeOfPredicates, 9 NumberOfNonLiveVariables, 358 ConjunctsInSsa, 46 ConjunctsInUnsatCore, 8 InterpolantComputations, 5 PerfectInterpolantSequences, 9/48 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 827]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 259]: Loop Invariant Derived loop invariant: ((pumpRunning == 0 && tmp == 1) && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 710]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) && ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && !(0 == systemActive))) || !(\old(waterLevel) == 2)) - InvariantResult [Line: 685]: Loop Invariant Derived loop invariant: ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) && ((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2)) - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 176]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 649]: Loop Invariant Derived loop invariant: ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) || ((pumpRunning == 0 && 2 == tmp) && \old(waterLevel) == waterLevel)) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == 0 && tmp == waterLevel) && waterLevel == 1)) - InvariantResult [Line: 836]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 807]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && 2 == waterLevel) && tmp == 1) && splverifierCounter == 0) || (((pumpRunning == 0 && tmp == 1) && splverifierCounter == 0) && waterLevel == 1) - InvariantResult [Line: 674]: Loop Invariant Derived loop invariant: ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) && ((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2)) - InvariantResult [Line: 837]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && 2 == waterLevel) && tmp == 1) && splverifierCounter == 0) || (((pumpRunning == 0 && tmp == 1) && splverifierCounter == 0) && waterLevel == 1) - InvariantResult [Line: 867]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && 2 == waterLevel) && tmp == 1) && splverifierCounter == 0) || (((pumpRunning == 0 && tmp == 1) && splverifierCounter == 0) && waterLevel == 1) - InvariantResult [Line: 900]: Loop Invariant Derived loop invariant: (!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) && (!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) - InvariantResult [Line: 641]: Loop Invariant Derived loop invariant: ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 2)) || ((pumpRunning == 0 && 2 == tmp) && \old(waterLevel) == waterLevel)) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == 0 && tmp == waterLevel) && waterLevel == 1)) - InvariantResult [Line: 259]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 186]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 706]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) && ((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && !(0 == systemActive))) || !(\old(waterLevel) == 2)) RESULT: Ultimate proved your program to be correct! [2022-11-03 02:50:33,875 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_682c8877-c0ba-4d56-91fe-9c934f8ce23e/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE