./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec4_product52.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 5e519f3a Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec4_product52.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash e4fc698cb41b54b4c4983dda7de32b2f9c78701d9e96fbbf9a36472a5bdbde25 --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-5e519f3 [2022-11-03 03:46:02,523 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-03 03:46:02,525 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-03 03:46:02,562 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-03 03:46:02,562 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-03 03:46:02,565 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-03 03:46:02,566 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-03 03:46:02,570 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-03 03:46:02,571 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-03 03:46:02,572 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-03 03:46:02,573 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-03 03:46:02,574 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-03 03:46:02,575 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-03 03:46:02,576 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-03 03:46:02,577 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-03 03:46:02,580 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-03 03:46:02,582 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-03 03:46:02,586 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-03 03:46:02,588 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-03 03:46:02,590 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-03 03:46:02,596 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-03 03:46:02,597 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-03 03:46:02,598 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-03 03:46:02,599 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-03 03:46:02,602 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-03 03:46:02,603 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-03 03:46:02,603 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-03 03:46:02,604 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-03 03:46:02,604 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-03 03:46:02,605 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-03 03:46:02,606 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-03 03:46:02,606 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-03 03:46:02,607 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-03 03:46:02,608 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-03 03:46:02,609 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-03 03:46:02,609 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-03 03:46:02,610 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-03 03:46:02,610 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-03 03:46:02,611 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-03 03:46:02,612 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-03 03:46:02,612 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-03 03:46:02,613 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-03 03:46:02,638 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-03 03:46:02,638 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-03 03:46:02,639 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-03 03:46:02,639 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-03 03:46:02,640 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-03 03:46:02,640 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-03 03:46:02,640 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-03 03:46:02,640 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-03 03:46:02,641 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-03 03:46:02,641 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-03 03:46:02,641 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-03 03:46:02,641 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-03 03:46:02,642 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-03 03:46:02,642 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-03 03:46:02,642 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-03 03:46:02,642 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-03 03:46:02,642 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-03 03:46:02,643 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-03 03:46:02,643 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-03 03:46:02,643 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-03 03:46:02,644 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-03 03:46:02,644 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-03 03:46:02,644 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-03 03:46:02,644 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-03 03:46:02,644 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-03 03:46:02,645 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-03 03:46:02,645 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-03 03:46:02,645 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-03 03:46:02,645 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-03 03:46:02,645 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-03 03:46:02,646 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-03 03:46:02,646 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-03 03:46:02,646 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 03:46:02,646 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-03 03:46:02,646 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-03 03:46:02,647 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-03 03:46:02,647 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-03 03:46:02,647 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-03 03:46:02,647 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-03 03:46:02,647 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-03 03:46:02,647 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-03 03:46:02,648 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> e4fc698cb41b54b4c4983dda7de32b2f9c78701d9e96fbbf9a36472a5bdbde25 [2022-11-03 03:46:02,925 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-03 03:46:02,954 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-03 03:46:02,957 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-03 03:46:02,958 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-03 03:46:02,959 INFO L275 PluginConnector]: CDTParser initialized [2022-11-03 03:46:02,960 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/../../sv-benchmarks/c/product-lines/minepump_spec4_product52.cil.c [2022-11-03 03:46:03,027 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/data/bb844b747/6811d5b6914a41a580331759edb65a66/FLAGa7661c62e [2022-11-03 03:46:03,547 INFO L306 CDTParser]: Found 1 translation units. [2022-11-03 03:46:03,547 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/sv-benchmarks/c/product-lines/minepump_spec4_product52.cil.c [2022-11-03 03:46:03,562 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/data/bb844b747/6811d5b6914a41a580331759edb65a66/FLAGa7661c62e [2022-11-03 03:46:03,853 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/data/bb844b747/6811d5b6914a41a580331759edb65a66 [2022-11-03 03:46:03,859 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-03 03:46:03,860 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-03 03:46:03,862 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-03 03:46:03,862 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-03 03:46:03,865 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-03 03:46:03,866 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 03:46:03" (1/1) ... [2022-11-03 03:46:03,867 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@39cd7597 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:46:03, skipping insertion in model container [2022-11-03 03:46:03,867 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 03:46:03" (1/1) ... [2022-11-03 03:46:03,875 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-03 03:46:03,910 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-03 03:46:04,294 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/sv-benchmarks/c/product-lines/minepump_spec4_product52.cil.c[18431,18444] [2022-11-03 03:46:04,298 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 03:46:04,307 INFO L203 MainTranslator]: Completed pre-run [2022-11-03 03:46:04,420 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/sv-benchmarks/c/product-lines/minepump_spec4_product52.cil.c[18431,18444] [2022-11-03 03:46:04,422 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 03:46:04,438 INFO L208 MainTranslator]: Completed translation [2022-11-03 03:46:04,438 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:46:04 WrapperNode [2022-11-03 03:46:04,439 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-03 03:46:04,440 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-03 03:46:04,440 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-03 03:46:04,440 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-03 03:46:04,450 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:46:04" (1/1) ... [2022-11-03 03:46:04,472 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:46:04" (1/1) ... [2022-11-03 03:46:04,503 INFO L138 Inliner]: procedures = 57, calls = 157, calls flagged for inlining = 25, calls inlined = 21, statements flattened = 263 [2022-11-03 03:46:04,504 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-03 03:46:04,504 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-03 03:46:04,505 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-03 03:46:04,505 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-03 03:46:04,519 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:46:04" (1/1) ... [2022-11-03 03:46:04,519 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:46:04" (1/1) ... [2022-11-03 03:46:04,521 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:46:04" (1/1) ... [2022-11-03 03:46:04,522 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:46:04" (1/1) ... [2022-11-03 03:46:04,533 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:46:04" (1/1) ... [2022-11-03 03:46:04,538 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:46:04" (1/1) ... [2022-11-03 03:46:04,539 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:46:04" (1/1) ... [2022-11-03 03:46:04,541 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:46:04" (1/1) ... [2022-11-03 03:46:04,543 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-03 03:46:04,544 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-03 03:46:04,544 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-03 03:46:04,544 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-03 03:46:04,545 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:46:04" (1/1) ... [2022-11-03 03:46:04,552 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 03:46:04,564 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 03:46:04,576 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-03 03:46:04,590 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-03 03:46:04,633 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-03 03:46:04,633 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-03 03:46:04,634 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-03 03:46:04,634 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-03 03:46:04,634 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-03 03:46:04,634 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-03 03:46:04,634 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-03 03:46:04,635 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 03:46:04,635 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 03:46:04,635 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-03 03:46:04,635 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-03 03:46:04,635 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-11-03 03:46:04,635 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-11-03 03:46:04,636 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-03 03:46:04,636 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-03 03:46:04,636 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-03 03:46:04,636 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-03 03:46:04,636 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-03 03:46:04,716 INFO L235 CfgBuilder]: Building ICFG [2022-11-03 03:46:04,718 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-03 03:46:05,100 INFO L276 CfgBuilder]: Performing block encoding [2022-11-03 03:46:05,323 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-03 03:46:05,323 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-03 03:46:05,326 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 03:46:05 BoogieIcfgContainer [2022-11-03 03:46:05,326 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-03 03:46:05,329 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-03 03:46:05,329 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-03 03:46:05,332 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-03 03:46:05,333 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.11 03:46:03" (1/3) ... [2022-11-03 03:46:05,333 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@45b879a4 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 03:46:05, skipping insertion in model container [2022-11-03 03:46:05,334 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:46:04" (2/3) ... [2022-11-03 03:46:05,334 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@45b879a4 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 03:46:05, skipping insertion in model container [2022-11-03 03:46:05,334 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 03:46:05" (3/3) ... [2022-11-03 03:46:05,335 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec4_product52.cil.c [2022-11-03 03:46:05,376 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-03 03:46:05,376 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-03 03:46:05,425 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-03 03:46:05,432 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@3523009b, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-03 03:46:05,432 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-03 03:46:05,437 INFO L276 IsEmpty]: Start isEmpty. Operand has 59 states, 38 states have (on average 1.4736842105263157) internal successors, (56), 47 states have internal predecessors, (56), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 9 states have call predecessors, (12), 12 states have call successors, (12) [2022-11-03 03:46:05,445 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 13 [2022-11-03 03:46:05,445 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:46:05,446 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:46:05,447 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:46:05,452 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:46:05,452 INFO L85 PathProgramCache]: Analyzing trace with hash 555886138, now seen corresponding path program 1 times [2022-11-03 03:46:05,462 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:46:05,463 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1304706550] [2022-11-03 03:46:05,463 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:46:05,463 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:46:05,646 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:46:05,771 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 03:46:05,772 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:46:05,772 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1304706550] [2022-11-03 03:46:05,773 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1304706550] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 03:46:05,773 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 03:46:05,773 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-03 03:46:05,775 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2016220916] [2022-11-03 03:46:05,776 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 03:46:05,780 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-03 03:46:05,780 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:46:05,813 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-03 03:46:05,814 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 03:46:05,817 INFO L87 Difference]: Start difference. First operand has 59 states, 38 states have (on average 1.4736842105263157) internal successors, (56), 47 states have internal predecessors, (56), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 9 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 5.0) internal successors, (10), 2 states have internal predecessors, (10), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 03:46:05,944 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:46:05,945 INFO L93 Difference]: Finished difference Result 116 states and 161 transitions. [2022-11-03 03:46:05,946 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-03 03:46:05,947 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 5.0) internal successors, (10), 2 states have internal predecessors, (10), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 12 [2022-11-03 03:46:05,948 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:46:05,957 INFO L225 Difference]: With dead ends: 116 [2022-11-03 03:46:05,957 INFO L226 Difference]: Without dead ends: 54 [2022-11-03 03:46:05,961 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 03:46:05,968 INFO L413 NwaCegarLoop]: 59 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 59 SdHoareTripleChecker+Invalid, 19 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 03:46:05,969 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 59 Invalid, 19 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 03:46:05,990 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 54 states. [2022-11-03 03:46:06,016 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 54 to 54. [2022-11-03 03:46:06,018 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 54 states, 35 states have (on average 1.3714285714285714) internal successors, (48), 43 states have internal predecessors, (48), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 8 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-03 03:46:06,020 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 54 states to 54 states and 71 transitions. [2022-11-03 03:46:06,021 INFO L78 Accepts]: Start accepts. Automaton has 54 states and 71 transitions. Word has length 12 [2022-11-03 03:46:06,022 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:46:06,022 INFO L495 AbstractCegarLoop]: Abstraction has 54 states and 71 transitions. [2022-11-03 03:46:06,023 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 5.0) internal successors, (10), 2 states have internal predecessors, (10), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 03:46:06,023 INFO L276 IsEmpty]: Start isEmpty. Operand 54 states and 71 transitions. [2022-11-03 03:46:06,027 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 14 [2022-11-03 03:46:06,027 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:46:06,028 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:46:06,029 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-03 03:46:06,029 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:46:06,030 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:46:06,030 INFO L85 PathProgramCache]: Analyzing trace with hash -1109866528, now seen corresponding path program 1 times [2022-11-03 03:46:06,030 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:46:06,031 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1383755068] [2022-11-03 03:46:06,031 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:46:06,031 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:46:06,053 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:46:06,165 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 03:46:06,166 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:46:06,166 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1383755068] [2022-11-03 03:46:06,166 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1383755068] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 03:46:06,166 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 03:46:06,167 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 03:46:06,167 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1484583365] [2022-11-03 03:46:06,167 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 03:46:06,168 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 03:46:06,169 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:46:06,169 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 03:46:06,170 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 03:46:06,170 INFO L87 Difference]: Start difference. First operand 54 states and 71 transitions. Second operand has 3 states, 3 states have (on average 3.6666666666666665) internal successors, (11), 3 states have internal predecessors, (11), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 03:46:06,234 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:46:06,234 INFO L93 Difference]: Finished difference Result 80 states and 104 transitions. [2022-11-03 03:46:06,235 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 03:46:06,235 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 3.6666666666666665) internal successors, (11), 3 states have internal predecessors, (11), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 13 [2022-11-03 03:46:06,235 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:46:06,237 INFO L225 Difference]: With dead ends: 80 [2022-11-03 03:46:06,237 INFO L226 Difference]: Without dead ends: 46 [2022-11-03 03:46:06,243 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 03:46:06,245 INFO L413 NwaCegarLoop]: 45 mSDtfsCounter, 14 mSDsluCounter, 40 mSDsCounter, 0 mSdLazyCounter, 26 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 18 SdHoareTripleChecker+Valid, 74 SdHoareTripleChecker+Invalid, 26 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 26 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-03 03:46:06,246 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [18 Valid, 74 Invalid, 26 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 26 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-03 03:46:06,247 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 46 states. [2022-11-03 03:46:06,253 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 46 to 46. [2022-11-03 03:46:06,253 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 46 states, 30 states have (on average 1.4) internal successors, (42), 38 states have internal predecessors, (42), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 6 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-03 03:46:06,255 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 46 states to 46 states and 60 transitions. [2022-11-03 03:46:06,258 INFO L78 Accepts]: Start accepts. Automaton has 46 states and 60 transitions. Word has length 13 [2022-11-03 03:46:06,258 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:46:06,258 INFO L495 AbstractCegarLoop]: Abstraction has 46 states and 60 transitions. [2022-11-03 03:46:06,259 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 3.6666666666666665) internal successors, (11), 3 states have internal predecessors, (11), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 03:46:06,259 INFO L276 IsEmpty]: Start isEmpty. Operand 46 states and 60 transitions. [2022-11-03 03:46:06,260 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 17 [2022-11-03 03:46:06,261 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:46:06,262 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:46:06,262 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-03 03:46:06,262 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:46:06,263 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:46:06,263 INFO L85 PathProgramCache]: Analyzing trace with hash -1778580732, now seen corresponding path program 1 times [2022-11-03 03:46:06,263 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:46:06,264 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [230735703] [2022-11-03 03:46:06,264 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:46:06,265 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:46:06,296 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:46:06,380 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 03:46:06,380 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:46:06,380 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [230735703] [2022-11-03 03:46:06,380 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [230735703] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 03:46:06,381 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 03:46:06,381 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 03:46:06,382 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1850318844] [2022-11-03 03:46:06,383 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 03:46:06,383 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 03:46:06,383 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:46:06,384 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 03:46:06,384 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 03:46:06,385 INFO L87 Difference]: Start difference. First operand 46 states and 60 transitions. Second operand has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 03:46:06,521 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:46:06,522 INFO L93 Difference]: Finished difference Result 134 states and 177 transitions. [2022-11-03 03:46:06,522 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 03:46:06,522 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 16 [2022-11-03 03:46:06,523 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:46:06,524 INFO L225 Difference]: With dead ends: 134 [2022-11-03 03:46:06,529 INFO L226 Difference]: Without dead ends: 90 [2022-11-03 03:46:06,529 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 03:46:06,531 INFO L413 NwaCegarLoop]: 57 mSDtfsCounter, 54 mSDsluCounter, 54 mSDsCounter, 0 mSdLazyCounter, 33 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 54 SdHoareTripleChecker+Valid, 100 SdHoareTripleChecker+Invalid, 34 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 33 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 03:46:06,531 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [54 Valid, 100 Invalid, 34 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 33 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 03:46:06,532 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 90 states. [2022-11-03 03:46:06,556 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 90 to 87. [2022-11-03 03:46:06,556 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 87 states, 56 states have (on average 1.4107142857142858) internal successors, (79), 71 states have internal predecessors, (79), 18 states have call successors, (18), 12 states have call predecessors, (18), 12 states have return successors, (18), 11 states have call predecessors, (18), 18 states have call successors, (18) [2022-11-03 03:46:06,562 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 87 states to 87 states and 115 transitions. [2022-11-03 03:46:06,562 INFO L78 Accepts]: Start accepts. Automaton has 87 states and 115 transitions. Word has length 16 [2022-11-03 03:46:06,562 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:46:06,563 INFO L495 AbstractCegarLoop]: Abstraction has 87 states and 115 transitions. [2022-11-03 03:46:06,563 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 03:46:06,563 INFO L276 IsEmpty]: Start isEmpty. Operand 87 states and 115 transitions. [2022-11-03 03:46:06,566 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2022-11-03 03:46:06,566 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:46:06,566 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:46:06,566 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-03 03:46:06,567 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:46:06,567 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:46:06,568 INFO L85 PathProgramCache]: Analyzing trace with hash -1081800208, now seen corresponding path program 1 times [2022-11-03 03:46:06,568 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:46:06,568 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1429450537] [2022-11-03 03:46:06,568 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:46:06,571 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:46:06,605 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:46:06,893 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 03:46:06,893 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:46:06,893 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1429450537] [2022-11-03 03:46:06,894 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1429450537] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 03:46:06,894 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 03:46:06,894 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-03 03:46:06,894 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1625876486] [2022-11-03 03:46:06,894 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 03:46:06,895 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-03 03:46:06,896 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:46:06,897 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-03 03:46:06,897 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=8, Invalid=12, Unknown=0, NotChecked=0, Total=20 [2022-11-03 03:46:06,898 INFO L87 Difference]: Start difference. First operand 87 states and 115 transitions. Second operand has 5 states, 5 states have (on average 3.6) internal successors, (18), 4 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 03:46:07,097 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:46:07,097 INFO L93 Difference]: Finished difference Result 289 states and 386 transitions. [2022-11-03 03:46:07,097 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-11-03 03:46:07,098 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 3.6) internal successors, (18), 4 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 19 [2022-11-03 03:46:07,098 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:46:07,108 INFO L225 Difference]: With dead ends: 289 [2022-11-03 03:46:07,108 INFO L226 Difference]: Without dead ends: 204 [2022-11-03 03:46:07,112 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=18, Invalid=24, Unknown=0, NotChecked=0, Total=42 [2022-11-03 03:46:07,115 INFO L413 NwaCegarLoop]: 55 mSDtfsCounter, 66 mSDsluCounter, 184 mSDsCounter, 0 mSdLazyCounter, 87 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 66 SdHoareTripleChecker+Valid, 211 SdHoareTripleChecker+Invalid, 97 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 87 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 03:46:07,116 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [66 Valid, 211 Invalid, 97 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 87 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 03:46:07,117 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 204 states. [2022-11-03 03:46:07,170 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 204 to 187. [2022-11-03 03:46:07,173 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 187 states, 130 states have (on average 1.3307692307692307) internal successors, (173), 150 states have internal predecessors, (173), 29 states have call successors, (29), 23 states have call predecessors, (29), 27 states have return successors, (33), 26 states have call predecessors, (33), 29 states have call successors, (33) [2022-11-03 03:46:07,178 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 187 states to 187 states and 235 transitions. [2022-11-03 03:46:07,178 INFO L78 Accepts]: Start accepts. Automaton has 187 states and 235 transitions. Word has length 19 [2022-11-03 03:46:07,179 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:46:07,179 INFO L495 AbstractCegarLoop]: Abstraction has 187 states and 235 transitions. [2022-11-03 03:46:07,179 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 3.6) internal successors, (18), 4 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 03:46:07,179 INFO L276 IsEmpty]: Start isEmpty. Operand 187 states and 235 transitions. [2022-11-03 03:46:07,181 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2022-11-03 03:46:07,182 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:46:07,182 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:46:07,182 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-03 03:46:07,182 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:46:07,183 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:46:07,183 INFO L85 PathProgramCache]: Analyzing trace with hash -1389860552, now seen corresponding path program 1 times [2022-11-03 03:46:07,183 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:46:07,183 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [413224856] [2022-11-03 03:46:07,183 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:46:07,184 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:46:07,221 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:46:07,495 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 03:46:07,495 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:46:07,495 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [413224856] [2022-11-03 03:46:07,496 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [413224856] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 03:46:07,496 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 03:46:07,496 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-11-03 03:46:07,496 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [134513272] [2022-11-03 03:46:07,496 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 03:46:07,497 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-03 03:46:07,497 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:46:07,498 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-03 03:46:07,498 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=39, Unknown=0, NotChecked=0, Total=56 [2022-11-03 03:46:07,498 INFO L87 Difference]: Start difference. First operand 187 states and 235 transitions. Second operand has 8 states, 7 states have (on average 2.7142857142857144) internal successors, (19), 6 states have internal predecessors, (19), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 03:46:07,993 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:46:07,993 INFO L93 Difference]: Finished difference Result 540 states and 710 transitions. [2022-11-03 03:46:07,993 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-11-03 03:46:07,994 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 2.7142857142857144) internal successors, (19), 6 states have internal predecessors, (19), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 22 [2022-11-03 03:46:07,994 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:46:07,997 INFO L225 Difference]: With dead ends: 540 [2022-11-03 03:46:07,997 INFO L226 Difference]: Without dead ends: 455 [2022-11-03 03:46:08,000 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 12 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=46, Invalid=86, Unknown=0, NotChecked=0, Total=132 [2022-11-03 03:46:08,002 INFO L413 NwaCegarLoop]: 84 mSDtfsCounter, 219 mSDsluCounter, 224 mSDsCounter, 0 mSdLazyCounter, 311 mSolverCounterSat, 82 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 230 SdHoareTripleChecker+Valid, 269 SdHoareTripleChecker+Invalid, 393 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 82 IncrementalHoareTripleChecker+Valid, 311 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-03 03:46:08,003 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [230 Valid, 269 Invalid, 393 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [82 Valid, 311 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-03 03:46:08,013 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 455 states. [2022-11-03 03:46:08,077 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 455 to 369. [2022-11-03 03:46:08,078 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 369 states, 260 states have (on average 1.2846153846153847) internal successors, (334), 291 states have internal predecessors, (334), 52 states have call successors, (52), 46 states have call predecessors, (52), 56 states have return successors, (64), 55 states have call predecessors, (64), 52 states have call successors, (64) [2022-11-03 03:46:08,080 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 369 states to 369 states and 450 transitions. [2022-11-03 03:46:08,081 INFO L78 Accepts]: Start accepts. Automaton has 369 states and 450 transitions. Word has length 22 [2022-11-03 03:46:08,081 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:46:08,081 INFO L495 AbstractCegarLoop]: Abstraction has 369 states and 450 transitions. [2022-11-03 03:46:08,082 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 2.7142857142857144) internal successors, (19), 6 states have internal predecessors, (19), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 03:46:08,082 INFO L276 IsEmpty]: Start isEmpty. Operand 369 states and 450 transitions. [2022-11-03 03:46:08,084 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 43 [2022-11-03 03:46:08,084 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:46:08,084 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:46:08,084 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-03 03:46:08,085 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:46:08,085 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:46:08,085 INFO L85 PathProgramCache]: Analyzing trace with hash -1699983325, now seen corresponding path program 1 times [2022-11-03 03:46:08,085 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:46:08,086 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1415323637] [2022-11-03 03:46:08,086 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:46:08,086 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:46:08,102 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:46:08,143 INFO L134 CoverageAnalysis]: Checked inductivity of 13 backedges. 13 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 03:46:08,144 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:46:08,144 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1415323637] [2022-11-03 03:46:08,145 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1415323637] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 03:46:08,145 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 03:46:08,145 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-03 03:46:08,145 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1385486876] [2022-11-03 03:46:08,145 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 03:46:08,146 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-03 03:46:08,146 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:46:08,146 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-03 03:46:08,146 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-03 03:46:08,147 INFO L87 Difference]: Start difference. First operand 369 states and 450 transitions. Second operand has 4 states, 3 states have (on average 12.333333333333334) internal successors, (37), 4 states have internal predecessors, (37), 3 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-03 03:46:08,290 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:46:08,291 INFO L93 Difference]: Finished difference Result 653 states and 802 transitions. [2022-11-03 03:46:08,291 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-11-03 03:46:08,292 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 12.333333333333334) internal successors, (37), 4 states have internal predecessors, (37), 3 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 42 [2022-11-03 03:46:08,292 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:46:08,298 INFO L225 Difference]: With dead ends: 653 [2022-11-03 03:46:08,298 INFO L226 Difference]: Without dead ends: 286 [2022-11-03 03:46:08,299 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-03 03:46:08,302 INFO L413 NwaCegarLoop]: 67 mSDtfsCounter, 82 mSDsluCounter, 61 mSDsCounter, 0 mSdLazyCounter, 80 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 82 SdHoareTripleChecker+Valid, 108 SdHoareTripleChecker+Invalid, 84 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 80 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 03:46:08,305 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [82 Valid, 108 Invalid, 84 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 80 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 03:46:08,307 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 286 states. [2022-11-03 03:46:08,342 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 286 to 277. [2022-11-03 03:46:08,342 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 277 states, 198 states have (on average 1.2777777777777777) internal successors, (253), 222 states have internal predecessors, (253), 38 states have call successors, (38), 35 states have call predecessors, (38), 40 states have return successors, (44), 39 states have call predecessors, (44), 38 states have call successors, (44) [2022-11-03 03:46:08,345 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 277 states to 277 states and 335 transitions. [2022-11-03 03:46:08,345 INFO L78 Accepts]: Start accepts. Automaton has 277 states and 335 transitions. Word has length 42 [2022-11-03 03:46:08,346 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:46:08,346 INFO L495 AbstractCegarLoop]: Abstraction has 277 states and 335 transitions. [2022-11-03 03:46:08,346 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 12.333333333333334) internal successors, (37), 4 states have internal predecessors, (37), 3 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-03 03:46:08,346 INFO L276 IsEmpty]: Start isEmpty. Operand 277 states and 335 transitions. [2022-11-03 03:46:08,351 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2022-11-03 03:46:08,352 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:46:08,352 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:46:08,352 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-03 03:46:08,353 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:46:08,353 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:46:08,353 INFO L85 PathProgramCache]: Analyzing trace with hash 1988454144, now seen corresponding path program 1 times [2022-11-03 03:46:08,353 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:46:08,354 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1932089580] [2022-11-03 03:46:08,354 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:46:08,354 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:46:08,392 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:46:08,831 INFO L134 CoverageAnalysis]: Checked inductivity of 14 backedges. 14 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 03:46:08,831 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:46:08,831 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1932089580] [2022-11-03 03:46:08,831 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1932089580] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 03:46:08,832 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 03:46:08,832 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2022-11-03 03:46:08,832 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [163955081] [2022-11-03 03:46:08,832 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 03:46:08,833 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-11-03 03:46:08,833 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:46:08,833 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-11-03 03:46:08,833 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=24, Invalid=66, Unknown=0, NotChecked=0, Total=90 [2022-11-03 03:46:08,834 INFO L87 Difference]: Start difference. First operand 277 states and 335 transitions. Second operand has 10 states, 9 states have (on average 4.111111111111111) internal successors, (37), 9 states have internal predecessors, (37), 3 states have call successors, (4), 3 states have call predecessors, (4), 3 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-03 03:46:09,589 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:46:09,590 INFO L93 Difference]: Finished difference Result 433 states and 536 transitions. [2022-11-03 03:46:09,590 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 20 states. [2022-11-03 03:46:09,590 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 9 states have (on average 4.111111111111111) internal successors, (37), 9 states have internal predecessors, (37), 3 states have call successors, (4), 3 states have call predecessors, (4), 3 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 44 [2022-11-03 03:46:09,591 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:46:09,594 INFO L225 Difference]: With dead ends: 433 [2022-11-03 03:46:09,595 INFO L226 Difference]: Without dead ends: 287 [2022-11-03 03:46:09,595 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 25 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 20 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 93 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=114, Invalid=348, Unknown=0, NotChecked=0, Total=462 [2022-11-03 03:46:09,599 INFO L413 NwaCegarLoop]: 82 mSDtfsCounter, 245 mSDsluCounter, 263 mSDsCounter, 0 mSdLazyCounter, 373 mSolverCounterSat, 117 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 254 SdHoareTripleChecker+Valid, 297 SdHoareTripleChecker+Invalid, 490 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 117 IncrementalHoareTripleChecker+Valid, 373 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2022-11-03 03:46:09,599 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [254 Valid, 297 Invalid, 490 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [117 Valid, 373 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2022-11-03 03:46:09,601 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 287 states. [2022-11-03 03:46:09,643 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 287 to 199. [2022-11-03 03:46:09,644 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 199 states, 140 states have (on average 1.2785714285714285) internal successors, (179), 159 states have internal predecessors, (179), 29 states have call successors, (29), 27 states have call predecessors, (29), 29 states have return successors, (31), 28 states have call predecessors, (31), 29 states have call successors, (31) [2022-11-03 03:46:09,645 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 199 states to 199 states and 239 transitions. [2022-11-03 03:46:09,645 INFO L78 Accepts]: Start accepts. Automaton has 199 states and 239 transitions. Word has length 44 [2022-11-03 03:46:09,646 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:46:09,646 INFO L495 AbstractCegarLoop]: Abstraction has 199 states and 239 transitions. [2022-11-03 03:46:09,646 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 9 states have (on average 4.111111111111111) internal successors, (37), 9 states have internal predecessors, (37), 3 states have call successors, (4), 3 states have call predecessors, (4), 3 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-03 03:46:09,646 INFO L276 IsEmpty]: Start isEmpty. Operand 199 states and 239 transitions. [2022-11-03 03:46:09,647 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2022-11-03 03:46:09,647 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:46:09,647 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:46:09,648 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-03 03:46:09,648 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:46:09,648 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:46:09,649 INFO L85 PathProgramCache]: Analyzing trace with hash 1094338744, now seen corresponding path program 1 times [2022-11-03 03:46:09,649 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:46:09,649 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1996674514] [2022-11-03 03:46:09,649 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:46:09,649 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:46:09,667 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:46:10,243 INFO L134 CoverageAnalysis]: Checked inductivity of 14 backedges. 0 proven. 14 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 03:46:10,244 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:46:10,244 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1996674514] [2022-11-03 03:46:10,244 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1996674514] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 03:46:10,244 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1000928531] [2022-11-03 03:46:10,244 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:46:10,244 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 03:46:10,245 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 03:46:10,250 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 03:46:10,272 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-03 03:46:10,363 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:46:10,366 INFO L263 TraceCheckSpWp]: Trace formula consists of 395 conjuncts, 35 conjunts are in the unsatisfiable core [2022-11-03 03:46:10,372 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 03:46:10,867 INFO L134 CoverageAnalysis]: Checked inductivity of 14 backedges. 0 proven. 9 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2022-11-03 03:46:10,867 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 03:46:11,414 INFO L134 CoverageAnalysis]: Checked inductivity of 14 backedges. 9 proven. 5 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 03:46:11,415 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1000928531] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 03:46:11,415 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1419451533] [2022-11-03 03:46:11,437 INFO L159 IcfgInterpreter]: Started Sifa with 34 locations of interest [2022-11-03 03:46:11,437 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 03:46:11,441 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 03:46:11,450 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 03:46:11,451 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 03:46:21,671 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 305 for LOIs [2022-11-03 03:46:21,734 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 45 for LOIs [2022-11-03 03:46:22,024 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 24 for LOIs [2022-11-03 03:46:22,047 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 30 for LOIs [2022-11-03 03:46:22,051 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 03:46:28,112 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '5878#(and (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~5#1|) (<= 0 |old(~pumpRunning~0)|) (<= ~pumpRunning~0 1) (not (= |timeShift___utac_acc__Specification4_spec__1_~tmp___0~3#1| 0)) (= ~methaneLevelCritical~0 0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| ~waterLevel~0) (= ~head~0.offset 0) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~5#1|) (= 1 ~systemActive~0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| |timeShift_getWaterLevel_#res#1|) (= |timeShift___utac_acc__Specification4_spec__1_~tmp~9#1| |timeShift_getWaterLevel_#res#1|) (= |timeShift___utac_acc__Specification4_spec__1_~tmp~9#1| 0) (<= 0 ~pumpRunning~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification4_spec__1_~tmp___0~3#1|) (<= 0 |#StackHeapBarrier|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 03:46:28,112 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 03:46:28,112 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 03:46:28,112 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [16, 11, 13] total 36 [2022-11-03 03:46:28,113 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [908707391] [2022-11-03 03:46:28,113 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 03:46:28,113 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 36 states [2022-11-03 03:46:28,113 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:46:28,114 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 36 interpolants. [2022-11-03 03:46:28,115 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=382, Invalid=3400, Unknown=0, NotChecked=0, Total=3782 [2022-11-03 03:46:28,116 INFO L87 Difference]: Start difference. First operand 199 states and 239 transitions. Second operand has 36 states, 32 states have (on average 3.09375) internal successors, (99), 33 states have internal predecessors, (99), 12 states have call successors, (15), 10 states have call predecessors, (15), 9 states have return successors, (12), 11 states have call predecessors, (12), 10 states have call successors, (12) [2022-11-03 03:46:38,568 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:46:38,568 INFO L93 Difference]: Finished difference Result 1130 states and 1520 transitions. [2022-11-03 03:46:38,571 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 141 states. [2022-11-03 03:46:38,571 INFO L78 Accepts]: Start accepts. Automaton has has 36 states, 32 states have (on average 3.09375) internal successors, (99), 33 states have internal predecessors, (99), 12 states have call successors, (15), 10 states have call predecessors, (15), 9 states have return successors, (12), 11 states have call predecessors, (12), 10 states have call successors, (12) Word has length 47 [2022-11-03 03:46:38,571 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:46:38,575 INFO L225 Difference]: With dead ends: 1130 [2022-11-03 03:46:38,575 INFO L226 Difference]: Without dead ends: 980 [2022-11-03 03:46:38,591 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 303 GetRequests, 113 SyntacticMatches, 0 SemanticMatches, 190 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 14010 ImplicationChecksByTransitivity, 13.5s TimeCoverageRelationStatistics Valid=3856, Invalid=32816, Unknown=0, NotChecked=0, Total=36672 [2022-11-03 03:46:38,591 INFO L413 NwaCegarLoop]: 135 mSDtfsCounter, 2420 mSDsluCounter, 1346 mSDsCounter, 0 mSdLazyCounter, 3786 mSolverCounterSat, 1715 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 2.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2429 SdHoareTripleChecker+Valid, 1200 SdHoareTripleChecker+Invalid, 5501 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.1s SdHoareTripleChecker+Time, 1715 IncrementalHoareTripleChecker+Valid, 3786 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 3.2s IncrementalHoareTripleChecker+Time [2022-11-03 03:46:38,592 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [2429 Valid, 1200 Invalid, 5501 Unknown, 0 Unchecked, 0.1s Time], IncrementalHoareTripleChecker [1715 Valid, 3786 Invalid, 0 Unknown, 0 Unchecked, 3.2s Time] [2022-11-03 03:46:38,594 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 980 states. [2022-11-03 03:46:38,692 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 980 to 633. [2022-11-03 03:46:38,694 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 633 states, 449 states have (on average 1.2739420935412027) internal successors, (572), 494 states have internal predecessors, (572), 83 states have call successors, (83), 79 states have call predecessors, (83), 100 states have return successors, (136), 90 states have call predecessors, (136), 83 states have call successors, (136) [2022-11-03 03:46:38,701 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 633 states to 633 states and 791 transitions. [2022-11-03 03:46:38,702 INFO L78 Accepts]: Start accepts. Automaton has 633 states and 791 transitions. Word has length 47 [2022-11-03 03:46:38,703 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:46:38,703 INFO L495 AbstractCegarLoop]: Abstraction has 633 states and 791 transitions. [2022-11-03 03:46:38,703 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 36 states, 32 states have (on average 3.09375) internal successors, (99), 33 states have internal predecessors, (99), 12 states have call successors, (15), 10 states have call predecessors, (15), 9 states have return successors, (12), 11 states have call predecessors, (12), 10 states have call successors, (12) [2022-11-03 03:46:38,703 INFO L276 IsEmpty]: Start isEmpty. Operand 633 states and 791 transitions. [2022-11-03 03:46:38,705 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 73 [2022-11-03 03:46:38,706 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:46:38,706 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:46:38,754 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-03 03:46:38,932 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 03:46:38,933 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:46:38,933 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:46:38,933 INFO L85 PathProgramCache]: Analyzing trace with hash 266000054, now seen corresponding path program 1 times [2022-11-03 03:46:38,933 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:46:38,933 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2017421848] [2022-11-03 03:46:38,933 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:46:38,934 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:46:38,972 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:46:39,829 INFO L134 CoverageAnalysis]: Checked inductivity of 49 backedges. 29 proven. 17 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-03 03:46:39,829 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:46:39,829 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2017421848] [2022-11-03 03:46:39,829 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2017421848] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 03:46:39,829 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1032322092] [2022-11-03 03:46:39,830 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:46:39,830 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 03:46:39,830 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 03:46:39,833 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 03:46:39,848 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-03 03:46:39,935 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:46:39,938 INFO L263 TraceCheckSpWp]: Trace formula consists of 473 conjuncts, 19 conjunts are in the unsatisfiable core [2022-11-03 03:46:39,941 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 03:46:40,028 INFO L134 CoverageAnalysis]: Checked inductivity of 49 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 42 trivial. 0 not checked. [2022-11-03 03:46:40,028 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-03 03:46:40,029 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1032322092] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 03:46:40,029 INFO L184 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2022-11-03 03:46:40,029 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [17] total 20 [2022-11-03 03:46:40,029 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [587636172] [2022-11-03 03:46:40,029 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 03:46:40,030 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-03 03:46:40,030 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:46:40,030 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-03 03:46:40,030 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=56, Invalid=324, Unknown=0, NotChecked=0, Total=380 [2022-11-03 03:46:40,031 INFO L87 Difference]: Start difference. First operand 633 states and 791 transitions. Second operand has 5 states, 5 states have (on average 6.8) internal successors, (34), 5 states have internal predecessors, (34), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (6), 2 states have call predecessors, (6), 2 states have call successors, (6) [2022-11-03 03:46:40,303 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:46:40,303 INFO L93 Difference]: Finished difference Result 1131 states and 1488 transitions. [2022-11-03 03:46:40,304 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-11-03 03:46:40,304 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.8) internal successors, (34), 5 states have internal predecessors, (34), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (6), 2 states have call predecessors, (6), 2 states have call successors, (6) Word has length 72 [2022-11-03 03:46:40,304 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:46:40,308 INFO L225 Difference]: With dead ends: 1131 [2022-11-03 03:46:40,310 INFO L226 Difference]: Without dead ends: 751 [2022-11-03 03:46:40,312 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 93 GetRequests, 72 SyntacticMatches, 0 SemanticMatches, 21 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 126 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=71, Invalid=435, Unknown=0, NotChecked=0, Total=506 [2022-11-03 03:46:40,314 INFO L413 NwaCegarLoop]: 51 mSDtfsCounter, 42 mSDsluCounter, 162 mSDsCounter, 0 mSdLazyCounter, 88 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 43 SdHoareTripleChecker+Valid, 182 SdHoareTripleChecker+Invalid, 93 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 88 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 03:46:40,315 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [43 Valid, 182 Invalid, 93 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 88 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 03:46:40,316 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 751 states. [2022-11-03 03:46:40,418 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 751 to 647. [2022-11-03 03:46:40,419 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 647 states, 460 states have (on average 1.2630434782608695) internal successors, (581), 505 states have internal predecessors, (581), 83 states have call successors, (83), 79 states have call predecessors, (83), 103 states have return successors, (143), 93 states have call predecessors, (143), 83 states have call successors, (143) [2022-11-03 03:46:40,423 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 647 states to 647 states and 807 transitions. [2022-11-03 03:46:40,423 INFO L78 Accepts]: Start accepts. Automaton has 647 states and 807 transitions. Word has length 72 [2022-11-03 03:46:40,425 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:46:40,425 INFO L495 AbstractCegarLoop]: Abstraction has 647 states and 807 transitions. [2022-11-03 03:46:40,425 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.8) internal successors, (34), 5 states have internal predecessors, (34), 2 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (6), 2 states have call predecessors, (6), 2 states have call successors, (6) [2022-11-03 03:46:40,426 INFO L276 IsEmpty]: Start isEmpty. Operand 647 states and 807 transitions. [2022-11-03 03:46:40,427 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 78 [2022-11-03 03:46:40,427 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:46:40,428 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:46:40,453 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-03 03:46:40,636 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 03:46:40,637 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:46:40,637 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:46:40,637 INFO L85 PathProgramCache]: Analyzing trace with hash 1174192615, now seen corresponding path program 1 times [2022-11-03 03:46:40,637 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:46:40,637 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1550820389] [2022-11-03 03:46:40,638 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:46:40,638 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:46:40,666 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:46:41,509 INFO L134 CoverageAnalysis]: Checked inductivity of 61 backedges. 30 proven. 19 refuted. 0 times theorem prover too weak. 12 trivial. 0 not checked. [2022-11-03 03:46:41,509 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:46:41,509 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1550820389] [2022-11-03 03:46:41,510 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1550820389] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 03:46:41,510 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [347588947] [2022-11-03 03:46:41,510 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:46:41,510 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 03:46:41,510 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 03:46:41,511 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 03:46:41,536 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-11-03 03:46:41,633 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:46:41,635 INFO L263 TraceCheckSpWp]: Trace formula consists of 480 conjuncts, 18 conjunts are in the unsatisfiable core [2022-11-03 03:46:41,638 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 03:46:41,750 INFO L134 CoverageAnalysis]: Checked inductivity of 61 backedges. 50 proven. 0 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2022-11-03 03:46:41,751 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-03 03:46:41,751 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [347588947] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 03:46:41,751 INFO L184 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2022-11-03 03:46:41,751 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [17] total 20 [2022-11-03 03:46:41,751 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [939572628] [2022-11-03 03:46:41,752 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 03:46:41,752 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-03 03:46:41,752 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:46:41,752 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-03 03:46:41,753 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=52, Invalid=328, Unknown=0, NotChecked=0, Total=380 [2022-11-03 03:46:41,753 INFO L87 Difference]: Start difference. First operand 647 states and 807 transitions. Second operand has 5 states, 5 states have (on average 10.4) internal successors, (52), 5 states have internal predecessors, (52), 3 states have call successors, (8), 3 states have call predecessors, (8), 3 states have return successors, (8), 3 states have call predecessors, (8), 3 states have call successors, (8) [2022-11-03 03:46:42,027 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:46:42,027 INFO L93 Difference]: Finished difference Result 1424 states and 1823 transitions. [2022-11-03 03:46:42,028 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-11-03 03:46:42,028 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 10.4) internal successors, (52), 5 states have internal predecessors, (52), 3 states have call successors, (8), 3 states have call predecessors, (8), 3 states have return successors, (8), 3 states have call predecessors, (8), 3 states have call successors, (8) Word has length 77 [2022-11-03 03:46:42,029 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:46:42,033 INFO L225 Difference]: With dead ends: 1424 [2022-11-03 03:46:42,033 INFO L226 Difference]: Without dead ends: 720 [2022-11-03 03:46:42,035 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 100 GetRequests, 79 SyntacticMatches, 0 SemanticMatches, 21 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 125 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=67, Invalid=439, Unknown=0, NotChecked=0, Total=506 [2022-11-03 03:46:42,036 INFO L413 NwaCegarLoop]: 81 mSDtfsCounter, 67 mSDsluCounter, 227 mSDsCounter, 0 mSdLazyCounter, 140 mSolverCounterSat, 7 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 68 SdHoareTripleChecker+Valid, 260 SdHoareTripleChecker+Invalid, 147 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 7 IncrementalHoareTripleChecker+Valid, 140 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 03:46:42,037 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [68 Valid, 260 Invalid, 147 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [7 Valid, 140 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 03:46:42,038 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 720 states. [2022-11-03 03:46:42,159 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 720 to 693. [2022-11-03 03:46:42,160 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 693 states, 500 states have (on average 1.262) internal successors, (631), 547 states have internal predecessors, (631), 89 states have call successors, (89), 85 states have call predecessors, (89), 103 states have return successors, (142), 96 states have call predecessors, (142), 89 states have call successors, (142) [2022-11-03 03:46:42,163 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 693 states to 693 states and 862 transitions. [2022-11-03 03:46:42,164 INFO L78 Accepts]: Start accepts. Automaton has 693 states and 862 transitions. Word has length 77 [2022-11-03 03:46:42,164 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:46:42,164 INFO L495 AbstractCegarLoop]: Abstraction has 693 states and 862 transitions. [2022-11-03 03:46:42,164 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 10.4) internal successors, (52), 5 states have internal predecessors, (52), 3 states have call successors, (8), 3 states have call predecessors, (8), 3 states have return successors, (8), 3 states have call predecessors, (8), 3 states have call successors, (8) [2022-11-03 03:46:42,164 INFO L276 IsEmpty]: Start isEmpty. Operand 693 states and 862 transitions. [2022-11-03 03:46:42,166 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 95 [2022-11-03 03:46:42,166 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:46:42,167 INFO L195 NwaCegarLoop]: trace histogram [4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:46:42,207 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2022-11-03 03:46:42,380 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-03 03:46:42,380 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:46:42,381 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:46:42,381 INFO L85 PathProgramCache]: Analyzing trace with hash 705430392, now seen corresponding path program 2 times [2022-11-03 03:46:42,381 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:46:42,381 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [126413688] [2022-11-03 03:46:42,381 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:46:42,381 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:46:42,407 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:46:43,648 INFO L134 CoverageAnalysis]: Checked inductivity of 105 backedges. 44 proven. 51 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2022-11-03 03:46:43,648 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:46:43,649 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [126413688] [2022-11-03 03:46:43,649 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [126413688] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 03:46:43,649 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1234295146] [2022-11-03 03:46:43,649 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2022-11-03 03:46:43,649 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 03:46:43,649 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 03:46:43,653 INFO L229 MonitoredProcess]: Starting monitored process 5 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 03:46:43,655 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2022-11-03 03:46:43,791 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) [2022-11-03 03:46:43,791 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2022-11-03 03:46:43,793 INFO L263 TraceCheckSpWp]: Trace formula consists of 396 conjuncts, 32 conjunts are in the unsatisfiable core [2022-11-03 03:46:43,801 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 03:46:44,006 INFO L134 CoverageAnalysis]: Checked inductivity of 105 backedges. 59 proven. 5 refuted. 0 times theorem prover too weak. 41 trivial. 0 not checked. [2022-11-03 03:46:44,006 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 03:46:44,480 INFO L134 CoverageAnalysis]: Checked inductivity of 105 backedges. 53 proven. 5 refuted. 0 times theorem prover too weak. 47 trivial. 0 not checked. [2022-11-03 03:46:44,480 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1234295146] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 03:46:44,481 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [663831076] [2022-11-03 03:46:44,483 INFO L159 IcfgInterpreter]: Started Sifa with 38 locations of interest [2022-11-03 03:46:44,483 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 03:46:44,484 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 03:46:44,484 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 03:46:44,484 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 03:46:52,344 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 303 for LOIs [2022-11-03 03:46:52,400 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 44 for LOIs [2022-11-03 03:46:52,709 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 59 for LOIs [2022-11-03 03:46:52,908 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 33 for LOIs [2022-11-03 03:46:52,910 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 29 for LOIs [2022-11-03 03:46:52,912 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 03:46:59,609 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '16132#(and (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~5#1|) (not (= |timeShift___utac_acc__Specification4_spec__1_~tmp___0~3#1| 0)) (= ~methaneLevelCritical~0 0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| ~waterLevel~0) (= ~head~0.offset 0) (<= |timeShift_isPumpRunning_#res#1| 2147483647) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~5#1|) (= 1 ~systemActive~0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| |timeShift_getWaterLevel_#res#1|) (= |timeShift___utac_acc__Specification4_spec__1_~tmp~9#1| |timeShift_getWaterLevel_#res#1|) (= |timeShift___utac_acc__Specification4_spec__1_~tmp~9#1| 0) (= ~head~0.base 0) (= |#NULL.offset| 0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification4_spec__1_~tmp___0~3#1|) (<= 0 (+ |timeShift_isPumpRunning_#res#1| 2147483648)) (<= 0 |#StackHeapBarrier|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 03:46:59,609 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 03:46:59,609 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 03:46:59,609 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [24, 8, 9] total 36 [2022-11-03 03:46:59,609 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1524228716] [2022-11-03 03:46:59,609 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 03:46:59,610 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 36 states [2022-11-03 03:46:59,610 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:46:59,611 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 36 interpolants. [2022-11-03 03:46:59,612 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=399, Invalid=3507, Unknown=0, NotChecked=0, Total=3906 [2022-11-03 03:46:59,612 INFO L87 Difference]: Start difference. First operand 693 states and 862 transitions. Second operand has 36 states, 33 states have (on average 4.212121212121212) internal successors, (139), 34 states have internal predecessors, (139), 13 states have call successors, (19), 7 states have call predecessors, (19), 11 states have return successors, (20), 13 states have call predecessors, (20), 11 states have call successors, (20) [2022-11-03 03:47:01,427 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:47:01,427 INFO L93 Difference]: Finished difference Result 833 states and 1032 transitions. [2022-11-03 03:47:01,428 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2022-11-03 03:47:01,428 INFO L78 Accepts]: Start accepts. Automaton has has 36 states, 33 states have (on average 4.212121212121212) internal successors, (139), 34 states have internal predecessors, (139), 13 states have call successors, (19), 7 states have call predecessors, (19), 11 states have return successors, (20), 13 states have call predecessors, (20), 11 states have call successors, (20) Word has length 94 [2022-11-03 03:47:01,428 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:47:01,429 INFO L225 Difference]: With dead ends: 833 [2022-11-03 03:47:01,429 INFO L226 Difference]: Without dead ends: 0 [2022-11-03 03:47:01,432 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 336 GetRequests, 243 SyntacticMatches, 9 SemanticMatches, 84 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3029 ImplicationChecksByTransitivity, 8.3s TimeCoverageRelationStatistics Valid=877, Invalid=6433, Unknown=0, NotChecked=0, Total=7310 [2022-11-03 03:47:01,433 INFO L413 NwaCegarLoop]: 56 mSDtfsCounter, 567 mSDsluCounter, 667 mSDsCounter, 0 mSdLazyCounter, 1009 mSolverCounterSat, 309 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 569 SdHoareTripleChecker+Valid, 559 SdHoareTripleChecker+Invalid, 1318 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 309 IncrementalHoareTripleChecker+Valid, 1009 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2022-11-03 03:47:01,433 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [569 Valid, 559 Invalid, 1318 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [309 Valid, 1009 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2022-11-03 03:47:01,433 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-03 03:47:01,434 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-03 03:47:01,434 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 03:47:01,434 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-03 03:47:01,434 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 94 [2022-11-03 03:47:01,434 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:47:01,434 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-03 03:47:01,435 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 36 states, 33 states have (on average 4.212121212121212) internal successors, (139), 34 states have internal predecessors, (139), 13 states have call successors, (19), 7 states have call predecessors, (19), 11 states have return successors, (20), 13 states have call predecessors, (20), 11 states have call successors, (20) [2022-11-03 03:47:01,435 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-03 03:47:01,435 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-03 03:47:01,437 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-03 03:47:01,477 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2022-11-03 03:47:01,656 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2022-11-03 03:47:01,658 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-03 03:47:06,187 INFO L895 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 263 270) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 1))) (.cse1 (= ~pumpRunning~0 1))) (and (or (not (<= 2 ~waterLevel~0)) .cse0 (not (<= ~waterLevel~0 2)) .cse1) (or (not (= ~waterLevel~0 1)) (not (= 1 ~systemActive~0)) .cse0 .cse1))) [2022-11-03 03:47:06,187 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 263 270) no Hoare annotation was computed. [2022-11-03 03:47:06,187 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 196 202) no Hoare annotation was computed. [2022-11-03 03:47:06,187 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 196 202) the Hoare annotation is: true [2022-11-03 03:47:06,187 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 84 95) the Hoare annotation is: true [2022-11-03 03:47:06,188 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 84 95) no Hoare annotation was computed. [2022-11-03 03:47:06,188 INFO L902 garLoopResultBuilder]: At program point L832(line 832) the Hoare annotation is: true [2022-11-03 03:47:06,188 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 826 855) no Hoare annotation was computed. [2022-11-03 03:47:06,188 INFO L899 garLoopResultBuilder]: For program point L832-1(line 832) no Hoare annotation was computed. [2022-11-03 03:47:06,188 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 826 855) the Hoare annotation is: true [2022-11-03 03:47:06,188 INFO L902 garLoopResultBuilder]: At program point L851(lines 826 855) the Hoare annotation is: true [2022-11-03 03:47:06,188 INFO L899 garLoopResultBuilder]: For program point L847(line 847) no Hoare annotation was computed. [2022-11-03 03:47:06,189 INFO L899 garLoopResultBuilder]: For program point L840(lines 840 844) no Hoare annotation was computed. [2022-11-03 03:47:06,189 INFO L902 garLoopResultBuilder]: At program point L840-1(lines 840 844) the Hoare annotation is: true [2022-11-03 03:47:06,189 INFO L902 garLoopResultBuilder]: At program point L836-2(lines 836 850) the Hoare annotation is: true [2022-11-03 03:47:06,189 INFO L899 garLoopResultBuilder]: For program point L176-1(lines 175 194) no Hoare annotation was computed. [2022-11-03 03:47:06,189 INFO L899 garLoopResultBuilder]: For program point L238(lines 238 246) no Hoare annotation was computed. [2022-11-03 03:47:06,191 INFO L895 garLoopResultBuilder]: At program point L234(lines 234 251) the Hoare annotation is: (let ((.cse5 (not (= |old(~waterLevel~0)| 1))) (.cse1 (not (= 1 ~systemActive~0))) (.cse7 (= ~pumpRunning~0 0)) (.cse0 (= ~waterLevel~0 1)) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not (<= |old(~waterLevel~0)| 2))) (.cse6 (not (= 0 ~systemActive~0))) (.cse3 (not (<= 2 |old(~waterLevel~0)|)))) (and (or (and .cse0 (= ~pumpRunning~0 1)) .cse1 (not (= |old(~pumpRunning~0)| 1)) .cse2 .cse3) (or .cse4 .cse5 .cse6) (or .cse4 (and .cse7 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse1 .cse2 .cse3) (or .cse4 .cse5 .cse1 (and .cse7 .cse0)) (or .cse4 .cse2 .cse6 .cse3))) [2022-11-03 03:47:06,192 INFO L895 garLoopResultBuilder]: At program point L244(line 244) the Hoare annotation is: (let ((.cse2 (not (= 0 ~systemActive~0))) (.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (not (= 1 ~systemActive~0))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse4 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 .cse1 .cse2) (or .cse0 .cse3 .cse2 .cse4) (or .cse5 (not (= |old(~pumpRunning~0)| 1)) .cse3 .cse4) (or .cse0 .cse1 .cse5) (or .cse0 .cse5 .cse3 .cse4))) [2022-11-03 03:47:06,192 INFO L895 garLoopResultBuilder]: At program point L240(line 240) the Hoare annotation is: (let ((.cse2 (not (= 0 ~systemActive~0))) (.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (not (= 1 ~systemActive~0))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse4 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 .cse1 .cse2) (or .cse0 .cse3 .cse2 .cse4) (or .cse0 .cse1 .cse5) (or .cse5 (and (= |timeShift_processEnvironment_~tmp~1#1| 1) (= ~waterLevel~0 1) (= ~pumpRunning~0 1)) (not (= |old(~pumpRunning~0)| 1)) .cse3 .cse4) (or .cse0 .cse5 .cse3 .cse4))) [2022-11-03 03:47:06,192 INFO L895 garLoopResultBuilder]: At program point L963(line 963) the Hoare annotation is: (let ((.cse2 (not (= 0 ~systemActive~0))) (.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (not (= 1 ~systemActive~0))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse4 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 .cse1 .cse2) (or .cse0 .cse3 .cse2 .cse4) (or .cse5 (not (= |old(~pumpRunning~0)| 1)) .cse3 .cse4) (or .cse0 .cse1 .cse5) (or .cse0 .cse5 .cse3 .cse4))) [2022-11-03 03:47:06,193 INFO L895 garLoopResultBuilder]: At program point L249(line 249) the Hoare annotation is: (let ((.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse3 (= ~pumpRunning~0 0)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not (= 0 ~systemActive~0))) (.cse4 (not (= 1 ~systemActive~0))) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse6 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 .cse1 .cse2) (or .cse0 (and .cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse4 .cse5 .cse6) (or .cse0 .cse1 .cse4 (and .cse3 (= ~waterLevel~0 1))) (or .cse0 .cse5 .cse2 .cse6) (or .cse4 (not (= |old(~pumpRunning~0)| 1)) .cse5 .cse6))) [2022-11-03 03:47:06,193 INFO L895 garLoopResultBuilder]: At program point L249-1(lines 230 254) the Hoare annotation is: (let ((.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse2 (not (= 0 ~systemActive~0))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (not (= 1 ~systemActive~0))) (.cse4 (= ~pumpRunning~0 0)) (.cse5 (= ~waterLevel~0 1)) (.cse6 (not (<= |old(~waterLevel~0)| 2))) (.cse7 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 .cse1 .cse2) (or .cse0 .cse1 .cse3 (and .cse4 .cse5)) (or .cse0 .cse6 .cse2 .cse7) (or .cse0 .cse3 .cse6 (and (= |old(~waterLevel~0)| ~waterLevel~0) (= ~pumpRunning~0 1)) .cse7) (or .cse3 (and (= |timeShift_processEnvironment_~tmp~1#1| 1) .cse4 .cse5) (not (= |old(~pumpRunning~0)| 1)) .cse6 .cse7))) [2022-11-03 03:47:06,194 INFO L895 garLoopResultBuilder]: At program point L183-1(lines 183 189) the Hoare annotation is: (let ((.cse1 (= ~pumpRunning~0 0)) (.cse9 (= ~waterLevel~0 1))) (let ((.cse6 (not (= |old(~waterLevel~0)| 1))) (.cse8 (and .cse1 .cse9)) (.cse4 (not (= 0 ~systemActive~0))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse7 (not (= 1 ~systemActive~0))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 (and .cse1 .cse2) .cse3 .cse4 .cse5) (or .cse0 .cse6 .cse7 .cse8) (or .cse0 .cse6 .cse8 .cse4) (or .cse0 .cse7 .cse3 (and .cse2 (= ~pumpRunning~0 1)) .cse5) (or .cse7 (and (= |timeShift_processEnvironment_~tmp~1#1| 1) .cse1 .cse9) (not (= |old(~pumpRunning~0)| 1)) .cse3 .cse5)))) [2022-11-03 03:47:06,194 INFO L899 garLoopResultBuilder]: For program point L980(lines 980 986) no Hoare annotation was computed. [2022-11-03 03:47:06,194 INFO L895 garLoopResultBuilder]: At program point L976(lines 976 989) the Hoare annotation is: (let ((.cse7 (= ~pumpRunning~0 0)) (.cse8 (= |timeShift___utac_acc__Specification4_spec__1_~tmp~9#1| ~waterLevel~0)) (.cse9 (= ~waterLevel~0 1))) (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse5 (not (= |old(~waterLevel~0)| 1))) (.cse6 (and .cse7 .cse8 .cse9)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse10 (not (= 0 ~systemActive~0))) (.cse4 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 (and .cse1 (<= |old(~waterLevel~0)| |timeShift___utac_acc__Specification4_spec__1_~tmp~9#1|) (<= |timeShift___utac_acc__Specification4_spec__1_~tmp~9#1| |old(~waterLevel~0)|) (= ~pumpRunning~0 1)) .cse2 .cse3 .cse4) (or .cse0 .cse5 .cse2 .cse6) (or .cse2 (not (= |old(~pumpRunning~0)| 1)) .cse3 (and (= |timeShift_processEnvironment_~tmp~1#1| 1) .cse7 .cse8 .cse9) .cse4) (or .cse0 .cse5 .cse6 .cse10) (or .cse0 .cse3 (and .cse7 .cse8 .cse1) .cse10 .cse4)))) [2022-11-03 03:47:06,194 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 172 195) the Hoare annotation is: (let ((.cse9 (= ~pumpRunning~0 0)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse5 (and .cse9 .cse1)) (.cse2 (not (<= |old(~waterLevel~0)| 2))) (.cse3 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= 1 ~systemActive~0))) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse7 (not (= |old(~waterLevel~0)| 1))) (.cse8 (and .cse9 (= ~waterLevel~0 1))) (.cse6 (not (= 0 ~systemActive~0)))) (and (or .cse0 (not (= |old(~pumpRunning~0)| 1)) (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse1) .cse2 .cse3) (or .cse4 .cse5 .cse0 .cse2 .cse3) (or .cse4 .cse5 .cse2 .cse6 .cse3) (or .cse4 .cse7 .cse0 .cse8) (or .cse4 .cse7 .cse8 .cse6)))) [2022-11-03 03:47:06,195 INFO L895 garLoopResultBuilder]: At program point L976-1(lines 968 992) the Hoare annotation is: (let ((.cse7 (= ~pumpRunning~0 0)) (.cse8 (= |timeShift___utac_acc__Specification4_spec__1_~tmp~9#1| ~waterLevel~0)) (.cse9 (= ~waterLevel~0 1))) (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse5 (not (= |old(~waterLevel~0)| 1))) (.cse6 (and .cse7 .cse8 .cse9)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse10 (not (= 0 ~systemActive~0))) (.cse4 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 (and .cse1 (<= |old(~waterLevel~0)| |timeShift___utac_acc__Specification4_spec__1_~tmp~9#1|) (<= |timeShift___utac_acc__Specification4_spec__1_~tmp~9#1| |old(~waterLevel~0)|) (= ~pumpRunning~0 1)) .cse2 .cse3 .cse4) (or .cse0 .cse5 .cse2 .cse6) (or .cse2 (not (= |old(~pumpRunning~0)| 1)) .cse3 (and (= |timeShift_processEnvironment_~tmp~1#1| 1) .cse7 .cse8 .cse9) .cse4) (or .cse0 .cse5 .cse6 .cse10) (or .cse0 .cse3 (and .cse7 .cse8 .cse1) .cse10 .cse4)))) [2022-11-03 03:47:06,195 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 172 195) no Hoare annotation was computed. [2022-11-03 03:47:06,195 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 963) no Hoare annotation was computed. [2022-11-03 03:47:06,195 INFO L902 garLoopResultBuilder]: At program point L453(lines 390 457) the Hoare annotation is: true [2022-11-03 03:47:06,195 INFO L899 garLoopResultBuilder]: For program point L420(lines 420 426) no Hoare annotation was computed. [2022-11-03 03:47:06,196 INFO L899 garLoopResultBuilder]: For program point L420-1(lines 420 426) no Hoare annotation was computed. [2022-11-03 03:47:06,196 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-03 03:47:06,196 INFO L895 garLoopResultBuilder]: At program point L412(line 412) the Hoare annotation is: (let ((.cse2 (= ~waterLevel~0 1)) (.cse3 (= ~pumpRunning~0 0)) (.cse5 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (let ((.cse0 (or (and .cse3 .cse5 .cse2) (and .cse3 (<= 2 ~waterLevel~0) .cse5))) (.cse1 (= 0 ~systemActive~0)) (.cse6 (= 2 ~waterLevel~0)) (.cse4 (= 1 ~systemActive~0))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse4 .cse5 .cse2) (and .cse6 .cse0 .cse1) (and .cse6 .cse4 .cse5 (= ~pumpRunning~0 1))))) [2022-11-03 03:47:06,196 INFO L895 garLoopResultBuilder]: At program point L371(line 371) the Hoare annotation is: (and (<= 2 ~waterLevel~0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0) (<= ~waterLevel~0 2) (= ~pumpRunning~0 1)) [2022-11-03 03:47:06,196 INFO L895 garLoopResultBuilder]: At program point L450(lines 399 451) the Hoare annotation is: false [2022-11-03 03:47:06,197 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-03 03:47:06,197 INFO L899 garLoopResultBuilder]: For program point L438(lines 438 444) no Hoare annotation was computed. [2022-11-03 03:47:06,197 INFO L895 garLoopResultBuilder]: At program point L438-2(lines 430 445) the Hoare annotation is: (let ((.cse3 (= 0 ~systemActive~0)) (.cse4 (= ~waterLevel~0 1)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= 2 ~waterLevel~0)) (.cse5 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse0 .cse2 .cse3 .cse4) (and .cse0 .cse5 .cse2 .cse4) (and .cse0 .cse1 .cse5 .cse2) (and .cse1 .cse5 .cse2 (= ~pumpRunning~0 1)))) [2022-11-03 03:47:06,197 INFO L899 garLoopResultBuilder]: For program point L401(lines 400 449) no Hoare annotation was computed. [2022-11-03 03:47:06,197 INFO L895 garLoopResultBuilder]: At program point L430(lines 430 445) the Hoare annotation is: (let ((.cse3 (= 0 ~systemActive~0)) (.cse4 (= ~waterLevel~0 1)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= 2 ~waterLevel~0)) (.cse5 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse0 .cse2 .cse3 .cse4) (and .cse0 .cse5 .cse2 .cse4) (and .cse0 .cse1 .cse5 .cse2) (and .cse1 .cse5 .cse2 (= ~pumpRunning~0 1)))) [2022-11-03 03:47:06,198 INFO L895 garLoopResultBuilder]: At program point L422(line 422) the Hoare annotation is: (let ((.cse3 (= 0 ~systemActive~0)) (.cse4 (= ~waterLevel~0 1)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= 2 ~waterLevel~0)) (.cse5 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse0 .cse2 .cse3 .cse4) (and .cse0 .cse5 .cse2 .cse4) (and .cse0 .cse1 .cse5 .cse2) (and .cse1 .cse5 .cse2 (= ~pumpRunning~0 1)))) [2022-11-03 03:47:06,198 INFO L895 garLoopResultBuilder]: At program point L447(lines 400 449) the Hoare annotation is: (let ((.cse2 (= 0 ~systemActive~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse3 (= ~waterLevel~0 1)) (.cse4 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 (= 2 ~waterLevel~0) .cse1 .cse2) (and .cse0 .cse1 .cse2 .cse3) (and .cse0 .cse4 .cse1 .cse3) (and (<= 2 ~waterLevel~0) .cse4 .cse1 (<= ~waterLevel~0 2) (= ~pumpRunning~0 1)))) [2022-11-03 03:47:06,198 INFO L899 garLoopResultBuilder]: For program point L410(lines 410 416) no Hoare annotation was computed. [2022-11-03 03:47:06,198 INFO L899 garLoopResultBuilder]: For program point L410-1(lines 410 416) no Hoare annotation was computed. [2022-11-03 03:47:06,198 INFO L899 garLoopResultBuilder]: For program point L369(lines 369 375) no Hoare annotation was computed. [2022-11-03 03:47:06,199 INFO L895 garLoopResultBuilder]: At program point L369-1(lines 369 375) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 (= ~waterLevel~0 1)) (and .cse0 (<= 2 ~waterLevel~0) .cse1 (<= ~waterLevel~0 2)))) [2022-11-03 03:47:06,199 INFO L895 garLoopResultBuilder]: At program point L910(lines 910 917) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-03 03:47:06,199 INFO L902 garLoopResultBuilder]: At program point L910-2(lines 910 917) the Hoare annotation is: true [2022-11-03 03:47:06,199 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 204 228) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= 1 ~systemActive~0)))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2) (or .cse0 .cse1 .cse2 (not (= 2 ~waterLevel~0))))) [2022-11-03 03:47:06,199 INFO L895 garLoopResultBuilder]: At program point L223(line 223) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or .cse0 .cse1 (not (= 2 ~waterLevel~0))) (or (not (= ~waterLevel~0 1)) .cse0 .cse1))) [2022-11-03 03:47:06,200 INFO L899 garLoopResultBuilder]: For program point L223-1(lines 204 228) no Hoare annotation was computed. [2022-11-03 03:47:06,200 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 204 228) no Hoare annotation was computed. [2022-11-03 03:47:06,200 INFO L895 garLoopResultBuilder]: At program point L218(line 218) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or .cse0 .cse1 (not (= 2 ~waterLevel~0))) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~0#1| 0))))) [2022-11-03 03:47:06,200 INFO L895 garLoopResultBuilder]: At program point L212(lines 212 220) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (= ~pumpRunning~0 0))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1 (and .cse2 (= |processEnvironment__wrappee__highWaterSensor_~tmp~0#1| 0))) (or .cse0 .cse1 (not (= 2 ~waterLevel~0)) (and .cse2 (= |processEnvironment__wrappee__highWaterSensor_~tmp~0#1| 1))))) [2022-11-03 03:47:06,200 INFO L895 garLoopResultBuilder]: At program point L208(lines 208 225) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= 1 ~systemActive~0)))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2) (or .cse0 .cse1 .cse2 (not (= 2 ~waterLevel~0))))) [2022-11-03 03:47:06,201 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 72 83) no Hoare annotation was computed. [2022-11-03 03:47:06,201 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 72 83) the Hoare annotation is: (let ((.cse0 (not (= ~pumpRunning~0 0))) (.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse4 (not (= 1 ~systemActive~0))) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 (let ((.cse2 (not (= 0 ~systemActive~0)))) (and (or .cse1 .cse2) (or (not (= |old(~waterLevel~0)| 2)) .cse2))) .cse3) (or .cse0 .cse1 .cse4 (= ~waterLevel~0 1)) (or .cse4 (not (= ~pumpRunning~0 1)) .cse3 (not (<= |old(~waterLevel~0)| 2)) (not (<= 2 |old(~waterLevel~0)|))))) [2022-11-03 03:47:06,204 INFO L444 BasicCegarLoop]: Path program histogram: [2, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:47:06,206 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-03 03:47:06,235 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 03.11 03:47:06 BoogieIcfgContainer [2022-11-03 03:47:06,235 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-03 03:47:06,236 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-03 03:47:06,236 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-03 03:47:06,236 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-03 03:47:06,237 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 03:46:05" (3/4) ... [2022-11-03 03:47:06,239 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-03 03:47:06,245 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-11-03 03:47:06,245 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-03 03:47:06,245 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-03 03:47:06,245 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-03 03:47:06,245 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-03 03:47:06,246 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 03:47:06,246 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-03 03:47:06,253 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 72 nodes and edges [2022-11-03 03:47:06,253 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 28 nodes and edges [2022-11-03 03:47:06,254 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 12 nodes and edges [2022-11-03 03:47:06,254 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-03 03:47:06,255 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-11-03 03:47:06,255 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 03:47:06,256 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 03:47:06,280 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || (pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || !(0 == systemActive)) [2022-11-03 03:47:06,280 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1)) || !(2 <= \old(waterLevel)))) && ((((!(1 == systemActive) || ((tmp == 1 && pumpRunning == 0) && waterLevel == 1)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-11-03 03:47:06,281 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((waterLevel == 1 && pumpRunning == 1) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel))) [2022-11-03 03:47:06,281 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(0 == systemActive)) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1)) || !(2 <= \old(waterLevel)))) && ((((!(1 == systemActive) || ((tmp == 1 && pumpRunning == 0) && waterLevel == 1)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-11-03 03:47:06,281 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(1 == systemActive)) && (((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(2 == waterLevel)) [2022-11-03 03:47:06,282 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(pumpRunning) == 0) || (((\old(waterLevel) == waterLevel && \old(waterLevel) <= tmp) && tmp <= \old(waterLevel)) && pumpRunning == 1)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || ((pumpRunning == 0 && tmp == waterLevel) && waterLevel == 1))) && ((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) <= 2)) || (((tmp == 1 && pumpRunning == 0) && tmp == waterLevel) && waterLevel == 1)) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == 0 && tmp == waterLevel) && waterLevel == 1)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || ((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel)) || !(0 == systemActive)) || !(2 <= \old(waterLevel))) [2022-11-03 03:47:06,282 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(pumpRunning) == 0) || (((\old(waterLevel) == waterLevel && \old(waterLevel) <= tmp) && tmp <= \old(waterLevel)) && pumpRunning == 1)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || ((pumpRunning == 0 && tmp == waterLevel) && waterLevel == 1))) && ((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) <= 2)) || (((tmp == 1 && pumpRunning == 0) && tmp == waterLevel) && waterLevel == 1)) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == 0 && tmp == waterLevel) && waterLevel == 1)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || ((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel)) || !(0 == systemActive)) || !(2 <= \old(waterLevel))) [2022-11-03 03:47:06,283 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(0 == systemActive)) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-11-03 03:47:06,284 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || (pumpRunning == 0 && tmp == 0)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(2 == waterLevel)) || (pumpRunning == 0 && tmp == 1)) [2022-11-03 03:47:06,307 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/witness.graphml [2022-11-03 03:47:06,307 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-03 03:47:06,308 INFO L158 Benchmark]: Toolchain (without parser) took 62447.71ms. Allocated memory was 119.5MB in the beginning and 685.8MB in the end (delta: 566.2MB). Free memory was 79.9MB in the beginning and 613.1MB in the end (delta: -533.2MB). Peak memory consumption was 33.3MB. Max. memory is 16.1GB. [2022-11-03 03:47:06,308 INFO L158 Benchmark]: CDTParser took 0.26ms. Allocated memory is still 119.5MB. Free memory is still 97.6MB. There was no memory consumed. Max. memory is 16.1GB. [2022-11-03 03:47:06,308 INFO L158 Benchmark]: CACSL2BoogieTranslator took 577.03ms. Allocated memory is still 119.5MB. Free memory was 79.7MB in the beginning and 85.7MB in the end (delta: -6.0MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2022-11-03 03:47:06,309 INFO L158 Benchmark]: Boogie Procedure Inliner took 64.22ms. Allocated memory is still 119.5MB. Free memory was 85.7MB in the beginning and 83.1MB in the end (delta: 2.6MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-11-03 03:47:06,309 INFO L158 Benchmark]: Boogie Preprocessor took 38.90ms. Allocated memory is still 119.5MB. Free memory was 83.1MB in the beginning and 81.5MB in the end (delta: 1.6MB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-03 03:47:06,309 INFO L158 Benchmark]: RCFGBuilder took 782.02ms. Allocated memory is still 119.5MB. Free memory was 81.0MB in the beginning and 50.1MB in the end (delta: 30.9MB). Peak memory consumption was 29.4MB. Max. memory is 16.1GB. [2022-11-03 03:47:06,310 INFO L158 Benchmark]: TraceAbstraction took 60906.82ms. Allocated memory was 119.5MB in the beginning and 685.8MB in the end (delta: 566.2MB). Free memory was 49.5MB in the beginning and 618.4MB in the end (delta: -568.8MB). Peak memory consumption was 382.0MB. Max. memory is 16.1GB. [2022-11-03 03:47:06,310 INFO L158 Benchmark]: Witness Printer took 71.38ms. Allocated memory is still 685.8MB. Free memory was 618.4MB in the beginning and 613.1MB in the end (delta: 5.2MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-03 03:47:06,312 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.26ms. Allocated memory is still 119.5MB. Free memory is still 97.6MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 577.03ms. Allocated memory is still 119.5MB. Free memory was 79.7MB in the beginning and 85.7MB in the end (delta: -6.0MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 64.22ms. Allocated memory is still 119.5MB. Free memory was 85.7MB in the beginning and 83.1MB in the end (delta: 2.6MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 38.90ms. Allocated memory is still 119.5MB. Free memory was 83.1MB in the beginning and 81.5MB in the end (delta: 1.6MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 782.02ms. Allocated memory is still 119.5MB. Free memory was 81.0MB in the beginning and 50.1MB in the end (delta: 30.9MB). Peak memory consumption was 29.4MB. Max. memory is 16.1GB. * TraceAbstraction took 60906.82ms. Allocated memory was 119.5MB in the beginning and 685.8MB in the end (delta: 566.2MB). Free memory was 49.5MB in the beginning and 618.4MB in the end (delta: -568.8MB). Peak memory consumption was 382.0MB. Max. memory is 16.1GB. * Witness Printer took 71.38ms. Allocated memory is still 685.8MB. Free memory was 618.4MB in the beginning and 613.1MB in the end (delta: 5.2MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 963]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 59 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 60.8s, OverallIterations: 11, TraceHistogramMax: 4, PathProgramHistogramMax: 2, EmptinessCheckTime: 0.0s, AutomataDifference: 14.9s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 4.5s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 3813 SdHoareTripleChecker+Valid, 5.2s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 3776 mSDsluCounter, 3319 SdHoareTripleChecker+Invalid, 4.3s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3228 mSDsCounter, 2251 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 5951 IncrementalHoareTripleChecker+Invalid, 8202 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 2251 mSolverCounterUnsat, 772 mSDtfsCounter, 5951 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 888 GetRequests, 524 SyntacticMatches, 9 SemanticMatches, 355 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 17397 ImplicationChecksByTransitivity, 22.8s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=693occurred in iteration=10, InterpolantAutomatonStates: 234, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.6s AutomataMinimizationTime, 11 MinimizatonAttempts, 681 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 36 LocationsWithAnnotation, 1461 PreInvPairs, 1538 NumberOfFragments, 1694 HoareAnnotationTreeSize, 1461 FomulaSimplifications, 9156 FormulaSimplificationTreeSizeReduction, 0.6s HoareSimplificationTime, 36 FomulaSimplificationsInter, 24537 FormulaSimplificationTreeSizeReductionInter, 3.9s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.5s SatisfiabilityAnalysisTime, 6.8s InterpolantComputationTime, 748 NumberOfCodeBlocks, 703 NumberOfCodeBlocksAsserted, 16 NumberOfCheckSat, 872 ConstructedInterpolants, 0 QuantifiedInterpolants, 3553 SizeOfPredicates, 47 NumberOfNonLiveVariables, 1744 ConjunctsInSsa, 104 ConjunctsInUnsatCore, 17 InterpolantComputations, 9 PerfectInterpolantSequences, 479/604 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 968]: Loop Invariant Derived loop invariant: (((((((!(\old(pumpRunning) == 0) || (((\old(waterLevel) == waterLevel && \old(waterLevel) <= tmp) && tmp <= \old(waterLevel)) && pumpRunning == 1)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || ((pumpRunning == 0 && tmp == waterLevel) && waterLevel == 1))) && ((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) <= 2)) || (((tmp == 1 && pumpRunning == 0) && tmp == waterLevel) && waterLevel == 1)) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == 0 && tmp == waterLevel) && waterLevel == 1)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || ((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel)) || !(0 == systemActive)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 910]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 172]: Loop Invariant Derived loop invariant: (((((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || (pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || !(0 == systemActive)) - InvariantResult [Line: 234]: Loop Invariant Derived loop invariant: ((((((((waterLevel == 1 && pumpRunning == 1) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 399]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 836]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 390]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 963]: Loop Invariant Derived loop invariant: (((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(0 == systemActive)) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 400]: Loop Invariant Derived loop invariant: (((((pumpRunning == 0 && 2 == waterLevel) && splverifierCounter == 0) && 0 == systemActive) || (((pumpRunning == 0 && splverifierCounter == 0) && 0 == systemActive) && waterLevel == 1)) || (((pumpRunning == 0 && 1 == systemActive) && splverifierCounter == 0) && waterLevel == 1)) || ((((2 <= waterLevel && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) && pumpRunning == 1) - InvariantResult [Line: 183]: Loop Invariant Derived loop invariant: (((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1)) || !(2 <= \old(waterLevel)))) && ((((!(1 == systemActive) || ((tmp == 1 && pumpRunning == 0) && waterLevel == 1)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 976]: Loop Invariant Derived loop invariant: (((((((!(\old(pumpRunning) == 0) || (((\old(waterLevel) == waterLevel && \old(waterLevel) <= tmp) && tmp <= \old(waterLevel)) && pumpRunning == 1)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || ((pumpRunning == 0 && tmp == waterLevel) && waterLevel == 1))) && ((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) <= 2)) || (((tmp == 1 && pumpRunning == 0) && tmp == waterLevel) && waterLevel == 1)) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == 0 && tmp == waterLevel) && waterLevel == 1)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || ((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel)) || !(0 == systemActive)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 230]: Loop Invariant Derived loop invariant: (((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(0 == systemActive)) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1)) || !(2 <= \old(waterLevel)))) && ((((!(1 == systemActive) || ((tmp == 1 && pumpRunning == 0) && waterLevel == 1)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 910]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 430]: Loop Invariant Derived loop invariant: ((((((pumpRunning == 0 && 2 == waterLevel) && splverifierCounter == 0) && 0 == systemActive) || (((pumpRunning == 0 && splverifierCounter == 0) && 0 == systemActive) && waterLevel == 1)) || (((pumpRunning == 0 && 1 == systemActive) && splverifierCounter == 0) && waterLevel == 1)) || (((pumpRunning == 0 && 2 == waterLevel) && 1 == systemActive) && splverifierCounter == 0)) || (((2 == waterLevel && 1 == systemActive) && splverifierCounter == 0) && pumpRunning == 1) - InvariantResult [Line: 212]: Loop Invariant Derived loop invariant: (((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || (pumpRunning == 0 && tmp == 0)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(2 == waterLevel)) || (pumpRunning == 0 && tmp == 1)) - InvariantResult [Line: 826]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 369]: Loop Invariant Derived loop invariant: ((pumpRunning == 0 && splverifierCounter == 0) && waterLevel == 1) || (((pumpRunning == 0 && 2 <= waterLevel) && splverifierCounter == 0) && waterLevel <= 2) - InvariantResult [Line: 208]: Loop Invariant Derived loop invariant: (((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(1 == systemActive)) && (((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(2 == waterLevel)) RESULT: Ultimate proved your program to be correct! [2022-11-03 03:47:06,400 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e92c46bf-f10d-4caf-92ea-be05b14669d4/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE