./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec4_product54.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 5e519f3a Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec4_product54.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash bd2232848f38516f4fb4022953e113fa5008bf5804c5e85e87585cfa28da0689 --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-5e519f3 [2022-11-03 02:35:32,405 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-03 02:35:32,407 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-03 02:35:32,454 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-03 02:35:32,457 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-03 02:35:32,462 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-03 02:35:32,464 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-03 02:35:32,469 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-03 02:35:32,471 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-03 02:35:32,473 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-03 02:35:32,474 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-03 02:35:32,477 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-03 02:35:32,478 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-03 02:35:32,482 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-03 02:35:32,484 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-03 02:35:32,486 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-03 02:35:32,488 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-03 02:35:32,495 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-03 02:35:32,497 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-03 02:35:32,498 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-03 02:35:32,502 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-03 02:35:32,503 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-03 02:35:32,504 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-03 02:35:32,505 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-03 02:35:32,508 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-03 02:35:32,508 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-03 02:35:32,508 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-03 02:35:32,509 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-03 02:35:32,510 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-03 02:35:32,510 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-03 02:35:32,511 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-03 02:35:32,511 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-03 02:35:32,512 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-03 02:35:32,513 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-03 02:35:32,513 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-03 02:35:32,514 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-03 02:35:32,514 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-03 02:35:32,515 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-03 02:35:32,515 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-03 02:35:32,516 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-03 02:35:32,516 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-03 02:35:32,521 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-03 02:35:32,566 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-03 02:35:32,566 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-03 02:35:32,567 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-03 02:35:32,567 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-03 02:35:32,568 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-03 02:35:32,568 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-03 02:35:32,569 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-03 02:35:32,569 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-03 02:35:32,569 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-03 02:35:32,569 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-03 02:35:32,570 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-03 02:35:32,571 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-03 02:35:32,571 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-03 02:35:32,571 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-03 02:35:32,571 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-03 02:35:32,571 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-03 02:35:32,572 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-03 02:35:32,572 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-03 02:35:32,573 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-03 02:35:32,573 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-03 02:35:32,573 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-03 02:35:32,573 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-03 02:35:32,573 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-03 02:35:32,574 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-03 02:35:32,574 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-03 02:35:32,574 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-03 02:35:32,574 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-03 02:35:32,575 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-03 02:35:32,575 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-03 02:35:32,575 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-03 02:35:32,576 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-03 02:35:32,576 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-03 02:35:32,576 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 02:35:32,577 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-03 02:35:32,577 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-03 02:35:32,577 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-03 02:35:32,577 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-03 02:35:32,577 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-03 02:35:32,578 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-03 02:35:32,578 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-03 02:35:32,578 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-03 02:35:32,578 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> bd2232848f38516f4fb4022953e113fa5008bf5804c5e85e87585cfa28da0689 [2022-11-03 02:35:32,874 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-03 02:35:32,902 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-03 02:35:32,905 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-03 02:35:32,906 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-03 02:35:32,907 INFO L275 PluginConnector]: CDTParser initialized [2022-11-03 02:35:32,908 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/../../sv-benchmarks/c/product-lines/minepump_spec4_product54.cil.c [2022-11-03 02:35:32,992 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/data/0ab5155bd/49f5fbe6d5984bf2a4457510628698b5/FLAGb434f09a5 [2022-11-03 02:35:33,485 INFO L306 CDTParser]: Found 1 translation units. [2022-11-03 02:35:33,485 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/sv-benchmarks/c/product-lines/minepump_spec4_product54.cil.c [2022-11-03 02:35:33,500 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/data/0ab5155bd/49f5fbe6d5984bf2a4457510628698b5/FLAGb434f09a5 [2022-11-03 02:35:33,817 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/data/0ab5155bd/49f5fbe6d5984bf2a4457510628698b5 [2022-11-03 02:35:33,819 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-03 02:35:33,827 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-03 02:35:33,830 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-03 02:35:33,831 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-03 02:35:33,835 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-03 02:35:33,835 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 02:35:33" (1/1) ... [2022-11-03 02:35:33,838 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@13204a23 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:35:33, skipping insertion in model container [2022-11-03 02:35:33,839 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 02:35:33" (1/1) ... [2022-11-03 02:35:33,846 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-03 02:35:33,911 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-03 02:35:34,252 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/sv-benchmarks/c/product-lines/minepump_spec4_product54.cil.c[18533,18546] [2022-11-03 02:35:34,266 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 02:35:34,277 INFO L203 MainTranslator]: Completed pre-run [2022-11-03 02:35:34,371 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/sv-benchmarks/c/product-lines/minepump_spec4_product54.cil.c[18533,18546] [2022-11-03 02:35:34,373 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 02:35:34,392 INFO L208 MainTranslator]: Completed translation [2022-11-03 02:35:34,393 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:35:34 WrapperNode [2022-11-03 02:35:34,393 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-03 02:35:34,394 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-03 02:35:34,395 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-03 02:35:34,395 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-03 02:35:34,402 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:35:34" (1/1) ... [2022-11-03 02:35:34,420 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:35:34" (1/1) ... [2022-11-03 02:35:34,464 INFO L138 Inliner]: procedures = 57, calls = 159, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 284 [2022-11-03 02:35:34,464 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-03 02:35:34,465 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-03 02:35:34,465 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-03 02:35:34,465 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-03 02:35:34,474 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:35:34" (1/1) ... [2022-11-03 02:35:34,474 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:35:34" (1/1) ... [2022-11-03 02:35:34,477 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:35:34" (1/1) ... [2022-11-03 02:35:34,477 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:35:34" (1/1) ... [2022-11-03 02:35:34,482 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:35:34" (1/1) ... [2022-11-03 02:35:34,486 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:35:34" (1/1) ... [2022-11-03 02:35:34,488 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:35:34" (1/1) ... [2022-11-03 02:35:34,489 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:35:34" (1/1) ... [2022-11-03 02:35:34,492 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-03 02:35:34,493 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-03 02:35:34,493 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-03 02:35:34,493 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-03 02:35:34,494 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:35:34" (1/1) ... [2022-11-03 02:35:34,512 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 02:35:34,523 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:35:34,538 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-03 02:35:34,553 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-03 02:35:34,578 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-03 02:35:34,578 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-03 02:35:34,578 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-03 02:35:34,579 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-03 02:35:34,579 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-03 02:35:34,579 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-03 02:35:34,579 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-03 02:35:34,579 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 02:35:34,579 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 02:35:34,579 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-03 02:35:34,579 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-03 02:35:34,580 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2022-11-03 02:35:34,580 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2022-11-03 02:35:34,580 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-11-03 02:35:34,580 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-11-03 02:35:34,580 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-03 02:35:34,580 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-03 02:35:34,580 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-03 02:35:34,580 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-03 02:35:34,581 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-03 02:35:34,654 INFO L235 CfgBuilder]: Building ICFG [2022-11-03 02:35:34,656 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-03 02:35:35,084 INFO L276 CfgBuilder]: Performing block encoding [2022-11-03 02:35:35,230 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-03 02:35:35,231 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-03 02:35:35,233 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 02:35:35 BoogieIcfgContainer [2022-11-03 02:35:35,234 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-03 02:35:35,236 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-03 02:35:35,236 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-03 02:35:35,248 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-03 02:35:35,248 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.11 02:35:33" (1/3) ... [2022-11-03 02:35:35,249 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@a8f0a59 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 02:35:35, skipping insertion in model container [2022-11-03 02:35:35,250 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:35:34" (2/3) ... [2022-11-03 02:35:35,250 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@a8f0a59 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 02:35:35, skipping insertion in model container [2022-11-03 02:35:35,250 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 02:35:35" (3/3) ... [2022-11-03 02:35:35,254 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec4_product54.cil.c [2022-11-03 02:35:35,274 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-03 02:35:35,274 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-03 02:35:35,324 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-03 02:35:35,331 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@4dda9a00, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-03 02:35:35,331 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-03 02:35:35,336 INFO L276 IsEmpty]: Start isEmpty. Operand has 62 states, 38 states have (on average 1.4473684210526316) internal successors, (55), 48 states have internal predecessors, (55), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) [2022-11-03 02:35:35,345 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 13 [2022-11-03 02:35:35,345 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:35:35,346 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:35:35,346 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:35:35,352 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:35:35,352 INFO L85 PathProgramCache]: Analyzing trace with hash -1126848889, now seen corresponding path program 1 times [2022-11-03 02:35:35,362 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:35:35,363 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1432988889] [2022-11-03 02:35:35,363 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:35:35,364 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:35:35,478 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:35:35,603 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:35:35,604 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:35:35,605 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1432988889] [2022-11-03 02:35:35,606 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1432988889] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:35:35,606 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:35:35,606 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-03 02:35:35,608 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [591586485] [2022-11-03 02:35:35,609 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:35:35,613 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-03 02:35:35,616 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:35:35,652 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-03 02:35:35,654 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 02:35:35,657 INFO L87 Difference]: Start difference. First operand has 62 states, 38 states have (on average 1.4473684210526316) internal successors, (55), 48 states have internal predecessors, (55), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 5.0) internal successors, (10), 2 states have internal predecessors, (10), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 02:35:35,764 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:35:35,764 INFO L93 Difference]: Finished difference Result 122 states and 167 transitions. [2022-11-03 02:35:35,765 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-03 02:35:35,767 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 5.0) internal successors, (10), 2 states have internal predecessors, (10), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 12 [2022-11-03 02:35:35,767 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:35:35,776 INFO L225 Difference]: With dead ends: 122 [2022-11-03 02:35:35,777 INFO L226 Difference]: Without dead ends: 57 [2022-11-03 02:35:35,782 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 02:35:35,785 INFO L413 NwaCegarLoop]: 62 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 62 SdHoareTripleChecker+Invalid, 19 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:35:35,786 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 62 Invalid, 19 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:35:35,817 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 57 states. [2022-11-03 02:35:35,840 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 57 to 57. [2022-11-03 02:35:35,842 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 57 states, 35 states have (on average 1.3428571428571427) internal successors, (47), 44 states have internal predecessors, (47), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 8 states have call predecessors, (13), 13 states have call successors, (13) [2022-11-03 02:35:35,844 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 57 states to 57 states and 74 transitions. [2022-11-03 02:35:35,845 INFO L78 Accepts]: Start accepts. Automaton has 57 states and 74 transitions. Word has length 12 [2022-11-03 02:35:35,846 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:35:35,846 INFO L495 AbstractCegarLoop]: Abstraction has 57 states and 74 transitions. [2022-11-03 02:35:35,846 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 5.0) internal successors, (10), 2 states have internal predecessors, (10), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 02:35:35,846 INFO L276 IsEmpty]: Start isEmpty. Operand 57 states and 74 transitions. [2022-11-03 02:35:35,848 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 14 [2022-11-03 02:35:35,848 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:35:35,848 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:35:35,849 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-03 02:35:35,849 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:35:35,850 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:35:35,850 INFO L85 PathProgramCache]: Analyzing trace with hash 1465189974, now seen corresponding path program 1 times [2022-11-03 02:35:35,850 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:35:35,850 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [932105326] [2022-11-03 02:35:35,850 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:35:35,851 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:35:35,875 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:35:35,953 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:35:35,954 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:35:35,954 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [932105326] [2022-11-03 02:35:35,954 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [932105326] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:35:35,954 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:35:35,954 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 02:35:35,955 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1354579843] [2022-11-03 02:35:35,955 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:35:35,956 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 02:35:35,956 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:35:35,957 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 02:35:35,957 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 02:35:35,957 INFO L87 Difference]: Start difference. First operand 57 states and 74 transitions. Second operand has 3 states, 3 states have (on average 3.6666666666666665) internal successors, (11), 3 states have internal predecessors, (11), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 02:35:36,031 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:35:36,031 INFO L93 Difference]: Finished difference Result 91 states and 119 transitions. [2022-11-03 02:35:36,031 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 02:35:36,032 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 3.6666666666666665) internal successors, (11), 3 states have internal predecessors, (11), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 13 [2022-11-03 02:35:36,033 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:35:36,035 INFO L225 Difference]: With dead ends: 91 [2022-11-03 02:35:36,035 INFO L226 Difference]: Without dead ends: 49 [2022-11-03 02:35:36,039 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 02:35:36,041 INFO L413 NwaCegarLoop]: 48 mSDtfsCounter, 7 mSDsluCounter, 51 mSDsCounter, 0 mSdLazyCounter, 27 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 10 SdHoareTripleChecker+Valid, 87 SdHoareTripleChecker+Invalid, 27 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 27 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-03 02:35:36,041 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [10 Valid, 87 Invalid, 27 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 27 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-03 02:35:36,042 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 49 states. [2022-11-03 02:35:36,054 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 49 to 49. [2022-11-03 02:35:36,055 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 49 states, 30 states have (on average 1.3666666666666667) internal successors, (41), 39 states have internal predecessors, (41), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 6 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-03 02:35:36,059 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 49 states to 49 states and 63 transitions. [2022-11-03 02:35:36,059 INFO L78 Accepts]: Start accepts. Automaton has 49 states and 63 transitions. Word has length 13 [2022-11-03 02:35:36,059 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:35:36,059 INFO L495 AbstractCegarLoop]: Abstraction has 49 states and 63 transitions. [2022-11-03 02:35:36,060 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 3.6666666666666665) internal successors, (11), 3 states have internal predecessors, (11), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 02:35:36,060 INFO L276 IsEmpty]: Start isEmpty. Operand 49 states and 63 transitions. [2022-11-03 02:35:36,060 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 16 [2022-11-03 02:35:36,061 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:35:36,061 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:35:36,061 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-03 02:35:36,061 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:35:36,062 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:35:36,062 INFO L85 PathProgramCache]: Analyzing trace with hash 896247118, now seen corresponding path program 1 times [2022-11-03 02:35:36,062 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:35:36,062 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1837821233] [2022-11-03 02:35:36,062 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:35:36,063 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:35:36,104 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:35:36,434 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:35:36,434 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:35:36,434 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1837821233] [2022-11-03 02:35:36,434 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1837821233] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:35:36,437 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:35:36,437 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-03 02:35:36,437 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2143450073] [2022-11-03 02:35:36,437 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:35:36,438 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-03 02:35:36,438 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:35:36,439 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-03 02:35:36,439 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=8, Invalid=12, Unknown=0, NotChecked=0, Total=20 [2022-11-03 02:35:36,439 INFO L87 Difference]: Start difference. First operand 49 states and 63 transitions. Second operand has 5 states, 5 states have (on average 2.8) internal successors, (14), 4 states have internal predecessors, (14), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 02:35:36,601 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:35:36,601 INFO L93 Difference]: Finished difference Result 152 states and 197 transitions. [2022-11-03 02:35:36,601 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-11-03 02:35:36,601 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 2.8) internal successors, (14), 4 states have internal predecessors, (14), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 15 [2022-11-03 02:35:36,602 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:35:36,606 INFO L225 Difference]: With dead ends: 152 [2022-11-03 02:35:36,606 INFO L226 Difference]: Without dead ends: 105 [2022-11-03 02:35:36,611 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=18, Invalid=24, Unknown=0, NotChecked=0, Total=42 [2022-11-03 02:35:36,616 INFO L413 NwaCegarLoop]: 58 mSDtfsCounter, 60 mSDsluCounter, 189 mSDsCounter, 0 mSdLazyCounter, 85 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 60 SdHoareTripleChecker+Valid, 221 SdHoareTripleChecker+Invalid, 93 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 85 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:35:36,617 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [60 Valid, 221 Invalid, 93 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 85 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:35:36,618 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 105 states. [2022-11-03 02:35:36,644 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 105 to 90. [2022-11-03 02:35:36,644 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 90 states, 58 states have (on average 1.2586206896551724) internal successors, (73), 69 states have internal predecessors, (73), 16 states have call successors, (16), 12 states have call predecessors, (16), 15 states have return successors, (19), 13 states have call predecessors, (19), 16 states have call successors, (19) [2022-11-03 02:35:36,646 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 90 states to 90 states and 108 transitions. [2022-11-03 02:35:36,646 INFO L78 Accepts]: Start accepts. Automaton has 90 states and 108 transitions. Word has length 15 [2022-11-03 02:35:36,647 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:35:36,647 INFO L495 AbstractCegarLoop]: Abstraction has 90 states and 108 transitions. [2022-11-03 02:35:36,647 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 2.8) internal successors, (14), 4 states have internal predecessors, (14), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 02:35:36,647 INFO L276 IsEmpty]: Start isEmpty. Operand 90 states and 108 transitions. [2022-11-03 02:35:36,651 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 19 [2022-11-03 02:35:36,651 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:35:36,651 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:35:36,651 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-03 02:35:36,652 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:35:36,655 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:35:36,655 INFO L85 PathProgramCache]: Analyzing trace with hash 1364545018, now seen corresponding path program 1 times [2022-11-03 02:35:36,656 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:35:36,656 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2000574847] [2022-11-03 02:35:36,656 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:35:36,656 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:35:36,692 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:35:36,830 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:35:36,830 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:35:36,830 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2000574847] [2022-11-03 02:35:36,831 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2000574847] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:35:36,831 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:35:36,831 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-03 02:35:36,831 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1453132848] [2022-11-03 02:35:36,831 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:35:36,832 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-03 02:35:36,833 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:35:36,833 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-03 02:35:36,833 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-03 02:35:36,834 INFO L87 Difference]: Start difference. First operand 90 states and 108 transitions. Second operand has 4 states, 4 states have (on average 3.75) internal successors, (15), 4 states have internal predecessors, (15), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:35:36,938 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:35:36,938 INFO L93 Difference]: Finished difference Result 173 states and 223 transitions. [2022-11-03 02:35:36,938 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-03 02:35:36,939 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 3.75) internal successors, (15), 4 states have internal predecessors, (15), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 18 [2022-11-03 02:35:36,939 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:35:36,943 INFO L225 Difference]: With dead ends: 173 [2022-11-03 02:35:36,943 INFO L226 Difference]: Without dead ends: 126 [2022-11-03 02:35:36,944 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-03 02:35:36,955 INFO L413 NwaCegarLoop]: 58 mSDtfsCounter, 37 mSDsluCounter, 116 mSDsCounter, 0 mSdLazyCounter, 50 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 37 SdHoareTripleChecker+Valid, 156 SdHoareTripleChecker+Invalid, 58 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 50 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:35:36,956 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [37 Valid, 156 Invalid, 58 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 50 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:35:36,956 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 126 states. [2022-11-03 02:35:36,987 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 126 to 122. [2022-11-03 02:35:36,988 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 122 states, 81 states have (on average 1.2345679012345678) internal successors, (100), 91 states have internal predecessors, (100), 19 states have call successors, (19), 18 states have call predecessors, (19), 21 states have return successors, (28), 19 states have call predecessors, (28), 19 states have call successors, (28) [2022-11-03 02:35:36,989 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 122 states to 122 states and 147 transitions. [2022-11-03 02:35:36,989 INFO L78 Accepts]: Start accepts. Automaton has 122 states and 147 transitions. Word has length 18 [2022-11-03 02:35:36,989 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:35:36,989 INFO L495 AbstractCegarLoop]: Abstraction has 122 states and 147 transitions. [2022-11-03 02:35:36,990 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 3.75) internal successors, (15), 4 states have internal predecessors, (15), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:35:36,990 INFO L276 IsEmpty]: Start isEmpty. Operand 122 states and 147 transitions. [2022-11-03 02:35:36,991 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2022-11-03 02:35:36,991 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:35:36,991 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:35:36,991 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-03 02:35:36,991 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:35:36,992 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:35:36,992 INFO L85 PathProgramCache]: Analyzing trace with hash -840561044, now seen corresponding path program 1 times [2022-11-03 02:35:36,992 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:35:36,992 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [48800414] [2022-11-03 02:35:36,992 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:35:36,992 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:35:37,009 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:35:37,286 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:35:37,286 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:35:37,286 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [48800414] [2022-11-03 02:35:37,287 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [48800414] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:35:37,287 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:35:37,287 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-11-03 02:35:37,287 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1787251493] [2022-11-03 02:35:37,287 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:35:37,288 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-03 02:35:37,288 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:35:37,288 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-03 02:35:37,288 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=39, Unknown=0, NotChecked=0, Total=56 [2022-11-03 02:35:37,289 INFO L87 Difference]: Start difference. First operand 122 states and 147 transitions. Second operand has 8 states, 7 states have (on average 3.4285714285714284) internal successors, (24), 7 states have internal predecessors, (24), 4 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-03 02:35:37,857 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:35:37,858 INFO L93 Difference]: Finished difference Result 296 states and 372 transitions. [2022-11-03 02:35:37,858 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-11-03 02:35:37,858 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 3.4285714285714284) internal successors, (24), 7 states have internal predecessors, (24), 4 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) Word has length 31 [2022-11-03 02:35:37,859 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:35:37,860 INFO L225 Difference]: With dead ends: 296 [2022-11-03 02:35:37,860 INFO L226 Difference]: Without dead ends: 217 [2022-11-03 02:35:37,861 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 12 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=46, Invalid=86, Unknown=0, NotChecked=0, Total=132 [2022-11-03 02:35:37,862 INFO L413 NwaCegarLoop]: 82 mSDtfsCounter, 163 mSDsluCounter, 232 mSDsCounter, 0 mSdLazyCounter, 403 mSolverCounterSat, 65 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 175 SdHoareTripleChecker+Valid, 271 SdHoareTripleChecker+Invalid, 468 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 65 IncrementalHoareTripleChecker+Valid, 403 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2022-11-03 02:35:37,862 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [175 Valid, 271 Invalid, 468 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [65 Valid, 403 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2022-11-03 02:35:37,863 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 217 states. [2022-11-03 02:35:37,890 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 217 to 198. [2022-11-03 02:35:37,891 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 198 states, 132 states have (on average 1.2348484848484849) internal successors, (163), 149 states have internal predecessors, (163), 31 states have call successors, (31), 27 states have call predecessors, (31), 34 states have return successors, (46), 32 states have call predecessors, (46), 31 states have call successors, (46) [2022-11-03 02:35:37,892 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 198 states to 198 states and 240 transitions. [2022-11-03 02:35:37,893 INFO L78 Accepts]: Start accepts. Automaton has 198 states and 240 transitions. Word has length 31 [2022-11-03 02:35:37,893 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:35:37,893 INFO L495 AbstractCegarLoop]: Abstraction has 198 states and 240 transitions. [2022-11-03 02:35:37,893 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 3.4285714285714284) internal successors, (24), 7 states have internal predecessors, (24), 4 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-03 02:35:37,894 INFO L276 IsEmpty]: Start isEmpty. Operand 198 states and 240 transitions. [2022-11-03 02:35:37,895 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2022-11-03 02:35:37,895 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:35:37,895 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:35:37,896 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-03 02:35:37,896 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:35:37,896 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:35:37,896 INFO L85 PathProgramCache]: Analyzing trace with hash -1239335642, now seen corresponding path program 1 times [2022-11-03 02:35:37,897 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:35:37,897 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [302876170] [2022-11-03 02:35:37,897 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:35:37,897 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:35:37,912 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:35:38,206 INFO L134 CoverageAnalysis]: Checked inductivity of 11 backedges. 11 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:35:38,206 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:35:38,207 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [302876170] [2022-11-03 02:35:38,208 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [302876170] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:35:38,208 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:35:38,208 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-11-03 02:35:38,208 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1582684204] [2022-11-03 02:35:38,208 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:35:38,209 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-03 02:35:38,210 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:35:38,210 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-03 02:35:38,210 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=19, Invalid=37, Unknown=0, NotChecked=0, Total=56 [2022-11-03 02:35:38,210 INFO L87 Difference]: Start difference. First operand 198 states and 240 transitions. Second operand has 8 states, 8 states have (on average 4.25) internal successors, (34), 7 states have internal predecessors, (34), 4 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-03 02:35:38,549 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:35:38,549 INFO L93 Difference]: Finished difference Result 329 states and 410 transitions. [2022-11-03 02:35:38,550 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-11-03 02:35:38,550 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 4.25) internal successors, (34), 7 states have internal predecessors, (34), 4 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) Word has length 41 [2022-11-03 02:35:38,550 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:35:38,556 INFO L225 Difference]: With dead ends: 329 [2022-11-03 02:35:38,556 INFO L226 Difference]: Without dead ends: 241 [2022-11-03 02:35:38,557 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 12 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=45, Invalid=87, Unknown=0, NotChecked=0, Total=132 [2022-11-03 02:35:38,559 INFO L413 NwaCegarLoop]: 55 mSDtfsCounter, 119 mSDsluCounter, 95 mSDsCounter, 0 mSdLazyCounter, 216 mSolverCounterSat, 65 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 127 SdHoareTripleChecker+Valid, 130 SdHoareTripleChecker+Invalid, 281 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 65 IncrementalHoareTripleChecker+Valid, 216 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-03 02:35:38,559 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [127 Valid, 130 Invalid, 281 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [65 Valid, 216 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-03 02:35:38,561 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 241 states. [2022-11-03 02:35:38,623 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 241 to 201. [2022-11-03 02:35:38,625 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 201 states, 134 states have (on average 1.2388059701492538) internal successors, (166), 150 states have internal predecessors, (166), 31 states have call successors, (31), 27 states have call predecessors, (31), 35 states have return successors, (49), 33 states have call predecessors, (49), 31 states have call successors, (49) [2022-11-03 02:35:38,628 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 201 states to 201 states and 246 transitions. [2022-11-03 02:35:38,628 INFO L78 Accepts]: Start accepts. Automaton has 201 states and 246 transitions. Word has length 41 [2022-11-03 02:35:38,629 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:35:38,629 INFO L495 AbstractCegarLoop]: Abstraction has 201 states and 246 transitions. [2022-11-03 02:35:38,629 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 4.25) internal successors, (34), 7 states have internal predecessors, (34), 4 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 3 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-03 02:35:38,629 INFO L276 IsEmpty]: Start isEmpty. Operand 201 states and 246 transitions. [2022-11-03 02:35:38,637 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2022-11-03 02:35:38,637 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:35:38,638 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:35:38,638 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-03 02:35:38,638 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:35:38,639 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:35:38,639 INFO L85 PathProgramCache]: Analyzing trace with hash 104867538, now seen corresponding path program 1 times [2022-11-03 02:35:38,639 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:35:38,640 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [540965178] [2022-11-03 02:35:38,640 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:35:38,640 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:35:38,673 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:35:38,831 INFO L134 CoverageAnalysis]: Checked inductivity of 11 backedges. 11 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:35:38,831 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:35:38,831 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [540965178] [2022-11-03 02:35:38,831 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [540965178] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:35:38,831 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:35:38,832 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-03 02:35:38,832 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1044845910] [2022-11-03 02:35:38,832 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:35:38,832 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-03 02:35:38,833 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:35:38,834 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-03 02:35:38,834 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-03 02:35:38,834 INFO L87 Difference]: Start difference. First operand 201 states and 246 transitions. Second operand has 4 states, 4 states have (on average 8.75) internal successors, (35), 4 states have internal predecessors, (35), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-03 02:35:38,914 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:35:38,914 INFO L93 Difference]: Finished difference Result 400 states and 495 transitions. [2022-11-03 02:35:38,915 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-11-03 02:35:38,915 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 8.75) internal successors, (35), 4 states have internal predecessors, (35), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 44 [2022-11-03 02:35:38,916 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:35:38,918 INFO L225 Difference]: With dead ends: 400 [2022-11-03 02:35:38,918 INFO L226 Difference]: Without dead ends: 201 [2022-11-03 02:35:38,919 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-03 02:35:38,920 INFO L413 NwaCegarLoop]: 45 mSDtfsCounter, 47 mSDsluCounter, 56 mSDsCounter, 0 mSdLazyCounter, 33 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 48 SdHoareTripleChecker+Valid, 89 SdHoareTripleChecker+Invalid, 36 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 33 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-03 02:35:38,920 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [48 Valid, 89 Invalid, 36 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 33 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-03 02:35:38,922 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 201 states. [2022-11-03 02:35:38,965 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 201 to 201. [2022-11-03 02:35:38,965 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 201 states, 134 states have (on average 1.2014925373134329) internal successors, (161), 150 states have internal predecessors, (161), 31 states have call successors, (31), 27 states have call predecessors, (31), 35 states have return successors, (49), 33 states have call predecessors, (49), 31 states have call successors, (49) [2022-11-03 02:35:38,968 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 201 states to 201 states and 241 transitions. [2022-11-03 02:35:38,968 INFO L78 Accepts]: Start accepts. Automaton has 201 states and 241 transitions. Word has length 44 [2022-11-03 02:35:38,970 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:35:38,970 INFO L495 AbstractCegarLoop]: Abstraction has 201 states and 241 transitions. [2022-11-03 02:35:38,970 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 8.75) internal successors, (35), 4 states have internal predecessors, (35), 2 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-03 02:35:38,970 INFO L276 IsEmpty]: Start isEmpty. Operand 201 states and 241 transitions. [2022-11-03 02:35:38,972 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2022-11-03 02:35:38,972 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:35:38,972 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:35:38,973 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-03 02:35:38,973 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:35:38,975 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:35:38,975 INFO L85 PathProgramCache]: Analyzing trace with hash -1703127916, now seen corresponding path program 1 times [2022-11-03 02:35:38,975 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:35:38,975 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1331682777] [2022-11-03 02:35:38,975 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:35:38,976 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:35:39,003 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:35:39,125 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 14 proven. 5 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2022-11-03 02:35:39,125 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:35:39,125 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1331682777] [2022-11-03 02:35:39,129 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1331682777] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:35:39,129 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1979462792] [2022-11-03 02:35:39,129 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:35:39,129 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:35:39,130 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:35:39,134 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:35:39,161 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-03 02:35:39,278 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:35:39,282 INFO L263 TraceCheckSpWp]: Trace formula consists of 413 conjuncts, 4 conjunts are in the unsatisfiable core [2022-11-03 02:35:39,287 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:35:39,407 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 24 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:35:39,407 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-03 02:35:39,408 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1979462792] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:35:39,408 INFO L184 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2022-11-03 02:35:39,408 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [4] total 5 [2022-11-03 02:35:39,408 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [567202435] [2022-11-03 02:35:39,408 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:35:39,409 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 02:35:39,409 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:35:39,409 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 02:35:39,409 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=8, Invalid=12, Unknown=0, NotChecked=0, Total=20 [2022-11-03 02:35:39,410 INFO L87 Difference]: Start difference. First operand 201 states and 241 transitions. Second operand has 3 states, 3 states have (on average 14.666666666666666) internal successors, (44), 3 states have internal predecessors, (44), 3 states have call successors, (7), 3 states have call predecessors, (7), 3 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2022-11-03 02:35:39,480 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:35:39,480 INFO L93 Difference]: Finished difference Result 304 states and 369 transitions. [2022-11-03 02:35:39,480 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 02:35:39,481 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 14.666666666666666) internal successors, (44), 3 states have internal predecessors, (44), 3 states have call successors, (7), 3 states have call predecessors, (7), 3 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) Word has length 57 [2022-11-03 02:35:39,481 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:35:39,482 INFO L225 Difference]: With dead ends: 304 [2022-11-03 02:35:39,482 INFO L226 Difference]: Without dead ends: 200 [2022-11-03 02:35:39,483 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 61 GetRequests, 58 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=8, Invalid=12, Unknown=0, NotChecked=0, Total=20 [2022-11-03 02:35:39,483 INFO L413 NwaCegarLoop]: 64 mSDtfsCounter, 30 mSDsluCounter, 39 mSDsCounter, 0 mSdLazyCounter, 36 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 30 SdHoareTripleChecker+Valid, 96 SdHoareTripleChecker+Invalid, 38 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 36 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-03 02:35:39,484 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [30 Valid, 96 Invalid, 38 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 36 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-03 02:35:39,484 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 200 states. [2022-11-03 02:35:39,511 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 200 to 200. [2022-11-03 02:35:39,512 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 200 states, 134 states have (on average 1.171641791044776) internal successors, (157), 149 states have internal predecessors, (157), 30 states have call successors, (30), 27 states have call predecessors, (30), 35 states have return successors, (40), 33 states have call predecessors, (40), 30 states have call successors, (40) [2022-11-03 02:35:39,513 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 200 states to 200 states and 227 transitions. [2022-11-03 02:35:39,513 INFO L78 Accepts]: Start accepts. Automaton has 200 states and 227 transitions. Word has length 57 [2022-11-03 02:35:39,514 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:35:39,514 INFO L495 AbstractCegarLoop]: Abstraction has 200 states and 227 transitions. [2022-11-03 02:35:39,514 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 14.666666666666666) internal successors, (44), 3 states have internal predecessors, (44), 3 states have call successors, (7), 3 states have call predecessors, (7), 3 states have return successors, (6), 3 states have call predecessors, (6), 2 states have call successors, (6) [2022-11-03 02:35:39,514 INFO L276 IsEmpty]: Start isEmpty. Operand 200 states and 227 transitions. [2022-11-03 02:35:39,515 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 62 [2022-11-03 02:35:39,515 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:35:39,515 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:35:39,551 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-03 02:35:39,741 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:35:39,741 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:35:39,741 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:35:39,742 INFO L85 PathProgramCache]: Analyzing trace with hash -2036543124, now seen corresponding path program 1 times [2022-11-03 02:35:39,742 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:35:39,742 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [695352506] [2022-11-03 02:35:39,742 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:35:39,742 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:35:39,783 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:35:40,348 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 0 proven. 17 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-11-03 02:35:40,348 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:35:40,348 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [695352506] [2022-11-03 02:35:40,353 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [695352506] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:35:40,353 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1708045488] [2022-11-03 02:35:40,353 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:35:40,353 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:35:40,353 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:35:40,354 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:35:40,373 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-03 02:35:40,462 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:35:40,465 INFO L263 TraceCheckSpWp]: Trace formula consists of 433 conjuncts, 28 conjunts are in the unsatisfiable core [2022-11-03 02:35:40,468 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:35:40,779 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 8 proven. 9 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-11-03 02:35:40,780 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 02:35:41,390 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 1 proven. 8 refuted. 0 times theorem prover too weak. 12 trivial. 0 not checked. [2022-11-03 02:35:41,391 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1708045488] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 02:35:41,391 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1710245801] [2022-11-03 02:35:41,411 INFO L159 IcfgInterpreter]: Started Sifa with 41 locations of interest [2022-11-03 02:35:41,411 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 02:35:41,414 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 02:35:41,419 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 02:35:41,419 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 02:35:47,875 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 48 for LOIs [2022-11-03 02:35:47,883 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 26 for LOIs [2022-11-03 02:35:48,027 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__lowWaterSensor with input of size 49 for LOIs [2022-11-03 02:35:48,423 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 59 for LOIs [2022-11-03 02:35:48,620 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 33 for LOIs [2022-11-03 02:35:48,622 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 02:35:56,622 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '5463#(and (<= |timeShift___utac_acc__Specification4_spec__1_~tmp___0~3#1| 2147483647) (= |timeShift___utac_acc__Specification4_spec__1_~tmp~6#1| |timeShift_getWaterLevel_#res#1|) (not (= |timeShift___utac_acc__Specification4_spec__1_~tmp___0~3#1| 0)) (= |timeShift___utac_acc__Specification4_spec__1_~tmp~6#1| 0) (= ~methaneLevelCritical~0 0) (= ~head~0.offset 0) (<= 0 (+ |timeShift___utac_acc__Specification4_spec__1_~tmp___0~3#1| 2147483648)) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~1#1|) (= 1 ~systemActive~0) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~1#1|) (= |timeShift_getWaterLevel_~retValue_acc~9#1| |timeShift_getWaterLevel_#res#1|) (= ~head~0.base 0) (= |#NULL.offset| 0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification4_spec__1_~tmp___0~3#1|) (<= 0 |#StackHeapBarrier|) (= |timeShift_getWaterLevel_~retValue_acc~9#1| ~waterLevel~0) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 02:35:56,622 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 02:35:56,622 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 02:35:56,622 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [14, 9, 11] total 30 [2022-11-03 02:35:56,622 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1972510657] [2022-11-03 02:35:56,623 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 02:35:56,623 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 30 states [2022-11-03 02:35:56,623 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:35:56,624 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 30 interpolants. [2022-11-03 02:35:56,626 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=325, Invalid=2867, Unknown=0, NotChecked=0, Total=3192 [2022-11-03 02:35:56,627 INFO L87 Difference]: Start difference. First operand 200 states and 227 transitions. Second operand has 30 states, 27 states have (on average 3.925925925925926) internal successors, (106), 27 states have internal predecessors, (106), 13 states have call successors, (20), 10 states have call predecessors, (20), 9 states have return successors, (18), 12 states have call predecessors, (18), 12 states have call successors, (18) [2022-11-03 02:35:59,906 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:35:59,906 INFO L93 Difference]: Finished difference Result 512 states and 586 transitions. [2022-11-03 02:35:59,906 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 52 states. [2022-11-03 02:35:59,907 INFO L78 Accepts]: Start accepts. Automaton has has 30 states, 27 states have (on average 3.925925925925926) internal successors, (106), 27 states have internal predecessors, (106), 13 states have call successors, (20), 10 states have call predecessors, (20), 9 states have return successors, (18), 12 states have call predecessors, (18), 12 states have call successors, (18) Word has length 61 [2022-11-03 02:35:59,907 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:35:59,909 INFO L225 Difference]: With dead ends: 512 [2022-11-03 02:35:59,909 INFO L226 Difference]: Without dead ends: 415 [2022-11-03 02:35:59,912 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 256 GetRequests, 147 SyntacticMatches, 9 SemanticMatches, 100 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4067 ImplicationChecksByTransitivity, 10.2s TimeCoverageRelationStatistics Valid=1136, Invalid=9166, Unknown=0, NotChecked=0, Total=10302 [2022-11-03 02:35:59,913 INFO L413 NwaCegarLoop]: 106 mSDtfsCounter, 931 mSDsluCounter, 739 mSDsCounter, 0 mSdLazyCounter, 1727 mSolverCounterSat, 523 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 935 SdHoareTripleChecker+Valid, 681 SdHoareTripleChecker+Invalid, 2250 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 523 IncrementalHoareTripleChecker+Valid, 1727 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.3s IncrementalHoareTripleChecker+Time [2022-11-03 02:35:59,913 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [935 Valid, 681 Invalid, 2250 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [523 Valid, 1727 Invalid, 0 Unknown, 0 Unchecked, 1.3s Time] [2022-11-03 02:35:59,914 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 415 states. [2022-11-03 02:35:59,945 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 415 to 266. [2022-11-03 02:35:59,946 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 266 states, 178 states have (on average 1.146067415730337) internal successors, (204), 195 states have internal predecessors, (204), 38 states have call successors, (38), 36 states have call predecessors, (38), 49 states have return successors, (51), 45 states have call predecessors, (51), 38 states have call successors, (51) [2022-11-03 02:35:59,947 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 266 states to 266 states and 293 transitions. [2022-11-03 02:35:59,948 INFO L78 Accepts]: Start accepts. Automaton has 266 states and 293 transitions. Word has length 61 [2022-11-03 02:35:59,948 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:35:59,948 INFO L495 AbstractCegarLoop]: Abstraction has 266 states and 293 transitions. [2022-11-03 02:35:59,949 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 30 states, 27 states have (on average 3.925925925925926) internal successors, (106), 27 states have internal predecessors, (106), 13 states have call successors, (20), 10 states have call predecessors, (20), 9 states have return successors, (18), 12 states have call predecessors, (18), 12 states have call successors, (18) [2022-11-03 02:35:59,949 INFO L276 IsEmpty]: Start isEmpty. Operand 266 states and 293 transitions. [2022-11-03 02:35:59,950 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 92 [2022-11-03 02:35:59,950 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:35:59,950 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:35:59,977 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2022-11-03 02:36:00,157 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:36:00,157 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:36:00,157 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:36:00,158 INFO L85 PathProgramCache]: Analyzing trace with hash -312716180, now seen corresponding path program 2 times [2022-11-03 02:36:00,158 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:36:00,158 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [399991279] [2022-11-03 02:36:00,158 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:36:00,158 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:36:00,211 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:36:01,055 INFO L134 CoverageAnalysis]: Checked inductivity of 72 backedges. 28 proven. 26 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2022-11-03 02:36:01,055 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:36:01,055 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [399991279] [2022-11-03 02:36:01,055 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [399991279] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:36:01,056 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1625587527] [2022-11-03 02:36:01,056 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2022-11-03 02:36:01,056 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:36:01,056 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:36:01,057 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:36:01,077 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-11-03 02:36:01,166 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) [2022-11-03 02:36:01,166 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2022-11-03 02:36:01,169 INFO L263 TraceCheckSpWp]: Trace formula consists of 447 conjuncts, 29 conjunts are in the unsatisfiable core [2022-11-03 02:36:01,172 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:36:01,256 INFO L134 CoverageAnalysis]: Checked inductivity of 72 backedges. 60 proven. 0 refuted. 0 times theorem prover too weak. 12 trivial. 0 not checked. [2022-11-03 02:36:01,256 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-03 02:36:01,257 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1625587527] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:36:01,257 INFO L184 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2022-11-03 02:36:01,257 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [16] total 19 [2022-11-03 02:36:01,257 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [15344016] [2022-11-03 02:36:01,257 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:36:01,258 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-03 02:36:01,258 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:36:01,258 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-03 02:36:01,259 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=53, Invalid=289, Unknown=0, NotChecked=0, Total=342 [2022-11-03 02:36:01,259 INFO L87 Difference]: Start difference. First operand 266 states and 293 transitions. Second operand has 6 states, 6 states have (on average 10.0) internal successors, (60), 6 states have internal predecessors, (60), 3 states have call successors, (11), 3 states have call predecessors, (11), 3 states have return successors, (11), 3 states have call predecessors, (11), 3 states have call successors, (11) [2022-11-03 02:36:01,459 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:36:01,460 INFO L93 Difference]: Finished difference Result 578 states and 651 transitions. [2022-11-03 02:36:01,460 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2022-11-03 02:36:01,460 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 10.0) internal successors, (60), 6 states have internal predecessors, (60), 3 states have call successors, (11), 3 states have call predecessors, (11), 3 states have return successors, (11), 3 states have call predecessors, (11), 3 states have call successors, (11) Word has length 91 [2022-11-03 02:36:01,461 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:36:01,462 INFO L225 Difference]: With dead ends: 578 [2022-11-03 02:36:01,463 INFO L226 Difference]: Without dead ends: 333 [2022-11-03 02:36:01,463 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 113 GetRequests, 93 SyntacticMatches, 0 SemanticMatches, 20 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 94 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=68, Invalid=394, Unknown=0, NotChecked=0, Total=462 [2022-11-03 02:36:01,464 INFO L413 NwaCegarLoop]: 80 mSDtfsCounter, 56 mSDsluCounter, 293 mSDsCounter, 0 mSdLazyCounter, 162 mSolverCounterSat, 12 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 60 SdHoareTripleChecker+Valid, 313 SdHoareTripleChecker+Invalid, 174 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 12 IncrementalHoareTripleChecker+Valid, 162 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:36:01,465 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [60 Valid, 313 Invalid, 174 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [12 Valid, 162 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:36:01,465 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 333 states. [2022-11-03 02:36:01,501 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 333 to 321. [2022-11-03 02:36:01,502 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 321 states, 219 states have (on average 1.1415525114155252) internal successors, (250), 238 states have internal predecessors, (250), 45 states have call successors, (45), 43 states have call predecessors, (45), 56 states have return successors, (60), 52 states have call predecessors, (60), 45 states have call successors, (60) [2022-11-03 02:36:01,503 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 321 states to 321 states and 355 transitions. [2022-11-03 02:36:01,504 INFO L78 Accepts]: Start accepts. Automaton has 321 states and 355 transitions. Word has length 91 [2022-11-03 02:36:01,504 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:36:01,504 INFO L495 AbstractCegarLoop]: Abstraction has 321 states and 355 transitions. [2022-11-03 02:36:01,504 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 10.0) internal successors, (60), 6 states have internal predecessors, (60), 3 states have call successors, (11), 3 states have call predecessors, (11), 3 states have return successors, (11), 3 states have call predecessors, (11), 3 states have call successors, (11) [2022-11-03 02:36:01,504 INFO L276 IsEmpty]: Start isEmpty. Operand 321 states and 355 transitions. [2022-11-03 02:36:01,506 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 107 [2022-11-03 02:36:01,506 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:36:01,506 INFO L195 NwaCegarLoop]: trace histogram [4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:36:01,546 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2022-11-03 02:36:01,727 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-03 02:36:01,728 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:36:01,728 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:36:01,728 INFO L85 PathProgramCache]: Analyzing trace with hash 485012788, now seen corresponding path program 1 times [2022-11-03 02:36:01,728 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:36:01,728 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1001526232] [2022-11-03 02:36:01,728 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:36:01,729 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:36:01,750 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:36:02,906 INFO L134 CoverageAnalysis]: Checked inductivity of 112 backedges. 40 proven. 53 refuted. 0 times theorem prover too weak. 19 trivial. 0 not checked. [2022-11-03 02:36:02,906 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:36:02,906 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1001526232] [2022-11-03 02:36:02,907 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1001526232] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:36:02,907 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [719911698] [2022-11-03 02:36:02,907 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:36:02,907 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:36:02,907 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:36:02,909 INFO L229 MonitoredProcess]: Starting monitored process 5 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:36:02,934 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2022-11-03 02:36:03,044 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:36:03,048 INFO L263 TraceCheckSpWp]: Trace formula consists of 580 conjuncts, 36 conjunts are in the unsatisfiable core [2022-11-03 02:36:03,051 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:36:03,664 INFO L134 CoverageAnalysis]: Checked inductivity of 112 backedges. 61 proven. 36 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2022-11-03 02:36:03,664 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 02:36:04,640 INFO L134 CoverageAnalysis]: Checked inductivity of 112 backedges. 64 proven. 23 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2022-11-03 02:36:04,640 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [719911698] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 02:36:04,640 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1089082405] [2022-11-03 02:36:04,646 INFO L159 IcfgInterpreter]: Started Sifa with 44 locations of interest [2022-11-03 02:36:04,647 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 02:36:04,647 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 02:36:04,647 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 02:36:04,648 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 02:36:09,812 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 48 for LOIs [2022-11-03 02:36:09,823 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 26 for LOIs [2022-11-03 02:36:09,970 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__lowWaterSensor with input of size 49 for LOIs [2022-11-03 02:36:10,333 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 59 for LOIs [2022-11-03 02:36:10,526 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 33 for LOIs [2022-11-03 02:36:10,528 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 02:36:18,504 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '9219#(and (<= |timeShift___utac_acc__Specification4_spec__1_~tmp___0~3#1| 2147483647) (= |timeShift___utac_acc__Specification4_spec__1_~tmp~6#1| |timeShift_getWaterLevel_#res#1|) (not (= |timeShift___utac_acc__Specification4_spec__1_~tmp___0~3#1| 0)) (= |timeShift___utac_acc__Specification4_spec__1_~tmp~6#1| 0) (= ~methaneLevelCritical~0 0) (= ~head~0.offset 0) (<= 0 (+ |timeShift___utac_acc__Specification4_spec__1_~tmp___0~3#1| 2147483648)) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~1#1|) (= 1 ~systemActive~0) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~1#1|) (= |timeShift_getWaterLevel_~retValue_acc~9#1| |timeShift_getWaterLevel_#res#1|) (= ~head~0.base 0) (= |#NULL.offset| 0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification4_spec__1_~tmp___0~3#1|) (<= 0 |#StackHeapBarrier|) (= |timeShift_getWaterLevel_~retValue_acc~9#1| ~waterLevel~0) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 02:36:18,504 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 02:36:18,504 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 02:36:18,505 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [22, 13, 13] total 41 [2022-11-03 02:36:18,505 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [789600942] [2022-11-03 02:36:18,505 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 02:36:18,506 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 41 states [2022-11-03 02:36:18,506 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:36:18,507 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 41 interpolants. [2022-11-03 02:36:18,509 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=504, Invalid=4052, Unknown=0, NotChecked=0, Total=4556 [2022-11-03 02:36:18,509 INFO L87 Difference]: Start difference. First operand 321 states and 355 transitions. Second operand has 41 states, 38 states have (on average 4.2105263157894735) internal successors, (160), 39 states have internal predecessors, (160), 18 states have call successors, (26), 8 states have call predecessors, (26), 16 states have return successors, (30), 20 states have call predecessors, (30), 18 states have call successors, (30) [2022-11-03 02:36:19,795 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:36:19,796 INFO L93 Difference]: Finished difference Result 414 states and 463 transitions. [2022-11-03 02:36:19,796 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 20 states. [2022-11-03 02:36:19,796 INFO L78 Accepts]: Start accepts. Automaton has has 41 states, 38 states have (on average 4.2105263157894735) internal successors, (160), 39 states have internal predecessors, (160), 18 states have call successors, (26), 8 states have call predecessors, (26), 16 states have return successors, (30), 20 states have call predecessors, (30), 18 states have call successors, (30) Word has length 106 [2022-11-03 02:36:19,797 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:36:19,798 INFO L225 Difference]: With dead ends: 414 [2022-11-03 02:36:19,798 INFO L226 Difference]: Without dead ends: 0 [2022-11-03 02:36:19,800 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 362 GetRequests, 272 SyntacticMatches, 9 SemanticMatches, 81 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3234 ImplicationChecksByTransitivity, 9.4s TimeCoverageRelationStatistics Valid=869, Invalid=5937, Unknown=0, NotChecked=0, Total=6806 [2022-11-03 02:36:19,801 INFO L413 NwaCegarLoop]: 51 mSDtfsCounter, 499 mSDsluCounter, 427 mSDsCounter, 0 mSdLazyCounter, 865 mSolverCounterSat, 323 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 502 SdHoareTripleChecker+Valid, 360 SdHoareTripleChecker+Invalid, 1188 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 323 IncrementalHoareTripleChecker+Valid, 865 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2022-11-03 02:36:19,802 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [502 Valid, 360 Invalid, 1188 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [323 Valid, 865 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2022-11-03 02:36:19,802 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-03 02:36:19,802 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-03 02:36:19,802 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 02:36:19,803 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-03 02:36:19,803 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 106 [2022-11-03 02:36:19,803 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:36:19,803 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-03 02:36:19,803 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 41 states, 38 states have (on average 4.2105263157894735) internal successors, (160), 39 states have internal predecessors, (160), 18 states have call successors, (26), 8 states have call predecessors, (26), 16 states have return successors, (30), 20 states have call predecessors, (30), 18 states have call successors, (30) [2022-11-03 02:36:19,804 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-03 02:36:19,804 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-03 02:36:19,806 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-03 02:36:19,842 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2022-11-03 02:36:20,027 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,5 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:36:20,028 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-03 02:36:22,074 INFO L895 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 252 259) the Hoare annotation is: (or (not (= ~waterLevel~0 1)) (= ~pumpRunning~0 |old(~pumpRunning~0)|) (not (<= 1 |old(~pumpRunning~0)|)) (= 0 ~systemActive~0)) [2022-11-03 02:36:22,074 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 252 259) no Hoare annotation was computed. [2022-11-03 02:36:22,074 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 159 165) no Hoare annotation was computed. [2022-11-03 02:36:22,075 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 159 165) the Hoare annotation is: true [2022-11-03 02:36:22,075 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 882 893) the Hoare annotation is: true [2022-11-03 02:36:22,075 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 882 893) no Hoare annotation was computed. [2022-11-03 02:36:22,075 INFO L902 garLoopResultBuilder]: At program point L417(lines 392 421) the Hoare annotation is: true [2022-11-03 02:36:22,076 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 392 421) no Hoare annotation was computed. [2022-11-03 02:36:22,076 INFO L899 garLoopResultBuilder]: For program point L413(line 413) no Hoare annotation was computed. [2022-11-03 02:36:22,076 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 392 421) the Hoare annotation is: true [2022-11-03 02:36:22,076 INFO L899 garLoopResultBuilder]: For program point L406(lines 406 410) no Hoare annotation was computed. [2022-11-03 02:36:22,076 INFO L902 garLoopResultBuilder]: At program point L406-1(lines 406 410) the Hoare annotation is: true [2022-11-03 02:36:22,076 INFO L902 garLoopResultBuilder]: At program point L402-2(lines 402 416) the Hoare annotation is: true [2022-11-03 02:36:22,077 INFO L902 garLoopResultBuilder]: At program point L398(line 398) the Hoare annotation is: true [2022-11-03 02:36:22,077 INFO L899 garLoopResultBuilder]: For program point L398-1(line 398) no Hoare annotation was computed. [2022-11-03 02:36:22,080 INFO L895 garLoopResultBuilder]: At program point L238(line 238) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (= 0 ~systemActive~0))) (and (or .cse0 (and .cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (< |old(~waterLevel~0)| 2) .cse2 (not (<= |old(~waterLevel~0)| 2))) (or (not (<= 1 |old(~pumpRunning~0)|)) (not (= |old(~waterLevel~0)| 2)) .cse2) (or .cse0 (not (= |old(~waterLevel~0)| 1)) (and .cse1 (= ~waterLevel~0 1)) .cse2))) [2022-11-03 02:36:22,080 INFO L895 garLoopResultBuilder]: At program point L238-1(lines 219 243) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (and (= ~pumpRunning~0 0) (= ~waterLevel~0 1))) (.cse1 (= 0 ~systemActive~0))) (and (or (not (<= 1 |old(~pumpRunning~0)|)) .cse0 (not (= |old(~waterLevel~0)| 2)) .cse1) (or .cse2 (< |old(~waterLevel~0)| 2) (and (<= 1 ~pumpRunning~0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse1 (not (<= |old(~waterLevel~0)| 2))) (or .cse2 (not (= |old(~waterLevel~0)| 1)) .cse0 .cse1))) [2022-11-03 02:36:22,081 INFO L899 garLoopResultBuilder]: For program point L139-1(lines 138 157) no Hoare annotation was computed. [2022-11-03 02:36:22,081 INFO L899 garLoopResultBuilder]: For program point L227(lines 227 235) no Hoare annotation was computed. [2022-11-03 02:36:22,081 INFO L895 garLoopResultBuilder]: At program point L223(lines 223 240) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (= ~pumpRunning~0 0)) (.cse0 (= ~waterLevel~0 1)) (.cse1 (= 0 ~systemActive~0))) (and (or (not (<= 1 |old(~pumpRunning~0)|)) (and (<= 1 ~pumpRunning~0) .cse0) (not (= |old(~waterLevel~0)| 2)) .cse1) (or .cse2 (and .cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (< |old(~waterLevel~0)| 2) .cse1 (not (<= |old(~waterLevel~0)| 2))) (or .cse2 (not (= |old(~waterLevel~0)| 1)) (and .cse3 .cse0) .cse1))) [2022-11-03 02:36:22,081 INFO L895 garLoopResultBuilder]: At program point L963(line 963) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= 0 ~systemActive~0))) (and (or .cse0 (< |old(~waterLevel~0)| 2) .cse1 (not (<= |old(~waterLevel~0)| 2))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1) (or (not (<= 1 |old(~pumpRunning~0)|)) (not (= |old(~waterLevel~0)| 2)) .cse1))) [2022-11-03 02:36:22,081 INFO L899 garLoopResultBuilder]: For program point L377(lines 377 383) no Hoare annotation was computed. [2022-11-03 02:36:22,082 INFO L895 garLoopResultBuilder]: At program point L373(lines 373 386) the Hoare annotation is: (let ((.cse1 (= |timeShift___utac_acc__Specification4_spec__1_~tmp~6#1| ~waterLevel~0))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= 0 ~systemActive~0)) (.cse3 (and (= ~pumpRunning~0 0) (= ~waterLevel~0 1) .cse1))) (and (or .cse0 (< |old(~waterLevel~0)| 2) (and (<= 1 ~pumpRunning~0) (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) .cse2 (not (<= |old(~waterLevel~0)| 2))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse2 .cse3) (or (not (<= 1 |old(~pumpRunning~0)|)) (not (= |old(~waterLevel~0)| 2)) .cse2 .cse3)))) [2022-11-03 02:36:22,082 INFO L895 garLoopResultBuilder]: At program point L373-1(lines 365 389) the Hoare annotation is: (let ((.cse1 (= |timeShift___utac_acc__Specification4_spec__1_~tmp~6#1| ~waterLevel~0))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= 0 ~systemActive~0)) (.cse3 (and (= ~pumpRunning~0 0) (= ~waterLevel~0 1) .cse1))) (and (or .cse0 (< |old(~waterLevel~0)| 2) (and (<= 1 ~pumpRunning~0) (= |old(~waterLevel~0)| ~waterLevel~0) .cse1) .cse2 (not (<= |old(~waterLevel~0)| 2))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse2 .cse3) (or (not (<= 1 |old(~pumpRunning~0)|)) (not (= |old(~waterLevel~0)| 2)) .cse2 .cse3)))) [2022-11-03 02:36:22,083 INFO L895 garLoopResultBuilder]: At program point L146-1(lines 146 152) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (and (= ~pumpRunning~0 0) (= ~waterLevel~0 1))) (.cse1 (= 0 ~systemActive~0))) (and (or (not (<= 1 |old(~pumpRunning~0)|)) .cse0 (not (= |old(~waterLevel~0)| 2)) .cse1) (or .cse2 (< |old(~waterLevel~0)| 2) (and (<= 1 ~pumpRunning~0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse1 (not (<= |old(~waterLevel~0)| 2))) (or .cse2 (not (= |old(~waterLevel~0)| 1)) .cse0 .cse1))) [2022-11-03 02:36:22,083 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 135 158) the Hoare annotation is: (let ((.cse0 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse2 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (= ~pumpRunning~0 0)) (.cse1 (= 0 ~systemActive~0))) (and (or (not (<= 1 |old(~pumpRunning~0)|)) (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0) (not (= |old(~waterLevel~0)| 2)) .cse1) (or .cse2 (and .cse3 .cse0) (< |old(~waterLevel~0)| 2) .cse1 (not (<= |old(~waterLevel~0)| 2))) (or .cse2 (not (= |old(~waterLevel~0)| 1)) (and .cse3 (= ~waterLevel~0 1)) .cse1))) [2022-11-03 02:36:22,083 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 135 158) no Hoare annotation was computed. [2022-11-03 02:36:22,084 INFO L895 garLoopResultBuilder]: At program point L233(line 233) the Hoare annotation is: (let ((.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= 0 ~systemActive~0))) (and (or (not (<= 1 |old(~pumpRunning~0)|)) (and (<= 1 ~pumpRunning~0) (= ~waterLevel~0 1)) (not (= |old(~waterLevel~0)| 2)) .cse0) (or .cse1 (< |old(~waterLevel~0)| 2) .cse0 (not (<= |old(~waterLevel~0)| 2))) (or .cse1 (not (= |old(~waterLevel~0)| 1)) .cse0))) [2022-11-03 02:36:22,084 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 963) no Hoare annotation was computed. [2022-11-03 02:36:22,084 INFO L895 garLoopResultBuilder]: At program point L229(line 229) the Hoare annotation is: (let ((.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= 0 ~systemActive~0))) (and (or (not (<= 1 |old(~pumpRunning~0)|)) (and (<= 1 ~pumpRunning~0) (= ~waterLevel~0 1)) (not (= |old(~waterLevel~0)| 2)) .cse0) (or .cse1 (< |old(~waterLevel~0)| 2) .cse0 (not (<= |old(~waterLevel~0)| 2))) (or .cse1 (not (= |old(~waterLevel~0)| 1)) .cse0))) [2022-11-03 02:36:22,084 INFO L899 garLoopResultBuilder]: For program point L85(lines 85 91) no Hoare annotation was computed. [2022-11-03 02:36:22,085 INFO L895 garLoopResultBuilder]: At program point L85-1(lines 85 91) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_main_~tmp~7#1| 1)) (.cse4 (= ~pumpRunning~0 0)) (.cse1 (= 2 ~waterLevel~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (not (= 0 ~systemActive~0)))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 .cse2 .cse3) (and .cse0 .cse4 .cse2 (= ~waterLevel~0 1) .cse3) (and .cse0 .cse4 .cse1 .cse2 .cse3))) [2022-11-03 02:36:22,085 INFO L895 garLoopResultBuilder]: At program point L110(lines 65 112) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_main_~tmp~7#1| 1)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (not (= 0 ~systemActive~0)))) (or (and (<= 1 ~pumpRunning~0) .cse0 (= 2 ~waterLevel~0) .cse1 .cse2) (and .cse0 (= ~pumpRunning~0 0) .cse1 (= ~waterLevel~0 1) .cse2))) [2022-11-03 02:36:22,085 INFO L895 garLoopResultBuilder]: At program point L77(line 77) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_main_~tmp~7#1| 1)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (not (= 0 ~systemActive~0)))) (or (and (<= 1 ~pumpRunning~0) .cse0 (= 2 ~waterLevel~0) .cse1 .cse2) (and .cse0 (= ~pumpRunning~0 0) .cse1 (= ~waterLevel~0 1) .cse2))) [2022-11-03 02:36:22,085 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-03 02:36:22,085 INFO L895 garLoopResultBuilder]: At program point L103-2(lines 95 108) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_main_~tmp~7#1| 1)) (.cse4 (= ~pumpRunning~0 0)) (.cse1 (= 2 ~waterLevel~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (not (= 0 ~systemActive~0)))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 .cse2 .cse3) (and .cse0 .cse4 .cse2 (= ~waterLevel~0 1) .cse3) (and .cse0 .cse4 .cse1 .cse2 .cse3))) [2022-11-03 02:36:22,086 INFO L899 garLoopResultBuilder]: For program point L66(lines 65 112) no Hoare annotation was computed. [2022-11-03 02:36:22,086 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-03 02:36:22,086 INFO L895 garLoopResultBuilder]: At program point L87(line 87) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_main_~tmp~7#1| 1)) (.cse4 (= ~pumpRunning~0 0)) (.cse1 (= 2 ~waterLevel~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (not (= 0 ~systemActive~0)))) (or (and (<= 1 ~pumpRunning~0) .cse0 .cse1 .cse2 .cse3) (and .cse0 .cse4 .cse2 (= ~waterLevel~0 1) .cse3) (and .cse0 .cse4 .cse1 .cse2 .cse3))) [2022-11-03 02:36:22,086 INFO L902 garLoopResultBuilder]: At program point L116(lines 55 120) the Hoare annotation is: true [2022-11-03 02:36:22,086 INFO L899 garLoopResultBuilder]: For program point L75(lines 75 81) no Hoare annotation was computed. [2022-11-03 02:36:22,086 INFO L899 garLoopResultBuilder]: For program point L75-1(lines 75 81) no Hoare annotation was computed. [2022-11-03 02:36:22,087 INFO L895 garLoopResultBuilder]: At program point L476(lines 476 483) the Hoare annotation is: (and (= |ULTIMATE.start_main_~tmp~7#1| 1) (= ~pumpRunning~0 0) (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) [2022-11-03 02:36:22,087 INFO L902 garLoopResultBuilder]: At program point L476-2(lines 476 483) the Hoare annotation is: true [2022-11-03 02:36:22,087 INFO L895 garLoopResultBuilder]: At program point L113(lines 64 114) the Hoare annotation is: false [2022-11-03 02:36:22,087 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 167 191) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (= 0 ~systemActive~0))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2) (or .cse0 .cse1 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) .cse2))) [2022-11-03 02:36:22,087 INFO L895 garLoopResultBuilder]: At program point L186(line 186) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= 0 ~systemActive~0))) (and (or .cse0 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) .cse1) (or (not (= ~waterLevel~0 1)) .cse0 .cse1))) [2022-11-03 02:36:22,087 INFO L899 garLoopResultBuilder]: For program point L186-1(lines 167 191) no Hoare annotation was computed. [2022-11-03 02:36:22,088 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 167 191) no Hoare annotation was computed. [2022-11-03 02:36:22,088 INFO L895 garLoopResultBuilder]: At program point L181(line 181) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= 0 ~systemActive~0))) (and (or .cse0 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) .cse1) (or (not (= ~waterLevel~0 1)) .cse0 (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~1#1| 0)) .cse1))) [2022-11-03 02:36:22,088 INFO L895 garLoopResultBuilder]: At program point L175(lines 175 183) the Hoare annotation is: (let ((.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (= ~pumpRunning~0 0)) (.cse2 (= 0 ~systemActive~0))) (and (or (and .cse0 (= |processEnvironment__wrappee__highWaterSensor_~tmp~1#1| 1)) .cse1 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) .cse2) (or (not (= ~waterLevel~0 1)) .cse1 (and .cse0 (= |processEnvironment__wrappee__highWaterSensor_~tmp~1#1| 0)) .cse2))) [2022-11-03 02:36:22,088 INFO L895 garLoopResultBuilder]: At program point L171(lines 171 188) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (= 0 ~systemActive~0))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2) (or .cse0 .cse1 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) .cse2))) [2022-11-03 02:36:22,088 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 870 881) no Hoare annotation was computed. [2022-11-03 02:36:22,089 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 870 881) the Hoare annotation is: (let ((.cse0 (= 0 ~systemActive~0))) (and (or (< |old(~waterLevel~0)| 2) (not (<= 1 ~pumpRunning~0)) (= |old(~waterLevel~0)| ~waterLevel~0) .cse0 (not (<= |old(~waterLevel~0)| 2))) (or (not (= ~pumpRunning~0 0)) (not (= |old(~waterLevel~0)| 1)) .cse0 (= ~waterLevel~0 1)))) [2022-11-03 02:36:22,089 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__lowWaterSensorENTRY(lines 193 217) the Hoare annotation is: (let ((.cse0 (not (= ~waterLevel~0 1))) (.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= ~pumpRunning~0 0)) (.cse3 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|) (not (<= 1 |old(~pumpRunning~0)|)) .cse3) (or .cse1 .cse2 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) .cse3))) [2022-11-03 02:36:22,089 INFO L895 garLoopResultBuilder]: At program point L207(line 207) the Hoare annotation is: (let ((.cse2 (not (= ~waterLevel~0 1))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= 0 ~systemActive~0))) (and (or .cse0 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) .cse1) (or .cse2 (not (<= 1 |old(~pumpRunning~0)|)) .cse1) (or .cse2 .cse0 .cse1))) [2022-11-03 02:36:22,089 INFO L895 garLoopResultBuilder]: At program point L203(line 203) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not (= ~waterLevel~0 1))) (.cse1 (= 0 ~systemActive~0))) (and (or .cse0 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) .cse1) (or .cse2 .cse0 .cse1) (or .cse2 (not (<= 1 |old(~pumpRunning~0)|)) (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= |processEnvironment__wrappee__lowWaterSensor_~tmp~2#1| 1)) .cse1))) [2022-11-03 02:36:22,090 INFO L899 garLoopResultBuilder]: For program point L201(lines 201 209) no Hoare annotation was computed. [2022-11-03 02:36:22,090 INFO L895 garLoopResultBuilder]: At program point L197(lines 197 214) the Hoare annotation is: (let ((.cse0 (not (= ~waterLevel~0 1))) (.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= ~pumpRunning~0 0)) (.cse3 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|) (not (<= 1 |old(~pumpRunning~0)|)) .cse3) (or .cse1 .cse2 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) .cse3))) [2022-11-03 02:36:22,090 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__lowWaterSensorEXIT(lines 193 217) no Hoare annotation was computed. [2022-11-03 02:36:22,091 INFO L895 garLoopResultBuilder]: At program point L212(line 212) the Hoare annotation is: (let ((.cse0 (not (= ~waterLevel~0 1))) (.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (= ~pumpRunning~0 0)) (.cse3 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 (not (<= 1 |old(~pumpRunning~0)|)) .cse3) (or .cse1 .cse2 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) .cse3))) [2022-11-03 02:36:22,091 INFO L899 garLoopResultBuilder]: For program point L212-1(lines 193 217) no Hoare annotation was computed. [2022-11-03 02:36:22,094 INFO L444 BasicCegarLoop]: Path program histogram: [2, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:36:22,097 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-03 02:36:22,136 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 03.11 02:36:22 BoogieIcfgContainer [2022-11-03 02:36:22,147 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-03 02:36:22,148 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-03 02:36:22,149 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-03 02:36:22,149 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-03 02:36:22,149 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 02:35:35" (3/4) ... [2022-11-03 02:36:22,152 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-03 02:36:22,158 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-11-03 02:36:22,158 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-03 02:36:22,158 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-03 02:36:22,158 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-03 02:36:22,159 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-03 02:36:22,159 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 02:36:22,159 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-03 02:36:22,159 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__lowWaterSensor [2022-11-03 02:36:22,177 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 80 nodes and edges [2022-11-03 02:36:22,179 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 27 nodes and edges [2022-11-03 02:36:22,180 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 13 nodes and edges [2022-11-03 02:36:22,180 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-03 02:36:22,181 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-11-03 02:36:22,181 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 02:36:22,182 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 02:36:22,213 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(1 <= \old(pumpRunning)) || (pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2)) || 0 == systemActive) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || \old(waterLevel) < 2) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || 0 == systemActive) [2022-11-03 02:36:22,214 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(1 <= \old(pumpRunning)) || (pumpRunning == 0 && waterLevel == 1)) || !(\old(waterLevel) == 2)) || 0 == systemActive) && ((((!(\old(pumpRunning) == 0) || \old(waterLevel) < 2) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || 0 == systemActive) [2022-11-03 02:36:22,216 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(1 <= \old(pumpRunning)) || (1 <= pumpRunning && waterLevel == 1)) || !(\old(waterLevel) == 2)) || 0 == systemActive) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || \old(waterLevel) < 2) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || 0 == systemActive) [2022-11-03 02:36:22,217 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(1 <= \old(pumpRunning)) || (pumpRunning == 0 && waterLevel == 1)) || !(\old(waterLevel) == 2)) || 0 == systemActive) && ((((!(\old(pumpRunning) == 0) || \old(waterLevel) < 2) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || 0 == systemActive) [2022-11-03 02:36:22,217 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || 0 == systemActive) && (((!(waterLevel == 1) || pumpRunning == \old(pumpRunning)) || !(1 <= \old(pumpRunning))) || 0 == systemActive)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(waterLevel <= 2)) || waterLevel < 2) || 0 == systemActive) [2022-11-03 02:36:22,218 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || 0 == systemActive) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(waterLevel <= 2)) || waterLevel < 2) || 0 == systemActive) [2022-11-03 02:36:22,219 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(pumpRunning) == 0) || \old(waterLevel) < 2) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && tmp == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) || ((pumpRunning == 0 && waterLevel == 1) && tmp == waterLevel))) && (((!(1 <= \old(pumpRunning)) || !(\old(waterLevel) == 2)) || 0 == systemActive) || ((pumpRunning == 0 && waterLevel == 1) && tmp == waterLevel)) [2022-11-03 02:36:22,219 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(pumpRunning) == 0) || \old(waterLevel) < 2) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && tmp == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) || ((pumpRunning == 0 && waterLevel == 1) && tmp == waterLevel))) && (((!(1 <= \old(pumpRunning)) || !(\old(waterLevel) == 2)) || 0 == systemActive) || ((pumpRunning == 0 && waterLevel == 1) && tmp == waterLevel)) [2022-11-03 02:36:22,222 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || \old(waterLevel) < 2) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive)) && ((!(1 <= \old(pumpRunning)) || !(\old(waterLevel) == 2)) || 0 == systemActive) [2022-11-03 02:36:22,224 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((pumpRunning == 0 && tmp == 1) || !(\old(pumpRunning) == 0)) || !(waterLevel <= 2)) || waterLevel < 2) || 0 == systemActive) && (((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && tmp == 0)) || 0 == systemActive) [2022-11-03 02:36:22,271 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/witness.graphml [2022-11-03 02:36:22,272 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-03 02:36:22,272 INFO L158 Benchmark]: Toolchain (without parser) took 48445.58ms. Allocated memory was 104.9MB in the beginning and 595.6MB in the end (delta: 490.7MB). Free memory was 61.2MB in the beginning and 514.3MB in the end (delta: -453.1MB). Peak memory consumption was 36.9MB. Max. memory is 16.1GB. [2022-11-03 02:36:22,273 INFO L158 Benchmark]: CDTParser took 0.30ms. Allocated memory is still 104.9MB. Free memory is still 78.1MB. There was no memory consumed. Max. memory is 16.1GB. [2022-11-03 02:36:22,273 INFO L158 Benchmark]: CACSL2BoogieTranslator took 563.92ms. Allocated memory is still 104.9MB. Free memory was 61.0MB in the beginning and 71.6MB in the end (delta: -10.6MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-11-03 02:36:22,273 INFO L158 Benchmark]: Boogie Procedure Inliner took 69.91ms. Allocated memory is still 104.9MB. Free memory was 71.6MB in the beginning and 68.7MB in the end (delta: 2.9MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-03 02:36:22,274 INFO L158 Benchmark]: Boogie Preprocessor took 27.25ms. Allocated memory is still 104.9MB. Free memory was 68.7MB in the beginning and 67.1MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-03 02:36:22,275 INFO L158 Benchmark]: RCFGBuilder took 740.98ms. Allocated memory was 104.9MB in the beginning and 125.8MB in the end (delta: 21.0MB). Free memory was 67.1MB in the beginning and 100.7MB in the end (delta: -33.7MB). Peak memory consumption was 37.0MB. Max. memory is 16.1GB. [2022-11-03 02:36:22,275 INFO L158 Benchmark]: TraceAbstraction took 46911.42ms. Allocated memory was 125.8MB in the beginning and 595.6MB in the end (delta: 469.8MB). Free memory was 100.7MB in the beginning and 520.6MB in the end (delta: -419.9MB). Peak memory consumption was 360.7MB. Max. memory is 16.1GB. [2022-11-03 02:36:22,277 INFO L158 Benchmark]: Witness Printer took 123.71ms. Allocated memory is still 595.6MB. Free memory was 520.6MB in the beginning and 514.3MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-03 02:36:22,278 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.30ms. Allocated memory is still 104.9MB. Free memory is still 78.1MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 563.92ms. Allocated memory is still 104.9MB. Free memory was 61.0MB in the beginning and 71.6MB in the end (delta: -10.6MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 69.91ms. Allocated memory is still 104.9MB. Free memory was 71.6MB in the beginning and 68.7MB in the end (delta: 2.9MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 27.25ms. Allocated memory is still 104.9MB. Free memory was 68.7MB in the beginning and 67.1MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 740.98ms. Allocated memory was 104.9MB in the beginning and 125.8MB in the end (delta: 21.0MB). Free memory was 67.1MB in the beginning and 100.7MB in the end (delta: -33.7MB). Peak memory consumption was 37.0MB. Max. memory is 16.1GB. * TraceAbstraction took 46911.42ms. Allocated memory was 125.8MB in the beginning and 595.6MB in the end (delta: 469.8MB). Free memory was 100.7MB in the beginning and 520.6MB in the end (delta: -419.9MB). Peak memory consumption was 360.7MB. Max. memory is 16.1GB. * Witness Printer took 123.71ms. Allocated memory is still 595.6MB. Free memory was 520.6MB in the beginning and 514.3MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 963]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 62 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 46.8s, OverallIterations: 11, TraceHistogramMax: 4, PathProgramHistogramMax: 2, EmptinessCheckTime: 0.0s, AutomataDifference: 6.5s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 2.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1984 SdHoareTripleChecker+Valid, 3.0s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1949 mSDsluCounter, 2466 SdHoareTripleChecker+Invalid, 2.5s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2237 mSDsCounter, 1010 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 3622 IncrementalHoareTripleChecker+Invalid, 4632 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 1010 mSolverCounterUnsat, 709 mSDtfsCounter, 3622 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 848 GetRequests, 594 SyntacticMatches, 18 SemanticMatches, 236 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7421 ImplicationChecksByTransitivity, 20.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=321occurred in iteration=10, InterpolantAutomatonStates: 126, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 11 MinimizatonAttempts, 239 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 39 LocationsWithAnnotation, 865 PreInvPairs, 907 NumberOfFragments, 1276 HoareAnnotationTreeSize, 865 FomulaSimplifications, 3081 FormulaSimplificationTreeSizeReduction, 0.2s HoareSimplificationTime, 39 FomulaSimplificationsInter, 3229 FormulaSimplificationTreeSizeReductionInter, 1.8s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.5s SatisfiabilityAnalysisTime, 6.8s InterpolantComputationTime, 804 NumberOfCodeBlocks, 775 NumberOfCodeBlocksAsserted, 16 NumberOfCheckSat, 954 ConstructedInterpolants, 0 QuantifiedInterpolants, 3819 SizeOfPredicates, 35 NumberOfNonLiveVariables, 1873 ConjunctsInSsa, 97 ConjunctsInUnsatCore, 17 InterpolantComputations, 9 PerfectInterpolantSequences, 436/613 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 223]: Loop Invariant Derived loop invariant: ((((!(1 <= \old(pumpRunning)) || (1 <= pumpRunning && waterLevel == 1)) || !(\old(waterLevel) == 2)) || 0 == systemActive) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || \old(waterLevel) < 2) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || 0 == systemActive) - InvariantResult [Line: 65]: Loop Invariant Derived loop invariant: ((((1 <= pumpRunning && tmp == 1) && 2 == waterLevel) && splverifierCounter == 0) && !(0 == systemActive)) || ((((tmp == 1 && pumpRunning == 0) && splverifierCounter == 0) && waterLevel == 1) && !(0 == systemActive)) - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 171]: Loop Invariant Derived loop invariant: (((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || 0 == systemActive) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(waterLevel <= 2)) || waterLevel < 2) || 0 == systemActive) - InvariantResult [Line: 85]: Loop Invariant Derived loop invariant: (((((1 <= pumpRunning && tmp == 1) && 2 == waterLevel) && splverifierCounter == 0) && !(0 == systemActive)) || ((((tmp == 1 && pumpRunning == 0) && splverifierCounter == 0) && waterLevel == 1) && !(0 == systemActive))) || ((((tmp == 1 && pumpRunning == 0) && 2 == waterLevel) && splverifierCounter == 0) && !(0 == systemActive)) - InvariantResult [Line: 365]: Loop Invariant Derived loop invariant: (((((!(\old(pumpRunning) == 0) || \old(waterLevel) < 2) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && tmp == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) || ((pumpRunning == 0 && waterLevel == 1) && tmp == waterLevel))) && (((!(1 <= \old(pumpRunning)) || !(\old(waterLevel) == 2)) || 0 == systemActive) || ((pumpRunning == 0 && waterLevel == 1) && tmp == waterLevel)) - InvariantResult [Line: 476]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 197]: Loop Invariant Derived loop invariant: ((((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || 0 == systemActive) && (((!(waterLevel == 1) || pumpRunning == \old(pumpRunning)) || !(1 <= \old(pumpRunning))) || 0 == systemActive)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(waterLevel <= 2)) || waterLevel < 2) || 0 == systemActive) - InvariantResult [Line: 135]: Loop Invariant Derived loop invariant: ((((!(1 <= \old(pumpRunning)) || (pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2)) || 0 == systemActive) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || \old(waterLevel) < 2) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || 0 == systemActive) - InvariantResult [Line: 476]: Loop Invariant Derived loop invariant: ((tmp == 1 && pumpRunning == 0) && waterLevel == 1) && !(0 == systemActive) - InvariantResult [Line: 146]: Loop Invariant Derived loop invariant: ((((!(1 <= \old(pumpRunning)) || (pumpRunning == 0 && waterLevel == 1)) || !(\old(waterLevel) == 2)) || 0 == systemActive) && ((((!(\old(pumpRunning) == 0) || \old(waterLevel) < 2) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || 0 == systemActive) - InvariantResult [Line: 373]: Loop Invariant Derived loop invariant: (((((!(\old(pumpRunning) == 0) || \old(waterLevel) < 2) || ((1 <= pumpRunning && \old(waterLevel) == waterLevel) && tmp == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive) || ((pumpRunning == 0 && waterLevel == 1) && tmp == waterLevel))) && (((!(1 <= \old(pumpRunning)) || !(\old(waterLevel) == 2)) || 0 == systemActive) || ((pumpRunning == 0 && waterLevel == 1) && tmp == waterLevel)) - InvariantResult [Line: 64]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 963]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || \old(waterLevel) < 2) || 0 == systemActive) || !(\old(waterLevel) <= 2)) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || 0 == systemActive)) && ((!(1 <= \old(pumpRunning)) || !(\old(waterLevel) == 2)) || 0 == systemActive) - InvariantResult [Line: 55]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 402]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 219]: Loop Invariant Derived loop invariant: ((((!(1 <= \old(pumpRunning)) || (pumpRunning == 0 && waterLevel == 1)) || !(\old(waterLevel) == 2)) || 0 == systemActive) && ((((!(\old(pumpRunning) == 0) || \old(waterLevel) < 2) || (1 <= pumpRunning && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || 0 == systemActive) - InvariantResult [Line: 392]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 175]: Loop Invariant Derived loop invariant: (((((pumpRunning == 0 && tmp == 1) || !(\old(pumpRunning) == 0)) || !(waterLevel <= 2)) || waterLevel < 2) || 0 == systemActive) && (((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && tmp == 0)) || 0 == systemActive) RESULT: Ultimate proved your program to be correct! [2022-11-03 02:36:22,352 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c3834e14-a758-4a55-affc-756ed86cdfb4/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE