./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec4_product63.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 5e519f3a Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec4_product63.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 7c7779f94f1738e754b88f9a8a8e36de7065a4e94578f4135106bd0ff9ddb13d --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-5e519f3 [2022-11-03 01:55:17,077 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-03 01:55:17,079 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-03 01:55:17,121 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-03 01:55:17,122 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-03 01:55:17,126 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-03 01:55:17,128 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-03 01:55:17,131 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-03 01:55:17,133 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-03 01:55:17,140 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-03 01:55:17,141 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-03 01:55:17,144 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-03 01:55:17,144 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-03 01:55:17,147 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-03 01:55:17,148 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-03 01:55:17,150 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-03 01:55:17,152 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-03 01:55:17,152 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-03 01:55:17,154 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-03 01:55:17,160 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-03 01:55:17,162 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-03 01:55:17,163 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-03 01:55:17,166 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-03 01:55:17,167 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-03 01:55:17,175 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-03 01:55:17,177 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-03 01:55:17,177 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-03 01:55:17,179 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-03 01:55:17,180 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-03 01:55:17,181 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-03 01:55:17,182 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-03 01:55:17,183 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-03 01:55:17,185 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-03 01:55:17,186 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-03 01:55:17,188 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-03 01:55:17,188 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-03 01:55:17,189 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-03 01:55:17,189 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-03 01:55:17,189 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-03 01:55:17,190 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-03 01:55:17,191 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-03 01:55:17,191 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-03 01:55:17,236 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-03 01:55:17,236 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-03 01:55:17,237 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-03 01:55:17,237 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-03 01:55:17,238 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-03 01:55:17,238 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-03 01:55:17,239 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-03 01:55:17,239 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-03 01:55:17,239 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-03 01:55:17,239 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-03 01:55:17,240 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-03 01:55:17,241 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-03 01:55:17,241 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-03 01:55:17,241 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-03 01:55:17,241 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-03 01:55:17,241 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-03 01:55:17,242 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-03 01:55:17,242 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-03 01:55:17,243 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-03 01:55:17,243 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-03 01:55:17,243 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-03 01:55:17,243 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-03 01:55:17,244 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-03 01:55:17,244 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-03 01:55:17,244 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-03 01:55:17,244 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-03 01:55:17,244 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-03 01:55:17,245 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-03 01:55:17,245 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-03 01:55:17,245 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-03 01:55:17,245 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-03 01:55:17,246 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-03 01:55:17,246 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 01:55:17,246 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-03 01:55:17,246 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-03 01:55:17,247 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-03 01:55:17,247 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-03 01:55:17,247 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-03 01:55:17,248 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-03 01:55:17,249 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-03 01:55:17,249 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-03 01:55:17,249 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 7c7779f94f1738e754b88f9a8a8e36de7065a4e94578f4135106bd0ff9ddb13d [2022-11-03 01:55:17,562 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-03 01:55:17,585 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-03 01:55:17,588 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-03 01:55:17,589 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-03 01:55:17,591 INFO L275 PluginConnector]: CDTParser initialized [2022-11-03 01:55:17,592 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/../../sv-benchmarks/c/product-lines/minepump_spec4_product63.cil.c [2022-11-03 01:55:17,673 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/data/fe2cc6e11/59d846fca1d74137b76b5db408c95481/FLAG49896cca7 [2022-11-03 01:55:18,266 INFO L306 CDTParser]: Found 1 translation units. [2022-11-03 01:55:18,267 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/sv-benchmarks/c/product-lines/minepump_spec4_product63.cil.c [2022-11-03 01:55:18,286 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/data/fe2cc6e11/59d846fca1d74137b76b5db408c95481/FLAG49896cca7 [2022-11-03 01:55:18,572 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/data/fe2cc6e11/59d846fca1d74137b76b5db408c95481 [2022-11-03 01:55:18,575 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-03 01:55:18,576 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-03 01:55:18,578 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-03 01:55:18,578 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-03 01:55:18,582 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-03 01:55:18,583 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 01:55:18" (1/1) ... [2022-11-03 01:55:18,584 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@5f90759a and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:55:18, skipping insertion in model container [2022-11-03 01:55:18,584 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 01:55:18" (1/1) ... [2022-11-03 01:55:18,592 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-03 01:55:18,630 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-03 01:55:18,916 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/sv-benchmarks/c/product-lines/minepump_spec4_product63.cil.c[15018,15031] [2022-11-03 01:55:18,958 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 01:55:18,971 INFO L203 MainTranslator]: Completed pre-run [2022-11-03 01:55:19,076 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/sv-benchmarks/c/product-lines/minepump_spec4_product63.cil.c[15018,15031] [2022-11-03 01:55:19,106 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 01:55:19,123 INFO L208 MainTranslator]: Completed translation [2022-11-03 01:55:19,123 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:55:19 WrapperNode [2022-11-03 01:55:19,124 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-03 01:55:19,125 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-03 01:55:19,125 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-03 01:55:19,125 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-03 01:55:19,133 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:55:19" (1/1) ... [2022-11-03 01:55:19,166 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:55:19" (1/1) ... [2022-11-03 01:55:19,191 INFO L138 Inliner]: procedures = 58, calls = 162, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 294 [2022-11-03 01:55:19,192 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-03 01:55:19,193 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-03 01:55:19,193 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-03 01:55:19,193 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-03 01:55:19,213 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:55:19" (1/1) ... [2022-11-03 01:55:19,213 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:55:19" (1/1) ... [2022-11-03 01:55:19,216 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:55:19" (1/1) ... [2022-11-03 01:55:19,216 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:55:19" (1/1) ... [2022-11-03 01:55:19,222 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:55:19" (1/1) ... [2022-11-03 01:55:19,233 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:55:19" (1/1) ... [2022-11-03 01:55:19,235 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:55:19" (1/1) ... [2022-11-03 01:55:19,237 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:55:19" (1/1) ... [2022-11-03 01:55:19,239 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-03 01:55:19,240 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-03 01:55:19,255 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-03 01:55:19,255 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-03 01:55:19,256 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:55:19" (1/1) ... [2022-11-03 01:55:19,263 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 01:55:19,278 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 01:55:19,294 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-03 01:55:19,322 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-03 01:55:19,353 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-03 01:55:19,353 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-03 01:55:19,353 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-03 01:55:19,354 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-03 01:55:19,354 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-03 01:55:19,354 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-03 01:55:19,354 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-03 01:55:19,354 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 01:55:19,354 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 01:55:19,354 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-03 01:55:19,355 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-03 01:55:19,355 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2022-11-03 01:55:19,355 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2022-11-03 01:55:19,355 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2022-11-03 01:55:19,355 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2022-11-03 01:55:19,355 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-11-03 01:55:19,355 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-11-03 01:55:19,356 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-03 01:55:19,356 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-03 01:55:19,356 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-03 01:55:19,356 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-03 01:55:19,356 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-03 01:55:19,481 INFO L235 CfgBuilder]: Building ICFG [2022-11-03 01:55:19,485 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-03 01:55:19,867 INFO L276 CfgBuilder]: Performing block encoding [2022-11-03 01:55:19,987 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-03 01:55:19,988 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-03 01:55:19,990 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 01:55:19 BoogieIcfgContainer [2022-11-03 01:55:19,990 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-03 01:55:19,993 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-03 01:55:19,993 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-03 01:55:19,998 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-03 01:55:19,999 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.11 01:55:18" (1/3) ... [2022-11-03 01:55:19,999 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@44843f82 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 01:55:19, skipping insertion in model container [2022-11-03 01:55:20,000 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:55:19" (2/3) ... [2022-11-03 01:55:20,000 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@44843f82 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 01:55:20, skipping insertion in model container [2022-11-03 01:55:20,000 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 01:55:19" (3/3) ... [2022-11-03 01:55:20,002 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec4_product63.cil.c [2022-11-03 01:55:20,021 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-03 01:55:20,021 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-03 01:55:20,072 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-03 01:55:20,105 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@46ab5689, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-03 01:55:20,105 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-03 01:55:20,110 INFO L276 IsEmpty]: Start isEmpty. Operand has 73 states, 45 states have (on average 1.4444444444444444) internal successors, (65), 56 states have internal predecessors, (65), 17 states have call successors, (17), 9 states have call predecessors, (17), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) [2022-11-03 01:55:20,118 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 13 [2022-11-03 01:55:20,118 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:55:20,119 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:55:20,120 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:55:20,125 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:55:20,125 INFO L85 PathProgramCache]: Analyzing trace with hash 1988128791, now seen corresponding path program 1 times [2022-11-03 01:55:20,135 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:55:20,136 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1731181670] [2022-11-03 01:55:20,136 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:55:20,136 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:55:20,273 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:55:20,359 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 01:55:20,360 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:55:20,360 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1731181670] [2022-11-03 01:55:20,361 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1731181670] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 01:55:20,361 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 01:55:20,361 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-03 01:55:20,363 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [906748421] [2022-11-03 01:55:20,364 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 01:55:20,368 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-03 01:55:20,369 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:55:20,396 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-03 01:55:20,396 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 01:55:20,399 INFO L87 Difference]: Start difference. First operand has 73 states, 45 states have (on average 1.4444444444444444) internal successors, (65), 56 states have internal predecessors, (65), 17 states have call successors, (17), 9 states have call predecessors, (17), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) Second operand has 2 states, 2 states have (on average 5.0) internal successors, (10), 2 states have internal predecessors, (10), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 01:55:20,469 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:55:20,470 INFO L93 Difference]: Finished difference Result 144 states and 199 transitions. [2022-11-03 01:55:20,471 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-03 01:55:20,472 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 5.0) internal successors, (10), 2 states have internal predecessors, (10), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 12 [2022-11-03 01:55:20,473 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:55:20,482 INFO L225 Difference]: With dead ends: 144 [2022-11-03 01:55:20,482 INFO L226 Difference]: Without dead ends: 68 [2022-11-03 01:55:20,486 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 01:55:20,489 INFO L413 NwaCegarLoop]: 78 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 78 SdHoareTripleChecker+Invalid, 19 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-03 01:55:20,490 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 78 Invalid, 19 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-03 01:55:20,508 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 68 states. [2022-11-03 01:55:20,530 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 68 to 68. [2022-11-03 01:55:20,531 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 68 states, 42 states have (on average 1.3571428571428572) internal successors, (57), 52 states have internal predecessors, (57), 17 states have call successors, (17), 9 states have call predecessors, (17), 8 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2022-11-03 01:55:20,533 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 68 states to 68 states and 90 transitions. [2022-11-03 01:55:20,535 INFO L78 Accepts]: Start accepts. Automaton has 68 states and 90 transitions. Word has length 12 [2022-11-03 01:55:20,536 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:55:20,536 INFO L495 AbstractCegarLoop]: Abstraction has 68 states and 90 transitions. [2022-11-03 01:55:20,536 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 5.0) internal successors, (10), 2 states have internal predecessors, (10), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 01:55:20,536 INFO L276 IsEmpty]: Start isEmpty. Operand 68 states and 90 transitions. [2022-11-03 01:55:20,538 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 14 [2022-11-03 01:55:20,538 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:55:20,538 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:55:20,539 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-03 01:55:20,539 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:55:20,540 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:55:20,540 INFO L85 PathProgramCache]: Analyzing trace with hash 744719939, now seen corresponding path program 1 times [2022-11-03 01:55:20,540 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:55:20,541 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1161369203] [2022-11-03 01:55:20,541 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:55:20,541 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:55:20,565 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:55:20,698 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 01:55:20,699 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:55:20,699 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1161369203] [2022-11-03 01:55:20,699 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1161369203] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 01:55:20,700 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 01:55:20,700 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 01:55:20,700 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1862724616] [2022-11-03 01:55:20,700 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 01:55:20,703 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 01:55:20,703 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:55:20,705 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 01:55:20,705 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 01:55:20,706 INFO L87 Difference]: Start difference. First operand 68 states and 90 transitions. Second operand has 3 states, 3 states have (on average 3.6666666666666665) internal successors, (11), 3 states have internal predecessors, (11), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 01:55:20,789 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:55:20,790 INFO L93 Difference]: Finished difference Result 108 states and 142 transitions. [2022-11-03 01:55:20,791 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 01:55:20,792 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 3.6666666666666665) internal successors, (11), 3 states have internal predecessors, (11), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 13 [2022-11-03 01:55:20,792 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:55:20,794 INFO L225 Difference]: With dead ends: 108 [2022-11-03 01:55:20,796 INFO L226 Difference]: Without dead ends: 60 [2022-11-03 01:55:20,797 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 01:55:20,799 INFO L413 NwaCegarLoop]: 64 mSDtfsCounter, 14 mSDsluCounter, 59 mSDsCounter, 0 mSdLazyCounter, 27 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 18 SdHoareTripleChecker+Valid, 111 SdHoareTripleChecker+Invalid, 27 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 27 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 01:55:20,800 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [18 Valid, 111 Invalid, 27 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 27 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 01:55:20,802 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 60 states. [2022-11-03 01:55:20,811 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 60 to 60. [2022-11-03 01:55:20,814 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 60 states, 37 states have (on average 1.3783783783783783) internal successors, (51), 47 states have internal predecessors, (51), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) [2022-11-03 01:55:20,816 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 60 states to 60 states and 79 transitions. [2022-11-03 01:55:20,817 INFO L78 Accepts]: Start accepts. Automaton has 60 states and 79 transitions. Word has length 13 [2022-11-03 01:55:20,818 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:55:20,819 INFO L495 AbstractCegarLoop]: Abstraction has 60 states and 79 transitions. [2022-11-03 01:55:20,819 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 3.6666666666666665) internal successors, (11), 3 states have internal predecessors, (11), 1 states have call successors, (2), 1 states have call predecessors, (2), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 01:55:20,820 INFO L276 IsEmpty]: Start isEmpty. Operand 60 states and 79 transitions. [2022-11-03 01:55:20,821 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 17 [2022-11-03 01:55:20,822 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:55:20,822 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:55:20,822 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-03 01:55:20,823 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:55:20,823 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:55:20,823 INFO L85 PathProgramCache]: Analyzing trace with hash -2018318158, now seen corresponding path program 1 times [2022-11-03 01:55:20,824 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:55:20,824 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1842921914] [2022-11-03 01:55:20,824 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:55:20,825 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:55:20,867 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:55:20,988 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 01:55:20,989 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:55:20,989 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1842921914] [2022-11-03 01:55:20,989 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1842921914] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 01:55:20,989 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 01:55:20,989 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 01:55:20,990 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [970464916] [2022-11-03 01:55:20,990 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 01:55:20,991 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-03 01:55:20,991 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:55:20,991 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-03 01:55:20,991 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-03 01:55:20,992 INFO L87 Difference]: Start difference. First operand 60 states and 79 transitions. Second operand has 4 states, 4 states have (on average 3.75) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 01:55:21,163 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:55:21,163 INFO L93 Difference]: Finished difference Result 161 states and 218 transitions. [2022-11-03 01:55:21,164 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-11-03 01:55:21,164 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 3.75) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 16 [2022-11-03 01:55:21,164 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:55:21,166 INFO L225 Difference]: With dead ends: 161 [2022-11-03 01:55:21,166 INFO L226 Difference]: Without dead ends: 103 [2022-11-03 01:55:21,167 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 1 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-03 01:55:21,168 INFO L413 NwaCegarLoop]: 72 mSDtfsCounter, 93 mSDsluCounter, 104 mSDsCounter, 0 mSdLazyCounter, 81 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 93 SdHoareTripleChecker+Valid, 152 SdHoareTripleChecker+Invalid, 90 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 81 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 01:55:21,169 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [93 Valid, 152 Invalid, 90 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 81 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 01:55:21,170 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 103 states. [2022-11-03 01:55:21,183 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 103 to 86. [2022-11-03 01:55:21,183 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 86 states, 55 states have (on average 1.3818181818181818) internal successors, (76), 68 states have internal predecessors, (76), 18 states have call successors, (18), 12 states have call predecessors, (18), 12 states have return successors, (19), 12 states have call predecessors, (19), 18 states have call successors, (19) [2022-11-03 01:55:21,185 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 86 states to 86 states and 113 transitions. [2022-11-03 01:55:21,185 INFO L78 Accepts]: Start accepts. Automaton has 86 states and 113 transitions. Word has length 16 [2022-11-03 01:55:21,186 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:55:21,186 INFO L495 AbstractCegarLoop]: Abstraction has 86 states and 113 transitions. [2022-11-03 01:55:21,186 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 3.75) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 01:55:21,186 INFO L276 IsEmpty]: Start isEmpty. Operand 86 states and 113 transitions. [2022-11-03 01:55:21,187 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 20 [2022-11-03 01:55:21,188 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:55:21,188 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:55:21,188 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-03 01:55:21,188 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:55:21,189 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:55:21,189 INFO L85 PathProgramCache]: Analyzing trace with hash -2121497080, now seen corresponding path program 1 times [2022-11-03 01:55:21,189 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:55:21,190 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [599870539] [2022-11-03 01:55:21,190 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:55:21,190 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:55:21,206 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:55:21,411 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 01:55:21,411 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:55:21,412 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [599870539] [2022-11-03 01:55:21,412 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [599870539] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 01:55:21,412 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 01:55:21,412 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-03 01:55:21,413 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [368939778] [2022-11-03 01:55:21,413 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 01:55:21,413 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-03 01:55:21,413 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:55:21,414 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-03 01:55:21,414 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=8, Invalid=12, Unknown=0, NotChecked=0, Total=20 [2022-11-03 01:55:21,414 INFO L87 Difference]: Start difference. First operand 86 states and 113 transitions. Second operand has 5 states, 5 states have (on average 3.6) internal successors, (18), 4 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 01:55:21,567 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:55:21,568 INFO L93 Difference]: Finished difference Result 278 states and 370 transitions. [2022-11-03 01:55:21,568 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-11-03 01:55:21,568 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 3.6) internal successors, (18), 4 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) Word has length 19 [2022-11-03 01:55:21,569 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:55:21,570 INFO L225 Difference]: With dead ends: 278 [2022-11-03 01:55:21,571 INFO L226 Difference]: Without dead ends: 194 [2022-11-03 01:55:21,572 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=18, Invalid=24, Unknown=0, NotChecked=0, Total=42 [2022-11-03 01:55:21,573 INFO L413 NwaCegarLoop]: 73 mSDtfsCounter, 81 mSDsluCounter, 224 mSDsCounter, 0 mSdLazyCounter, 87 mSolverCounterSat, 12 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 81 SdHoareTripleChecker+Valid, 272 SdHoareTripleChecker+Invalid, 99 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 12 IncrementalHoareTripleChecker+Valid, 87 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 01:55:21,574 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [81 Valid, 272 Invalid, 99 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [12 Valid, 87 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 01:55:21,575 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 194 states. [2022-11-03 01:55:21,620 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 194 to 167. [2022-11-03 01:55:21,621 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 167 states, 113 states have (on average 1.3097345132743363) internal successors, (148), 130 states have internal predecessors, (148), 28 states have call successors, (28), 22 states have call predecessors, (28), 25 states have return successors, (34), 25 states have call predecessors, (34), 28 states have call successors, (34) [2022-11-03 01:55:21,624 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 167 states to 167 states and 210 transitions. [2022-11-03 01:55:21,631 INFO L78 Accepts]: Start accepts. Automaton has 167 states and 210 transitions. Word has length 19 [2022-11-03 01:55:21,631 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:55:21,631 INFO L495 AbstractCegarLoop]: Abstraction has 167 states and 210 transitions. [2022-11-03 01:55:21,632 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 3.6) internal successors, (18), 4 states have internal predecessors, (18), 1 states have call successors, (1), 1 states have call predecessors, (1), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 01:55:21,632 INFO L276 IsEmpty]: Start isEmpty. Operand 167 states and 210 transitions. [2022-11-03 01:55:21,633 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2022-11-03 01:55:21,633 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:55:21,634 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:55:21,634 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-03 01:55:21,634 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:55:21,634 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:55:21,635 INFO L85 PathProgramCache]: Analyzing trace with hash -1030565050, now seen corresponding path program 1 times [2022-11-03 01:55:21,635 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:55:21,635 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1345111689] [2022-11-03 01:55:21,635 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:55:21,636 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:55:21,663 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:55:22,008 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 01:55:22,008 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:55:22,008 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1345111689] [2022-11-03 01:55:22,009 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1345111689] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 01:55:22,010 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 01:55:22,013 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-11-03 01:55:22,014 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1624345812] [2022-11-03 01:55:22,015 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 01:55:22,015 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-03 01:55:22,015 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:55:22,017 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-03 01:55:22,017 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=39, Unknown=0, NotChecked=0, Total=56 [2022-11-03 01:55:22,018 INFO L87 Difference]: Start difference. First operand 167 states and 210 transitions. Second operand has 8 states, 7 states have (on average 2.7142857142857144) internal successors, (19), 6 states have internal predecessors, (19), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 01:55:22,678 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:55:22,685 INFO L93 Difference]: Finished difference Result 391 states and 515 transitions. [2022-11-03 01:55:22,686 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-11-03 01:55:22,686 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 2.7142857142857144) internal successors, (19), 6 states have internal predecessors, (19), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 22 [2022-11-03 01:55:22,687 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:55:22,689 INFO L225 Difference]: With dead ends: 391 [2022-11-03 01:55:22,693 INFO L226 Difference]: Without dead ends: 307 [2022-11-03 01:55:22,694 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 12 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 12 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=46, Invalid=86, Unknown=0, NotChecked=0, Total=132 [2022-11-03 01:55:22,695 INFO L413 NwaCegarLoop]: 103 mSDtfsCounter, 184 mSDsluCounter, 339 mSDsCounter, 0 mSdLazyCounter, 513 mSolverCounterSat, 78 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 200 SdHoareTripleChecker+Valid, 397 SdHoareTripleChecker+Invalid, 591 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 78 IncrementalHoareTripleChecker+Valid, 513 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2022-11-03 01:55:22,696 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [200 Valid, 397 Invalid, 591 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [78 Valid, 513 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2022-11-03 01:55:22,697 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 307 states. [2022-11-03 01:55:22,735 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 307 to 274. [2022-11-03 01:55:22,736 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 274 states, 185 states have (on average 1.2918918918918918) internal successors, (239), 212 states have internal predecessors, (239), 46 states have call successors, (46), 36 states have call predecessors, (46), 42 states have return successors, (57), 43 states have call predecessors, (57), 46 states have call successors, (57) [2022-11-03 01:55:22,738 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 274 states to 274 states and 342 transitions. [2022-11-03 01:55:22,739 INFO L78 Accepts]: Start accepts. Automaton has 274 states and 342 transitions. Word has length 22 [2022-11-03 01:55:22,739 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:55:22,739 INFO L495 AbstractCegarLoop]: Abstraction has 274 states and 342 transitions. [2022-11-03 01:55:22,739 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 2.7142857142857144) internal successors, (19), 6 states have internal predecessors, (19), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 01:55:22,740 INFO L276 IsEmpty]: Start isEmpty. Operand 274 states and 342 transitions. [2022-11-03 01:55:22,742 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 54 [2022-11-03 01:55:22,742 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:55:22,743 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:55:22,743 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-03 01:55:22,743 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:55:22,744 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:55:22,744 INFO L85 PathProgramCache]: Analyzing trace with hash -33993956, now seen corresponding path program 1 times [2022-11-03 01:55:22,744 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:55:22,744 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [449992249] [2022-11-03 01:55:22,745 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:55:22,745 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:55:22,762 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:55:22,798 INFO L134 CoverageAnalysis]: Checked inductivity of 15 backedges. 15 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 01:55:22,799 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:55:22,799 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [449992249] [2022-11-03 01:55:22,799 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [449992249] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 01:55:22,799 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 01:55:22,800 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-03 01:55:22,800 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1412407271] [2022-11-03 01:55:22,800 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 01:55:22,800 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-03 01:55:22,801 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:55:22,801 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-03 01:55:22,801 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-03 01:55:22,802 INFO L87 Difference]: Start difference. First operand 274 states and 342 transitions. Second operand has 4 states, 3 states have (on average 14.666666666666666) internal successors, (44), 4 states have internal predecessors, (44), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-03 01:55:22,922 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:55:22,923 INFO L93 Difference]: Finished difference Result 557 states and 693 transitions. [2022-11-03 01:55:22,923 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-11-03 01:55:22,923 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 14.666666666666666) internal successors, (44), 4 states have internal predecessors, (44), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 53 [2022-11-03 01:55:22,924 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:55:22,925 INFO L225 Difference]: With dead ends: 557 [2022-11-03 01:55:22,926 INFO L226 Difference]: Without dead ends: 234 [2022-11-03 01:55:22,927 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-03 01:55:22,928 INFO L413 NwaCegarLoop]: 87 mSDtfsCounter, 103 mSDsluCounter, 72 mSDsCounter, 0 mSdLazyCounter, 88 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 103 SdHoareTripleChecker+Valid, 138 SdHoareTripleChecker+Invalid, 90 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 88 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 01:55:22,928 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [103 Valid, 138 Invalid, 90 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 88 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 01:55:22,929 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 234 states. [2022-11-03 01:55:22,954 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 234 to 211. [2022-11-03 01:55:22,954 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 211 states, 140 states have (on average 1.25) internal successors, (175), 160 states have internal predecessors, (175), 35 states have call successors, (35), 29 states have call predecessors, (35), 35 states have return successors, (41), 35 states have call predecessors, (41), 35 states have call successors, (41) [2022-11-03 01:55:22,956 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 211 states to 211 states and 251 transitions. [2022-11-03 01:55:22,956 INFO L78 Accepts]: Start accepts. Automaton has 211 states and 251 transitions. Word has length 53 [2022-11-03 01:55:22,956 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:55:22,957 INFO L495 AbstractCegarLoop]: Abstraction has 211 states and 251 transitions. [2022-11-03 01:55:22,957 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 14.666666666666666) internal successors, (44), 4 states have internal predecessors, (44), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-03 01:55:22,957 INFO L276 IsEmpty]: Start isEmpty. Operand 211 states and 251 transitions. [2022-11-03 01:55:22,959 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2022-11-03 01:55:22,959 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:55:22,959 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:55:22,960 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-03 01:55:22,960 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:55:22,960 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:55:22,961 INFO L85 PathProgramCache]: Analyzing trace with hash 1073120070, now seen corresponding path program 1 times [2022-11-03 01:55:22,961 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:55:22,961 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1248492311] [2022-11-03 01:55:22,961 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:55:22,961 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:55:22,978 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:55:23,231 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 5 proven. 7 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 01:55:23,232 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:55:23,233 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1248492311] [2022-11-03 01:55:23,233 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1248492311] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 01:55:23,233 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1801041364] [2022-11-03 01:55:23,233 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:55:23,234 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 01:55:23,234 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 01:55:23,239 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 01:55:23,259 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-03 01:55:23,370 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:55:23,373 INFO L263 TraceCheckSpWp]: Trace formula consists of 396 conjuncts, 31 conjunts are in the unsatisfiable core [2022-11-03 01:55:23,380 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 01:55:23,848 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 0 proven. 12 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 01:55:23,849 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 01:55:24,318 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 11 proven. 1 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 01:55:24,319 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1801041364] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 01:55:24,319 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [774322595] [2022-11-03 01:55:24,350 INFO L159 IcfgInterpreter]: Started Sifa with 39 locations of interest [2022-11-03 01:55:24,351 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 01:55:24,356 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 01:55:24,362 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 01:55:24,362 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 01:55:42,335 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 49 for LOIs [2022-11-03 01:55:42,449 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__methaneQuery with input of size 33 for LOIs [2022-11-03 01:55:42,505 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 33 for LOIs [2022-11-03 01:55:42,626 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneAlarm with input of size 30 for LOIs [2022-11-03 01:55:42,629 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 01:55:47,977 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '4237#(and (<= |old(~waterLevel~0)| 2147483647) (= |timeShift_getWaterLevel_~retValue_acc~7#1| |timeShift_getWaterLevel_#res#1|) (<= 0 ~systemActive~0) (= ~methaneLevelCritical~0 0) (not (= |timeShift___utac_acc__Specification4_spec__1_~tmp___0~0#1| 0)) (= ~head~0.offset 0) (= |timeShift___utac_acc__Specification4_spec__1_~tmp~4#1| |timeShift_getWaterLevel_#res#1|) (= |timeShift___utac_acc__Specification4_spec__1_~tmp~4#1| 0) (<= |timeShift_isPumpRunning_#res#1| 2147483647) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~11#1|) (<= 0 (+ |old(~waterLevel~0)| 2147483648)) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~11#1|) (= |timeShift_getWaterLevel_~retValue_acc~7#1| ~waterLevel~0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification4_spec__1_~tmp___0~0#1|) (= ~head~0.base 0) (= |#NULL.offset| 0) (<= 0 (+ |timeShift_isPumpRunning_#res#1| 2147483648)) (<= 0 |#StackHeapBarrier|) (<= ~systemActive~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 01:55:47,977 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 01:55:47,977 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 01:55:47,977 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 8, 10] total 23 [2022-11-03 01:55:47,977 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [879085437] [2022-11-03 01:55:47,978 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 01:55:47,978 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 23 states [2022-11-03 01:55:47,978 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:55:47,979 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 23 interpolants. [2022-11-03 01:55:47,982 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=328, Invalid=2222, Unknown=0, NotChecked=0, Total=2550 [2022-11-03 01:55:47,983 INFO L87 Difference]: Start difference. First operand 211 states and 251 transitions. Second operand has 23 states, 22 states have (on average 5.181818181818182) internal successors, (114), 21 states have internal predecessors, (114), 10 states have call successors, (13), 7 states have call predecessors, (13), 6 states have return successors, (12), 9 states have call predecessors, (12), 7 states have call successors, (12) [2022-11-03 01:56:00,275 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:56:00,276 INFO L93 Difference]: Finished difference Result 2334 states and 3208 transitions. [2022-11-03 01:56:00,276 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 206 states. [2022-11-03 01:56:00,277 INFO L78 Accepts]: Start accepts. Automaton has has 23 states, 22 states have (on average 5.181818181818182) internal successors, (114), 21 states have internal predecessors, (114), 10 states have call successors, (13), 7 states have call predecessors, (13), 6 states have return successors, (12), 9 states have call predecessors, (12), 7 states have call successors, (12) Word has length 50 [2022-11-03 01:56:00,278 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:56:00,297 INFO L225 Difference]: With dead ends: 2334 [2022-11-03 01:56:00,297 INFO L226 Difference]: Without dead ends: 2250 [2022-11-03 01:56:00,318 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 391 GetRequests, 148 SyntacticMatches, 4 SemanticMatches, 239 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 24842 ImplicationChecksByTransitivity, 11.8s TimeCoverageRelationStatistics Valid=5768, Invalid=52072, Unknown=0, NotChecked=0, Total=57840 [2022-11-03 01:56:00,320 INFO L413 NwaCegarLoop]: 224 mSDtfsCounter, 3341 mSDsluCounter, 1574 mSDsCounter, 0 mSdLazyCounter, 6232 mSolverCounterSat, 3120 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 4.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3354 SdHoareTripleChecker+Valid, 1605 SdHoareTripleChecker+Invalid, 9352 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.1s SdHoareTripleChecker+Time, 3120 IncrementalHoareTripleChecker+Valid, 6232 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 5.5s IncrementalHoareTripleChecker+Time [2022-11-03 01:56:00,320 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [3354 Valid, 1605 Invalid, 9352 Unknown, 0 Unchecked, 0.1s Time], IncrementalHoareTripleChecker [3120 Valid, 6232 Invalid, 0 Unknown, 0 Unchecked, 5.5s Time] [2022-11-03 01:56:00,324 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2250 states. [2022-11-03 01:56:00,569 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2250 to 1429. [2022-11-03 01:56:00,573 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1429 states, 994 states have (on average 1.2545271629778671) internal successors, (1247), 1060 states have internal predecessors, (1247), 198 states have call successors, (198), 188 states have call predecessors, (198), 236 states have return successors, (292), 227 states have call predecessors, (292), 198 states have call successors, (292) [2022-11-03 01:56:00,585 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1429 states to 1429 states and 1737 transitions. [2022-11-03 01:56:00,587 INFO L78 Accepts]: Start accepts. Automaton has 1429 states and 1737 transitions. Word has length 50 [2022-11-03 01:56:00,589 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:56:00,589 INFO L495 AbstractCegarLoop]: Abstraction has 1429 states and 1737 transitions. [2022-11-03 01:56:00,589 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 23 states, 22 states have (on average 5.181818181818182) internal successors, (114), 21 states have internal predecessors, (114), 10 states have call successors, (13), 7 states have call predecessors, (13), 6 states have return successors, (12), 9 states have call predecessors, (12), 7 states have call successors, (12) [2022-11-03 01:56:00,590 INFO L276 IsEmpty]: Start isEmpty. Operand 1429 states and 1737 transitions. [2022-11-03 01:56:00,596 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2022-11-03 01:56:00,597 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:56:00,597 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:56:00,637 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-03 01:56:00,817 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable6 [2022-11-03 01:56:00,817 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:56:00,817 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:56:00,818 INFO L85 PathProgramCache]: Analyzing trace with hash 1886553773, now seen corresponding path program 1 times [2022-11-03 01:56:00,818 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:56:00,818 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [61507707] [2022-11-03 01:56:00,818 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:56:00,818 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:56:00,847 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:56:01,015 INFO L134 CoverageAnalysis]: Checked inductivity of 16 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2022-11-03 01:56:01,015 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:56:01,016 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [61507707] [2022-11-03 01:56:01,016 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [61507707] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 01:56:01,016 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 01:56:01,016 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-03 01:56:01,017 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [719191383] [2022-11-03 01:56:01,017 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 01:56:01,017 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-03 01:56:01,018 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:56:01,018 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-03 01:56:01,019 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-03 01:56:01,019 INFO L87 Difference]: Start difference. First operand 1429 states and 1737 transitions. Second operand has 6 states, 5 states have (on average 7.4) internal successors, (37), 5 states have internal predecessors, (37), 3 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 4 states have call predecessors, (6), 3 states have call successors, (6) [2022-11-03 01:56:01,342 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:56:01,342 INFO L93 Difference]: Finished difference Result 2869 states and 3558 transitions. [2022-11-03 01:56:01,343 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-11-03 01:56:01,343 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 7.4) internal successors, (37), 5 states have internal predecessors, (37), 3 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 4 states have call predecessors, (6), 3 states have call successors, (6) Word has length 57 [2022-11-03 01:56:01,344 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:56:01,355 INFO L225 Difference]: With dead ends: 2869 [2022-11-03 01:56:01,355 INFO L226 Difference]: Without dead ends: 2046 [2022-11-03 01:56:01,358 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-11-03 01:56:01,359 INFO L413 NwaCegarLoop]: 84 mSDtfsCounter, 77 mSDsluCounter, 345 mSDsCounter, 0 mSdLazyCounter, 128 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 80 SdHoareTripleChecker+Valid, 370 SdHoareTripleChecker+Invalid, 132 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 128 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 01:56:01,360 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [80 Valid, 370 Invalid, 132 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 128 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 01:56:01,363 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2046 states. [2022-11-03 01:56:01,588 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2046 to 1895. [2022-11-03 01:56:01,592 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1895 states, 1325 states have (on average 1.249811320754717) internal successors, (1656), 1405 states have internal predecessors, (1656), 258 states have call successors, (258), 246 states have call predecessors, (258), 311 states have return successors, (385), 298 states have call predecessors, (385), 258 states have call successors, (385) [2022-11-03 01:56:01,600 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1895 states to 1895 states and 2299 transitions. [2022-11-03 01:56:01,600 INFO L78 Accepts]: Start accepts. Automaton has 1895 states and 2299 transitions. Word has length 57 [2022-11-03 01:56:01,601 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:56:01,601 INFO L495 AbstractCegarLoop]: Abstraction has 1895 states and 2299 transitions. [2022-11-03 01:56:01,601 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 7.4) internal successors, (37), 5 states have internal predecessors, (37), 3 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 4 states have call predecessors, (6), 3 states have call successors, (6) [2022-11-03 01:56:01,601 INFO L276 IsEmpty]: Start isEmpty. Operand 1895 states and 2299 transitions. [2022-11-03 01:56:01,606 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2022-11-03 01:56:01,606 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:56:01,606 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:56:01,606 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-11-03 01:56:01,607 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:56:01,607 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:56:01,607 INFO L85 PathProgramCache]: Analyzing trace with hash -588804546, now seen corresponding path program 1 times [2022-11-03 01:56:01,608 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:56:01,608 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1924198474] [2022-11-03 01:56:01,608 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:56:01,608 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:56:01,637 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:56:01,960 INFO L134 CoverageAnalysis]: Checked inductivity of 16 backedges. 14 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 01:56:01,961 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:56:01,961 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1924198474] [2022-11-03 01:56:01,961 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1924198474] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 01:56:01,961 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 01:56:01,962 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-11-03 01:56:01,962 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1662593138] [2022-11-03 01:56:01,962 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 01:56:01,962 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-03 01:56:01,963 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:56:01,963 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-03 01:56:01,963 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=39, Unknown=0, NotChecked=0, Total=56 [2022-11-03 01:56:01,963 INFO L87 Difference]: Start difference. First operand 1895 states and 2299 transitions. Second operand has 8 states, 8 states have (on average 5.5) internal successors, (44), 7 states have internal predecessors, (44), 5 states have call successors, (8), 3 states have call predecessors, (8), 3 states have return successors, (7), 3 states have call predecessors, (7), 5 states have call successors, (7) [2022-11-03 01:56:02,636 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:56:02,637 INFO L93 Difference]: Finished difference Result 3103 states and 3854 transitions. [2022-11-03 01:56:02,637 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2022-11-03 01:56:02,637 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 5.5) internal successors, (44), 7 states have internal predecessors, (44), 5 states have call successors, (8), 3 states have call predecessors, (8), 3 states have return successors, (7), 3 states have call predecessors, (7), 5 states have call successors, (7) Word has length 60 [2022-11-03 01:56:02,638 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:56:02,645 INFO L225 Difference]: With dead ends: 3103 [2022-11-03 01:56:02,645 INFO L226 Difference]: Without dead ends: 1717 [2022-11-03 01:56:02,649 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 12 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 20 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=56, Invalid=126, Unknown=0, NotChecked=0, Total=182 [2022-11-03 01:56:02,650 INFO L413 NwaCegarLoop]: 89 mSDtfsCounter, 214 mSDsluCounter, 148 mSDsCounter, 0 mSdLazyCounter, 283 mSolverCounterSat, 141 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 229 SdHoareTripleChecker+Valid, 216 SdHoareTripleChecker+Invalid, 424 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 141 IncrementalHoareTripleChecker+Valid, 283 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-03 01:56:02,650 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [229 Valid, 216 Invalid, 424 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [141 Valid, 283 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-03 01:56:02,652 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1717 states. [2022-11-03 01:56:02,843 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1717 to 1606. [2022-11-03 01:56:02,846 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1606 states, 1124 states have (on average 1.2553380782918149) internal successors, (1411), 1197 states have internal predecessors, (1411), 218 states have call successors, (218), 194 states have call predecessors, (218), 263 states have return successors, (357), 255 states have call predecessors, (357), 218 states have call successors, (357) [2022-11-03 01:56:02,852 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1606 states to 1606 states and 1986 transitions. [2022-11-03 01:56:02,853 INFO L78 Accepts]: Start accepts. Automaton has 1606 states and 1986 transitions. Word has length 60 [2022-11-03 01:56:02,853 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:56:02,854 INFO L495 AbstractCegarLoop]: Abstraction has 1606 states and 1986 transitions. [2022-11-03 01:56:02,854 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 5.5) internal successors, (44), 7 states have internal predecessors, (44), 5 states have call successors, (8), 3 states have call predecessors, (8), 3 states have return successors, (7), 3 states have call predecessors, (7), 5 states have call successors, (7) [2022-11-03 01:56:02,854 INFO L276 IsEmpty]: Start isEmpty. Operand 1606 states and 1986 transitions. [2022-11-03 01:56:02,856 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 64 [2022-11-03 01:56:02,856 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:56:02,856 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:56:02,856 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2022-11-03 01:56:02,857 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:56:02,857 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:56:02,857 INFO L85 PathProgramCache]: Analyzing trace with hash 907984576, now seen corresponding path program 1 times [2022-11-03 01:56:02,857 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:56:02,858 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1712461574] [2022-11-03 01:56:02,858 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:56:02,858 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:56:02,874 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:56:03,744 INFO L134 CoverageAnalysis]: Checked inductivity of 16 backedges. 0 proven. 15 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-03 01:56:03,744 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:56:03,744 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1712461574] [2022-11-03 01:56:03,744 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1712461574] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 01:56:03,744 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [500730853] [2022-11-03 01:56:03,744 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:56:03,745 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 01:56:03,745 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 01:56:03,746 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 01:56:03,771 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-03 01:56:03,859 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:56:03,862 INFO L263 TraceCheckSpWp]: Trace formula consists of 427 conjuncts, 35 conjunts are in the unsatisfiable core [2022-11-03 01:56:03,865 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 01:56:04,185 INFO L134 CoverageAnalysis]: Checked inductivity of 16 backedges. 2 proven. 9 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2022-11-03 01:56:04,186 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 01:56:04,724 INFO L134 CoverageAnalysis]: Checked inductivity of 16 backedges. 9 proven. 5 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 01:56:04,724 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [500730853] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 01:56:04,724 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [773073034] [2022-11-03 01:56:04,727 INFO L159 IcfgInterpreter]: Started Sifa with 48 locations of interest [2022-11-03 01:56:04,727 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 01:56:04,728 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 01:56:04,728 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 01:56:04,729 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 01:56:13,070 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 307 for LOIs [2022-11-03 01:56:13,135 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 27 for LOIs [2022-11-03 01:56:13,471 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__methaneQuery with input of size 24 for LOIs [2022-11-03 01:56:13,514 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 24 for LOIs [2022-11-03 01:56:13,634 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneAlarm with input of size 48 for LOIs [2022-11-03 01:56:13,643 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 40 for LOIs [2022-11-03 01:56:13,648 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 49 for LOIs [2022-11-03 01:56:13,653 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 01:56:21,998 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '24851#(and (= |timeShift_getWaterLevel_~retValue_acc~7#1| |timeShift_getWaterLevel_#res#1|) (<= 0 |old(~pumpRunning~0)|) (<= ~pumpRunning~0 1) (not (= |timeShift___utac_acc__Specification4_spec__1_~tmp___0~0#1| 0)) (= ~head~0.offset 0) (= |timeShift___utac_acc__Specification4_spec__1_~tmp~4#1| |timeShift_getWaterLevel_#res#1|) (= |timeShift___utac_acc__Specification4_spec__1_~tmp~4#1| 0) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~11#1|) (= 1 ~systemActive~0) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~11#1|) (= |timeShift_getWaterLevel_~retValue_acc~7#1| ~waterLevel~0) (<= 0 ~methaneLevelCritical~0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification4_spec__1_~tmp___0~0#1|) (<= 0 ~pumpRunning~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (<= ~methaneLevelCritical~0 2147483647) (<= 0 |#StackHeapBarrier|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 01:56:21,999 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 01:56:21,999 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 01:56:21,999 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [17, 11, 13] total 37 [2022-11-03 01:56:21,999 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1924709999] [2022-11-03 01:56:21,999 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 01:56:22,000 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 37 states [2022-11-03 01:56:22,000 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:56:22,000 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 37 interpolants. [2022-11-03 01:56:22,001 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=442, Invalid=4670, Unknown=0, NotChecked=0, Total=5112 [2022-11-03 01:56:22,001 INFO L87 Difference]: Start difference. First operand 1606 states and 1986 transitions. Second operand has 37 states, 33 states have (on average 3.4242424242424243) internal successors, (113), 33 states have internal predecessors, (113), 13 states have call successors, (23), 10 states have call predecessors, (23), 11 states have return successors, (22), 14 states have call predecessors, (22), 13 states have call successors, (22) [2022-11-03 01:56:41,266 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:56:41,266 INFO L93 Difference]: Finished difference Result 8685 states and 12091 transitions. [2022-11-03 01:56:41,266 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 217 states. [2022-11-03 01:56:41,267 INFO L78 Accepts]: Start accepts. Automaton has has 37 states, 33 states have (on average 3.4242424242424243) internal successors, (113), 33 states have internal predecessors, (113), 13 states have call successors, (23), 10 states have call predecessors, (23), 11 states have return successors, (22), 14 states have call predecessors, (22), 13 states have call successors, (22) Word has length 63 [2022-11-03 01:56:41,267 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:56:41,305 INFO L225 Difference]: With dead ends: 8685 [2022-11-03 01:56:41,305 INFO L226 Difference]: Without dead ends: 7314 [2022-11-03 01:56:41,322 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 456 GetRequests, 180 SyntacticMatches, 4 SemanticMatches, 272 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 30237 ImplicationChecksByTransitivity, 20.6s TimeCoverageRelationStatistics Valid=7743, Invalid=67059, Unknown=0, NotChecked=0, Total=74802 [2022-11-03 01:56:41,323 INFO L413 NwaCegarLoop]: 234 mSDtfsCounter, 2879 mSDsluCounter, 2584 mSDsCounter, 0 mSdLazyCounter, 9329 mSolverCounterSat, 2661 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 5.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2888 SdHoareTripleChecker+Valid, 2472 SdHoareTripleChecker+Invalid, 11990 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2661 IncrementalHoareTripleChecker+Valid, 9329 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 6.2s IncrementalHoareTripleChecker+Time [2022-11-03 01:56:41,323 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [2888 Valid, 2472 Invalid, 11990 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2661 Valid, 9329 Invalid, 0 Unknown, 0 Unchecked, 6.2s Time] [2022-11-03 01:56:41,331 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 7314 states. [2022-11-03 01:56:42,043 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 7314 to 6080. [2022-11-03 01:56:42,055 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6080 states, 4265 states have (on average 1.2504103165298945) internal successors, (5333), 4541 states have internal predecessors, (5333), 868 states have call successors, (868), 714 states have call predecessors, (868), 946 states have return successors, (1603), 926 states have call predecessors, (1603), 868 states have call successors, (1603) [2022-11-03 01:56:42,154 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6080 states to 6080 states and 7804 transitions. [2022-11-03 01:56:42,155 INFO L78 Accepts]: Start accepts. Automaton has 6080 states and 7804 transitions. Word has length 63 [2022-11-03 01:56:42,155 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:56:42,155 INFO L495 AbstractCegarLoop]: Abstraction has 6080 states and 7804 transitions. [2022-11-03 01:56:42,156 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 37 states, 33 states have (on average 3.4242424242424243) internal successors, (113), 33 states have internal predecessors, (113), 13 states have call successors, (23), 10 states have call predecessors, (23), 11 states have return successors, (22), 14 states have call predecessors, (22), 13 states have call successors, (22) [2022-11-03 01:56:42,156 INFO L276 IsEmpty]: Start isEmpty. Operand 6080 states and 7804 transitions. [2022-11-03 01:56:42,158 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 81 [2022-11-03 01:56:42,159 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:56:42,159 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:56:42,199 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-03 01:56:42,371 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 01:56:42,371 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:56:42,371 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:56:42,372 INFO L85 PathProgramCache]: Analyzing trace with hash -640884573, now seen corresponding path program 1 times [2022-11-03 01:56:42,372 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:56:42,372 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1315064711] [2022-11-03 01:56:42,372 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:56:42,372 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:56:42,394 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:56:43,486 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 0 proven. 40 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 01:56:43,487 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:56:43,487 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1315064711] [2022-11-03 01:56:43,487 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1315064711] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 01:56:43,487 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [807589116] [2022-11-03 01:56:43,487 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:56:43,487 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 01:56:43,487 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 01:56:43,490 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 01:56:43,515 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-11-03 01:56:43,605 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:56:43,607 INFO L263 TraceCheckSpWp]: Trace formula consists of 479 conjuncts, 26 conjunts are in the unsatisfiable core [2022-11-03 01:56:43,610 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 01:56:43,743 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 27 proven. 2 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2022-11-03 01:56:43,744 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 01:56:43,995 INFO L134 CoverageAnalysis]: Checked inductivity of 42 backedges. 27 proven. 2 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2022-11-03 01:56:43,995 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [807589116] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 01:56:43,995 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2104155420] [2022-11-03 01:56:43,998 INFO L159 IcfgInterpreter]: Started Sifa with 51 locations of interest [2022-11-03 01:56:43,998 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 01:56:43,999 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 01:56:43,999 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 01:56:43,999 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 01:56:53,449 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 43 for LOIs [2022-11-03 01:56:53,454 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 42 for LOIs [2022-11-03 01:56:53,598 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__methaneQuery with input of size 27 for LOIs [2022-11-03 01:56:53,685 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 27 for LOIs [2022-11-03 01:56:53,806 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneAlarm with input of size 49 for LOIs [2022-11-03 01:56:53,818 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 37 for LOIs [2022-11-03 01:56:53,825 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 26 for LOIs [2022-11-03 01:56:53,827 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 01:57:00,596 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '47903#(and (= |timeShift_getWaterLevel_~retValue_acc~7#1| |timeShift_getWaterLevel_#res#1|) (<= 0 ~systemActive~0) (not (= |timeShift___utac_acc__Specification4_spec__1_~tmp___0~0#1| 0)) (= ~head~0.offset 0) (= |timeShift___utac_acc__Specification4_spec__1_~tmp~4#1| |timeShift_getWaterLevel_#res#1|) (= |timeShift___utac_acc__Specification4_spec__1_~tmp~4#1| 0) (<= |timeShift_isPumpRunning_#res#1| 2147483647) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~11#1|) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~11#1|) (= |timeShift_getWaterLevel_~retValue_acc~7#1| ~waterLevel~0) (<= 0 ~methaneLevelCritical~0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification4_spec__1_~tmp___0~0#1|) (= ~head~0.base 0) (= |#NULL.offset| 0) (<= 0 (+ |timeShift_isPumpRunning_#res#1| 2147483648)) (<= 0 |#StackHeapBarrier|) (<= ~systemActive~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 01:57:00,597 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 01:57:00,597 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 01:57:00,597 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [22, 7, 7] total 28 [2022-11-03 01:57:00,597 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [829402801] [2022-11-03 01:57:00,597 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 01:57:00,600 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 28 states [2022-11-03 01:57:00,600 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:57:00,600 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 28 interpolants. [2022-11-03 01:57:00,603 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=339, Invalid=4083, Unknown=0, NotChecked=0, Total=4422 [2022-11-03 01:57:00,604 INFO L87 Difference]: Start difference. First operand 6080 states and 7804 transitions. Second operand has 28 states, 26 states have (on average 4.538461538461538) internal successors, (118), 25 states have internal predecessors, (118), 9 states have call successors, (18), 6 states have call predecessors, (18), 9 states have return successors, (19), 12 states have call predecessors, (19), 6 states have call successors, (19) [2022-11-03 01:57:09,637 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:57:09,637 INFO L93 Difference]: Finished difference Result 14112 states and 19047 transitions. [2022-11-03 01:57:09,638 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 125 states. [2022-11-03 01:57:09,638 INFO L78 Accepts]: Start accepts. Automaton has has 28 states, 26 states have (on average 4.538461538461538) internal successors, (118), 25 states have internal predecessors, (118), 9 states have call successors, (18), 6 states have call predecessors, (18), 9 states have return successors, (19), 12 states have call predecessors, (19), 6 states have call successors, (19) Word has length 80 [2022-11-03 01:57:09,638 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:57:09,682 INFO L225 Difference]: With dead ends: 14112 [2022-11-03 01:57:09,682 INFO L226 Difference]: Without dead ends: 8844 [2022-11-03 01:57:09,708 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 426 GetRequests, 240 SyntacticMatches, 8 SemanticMatches, 178 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 12536 ImplicationChecksByTransitivity, 12.0s TimeCoverageRelationStatistics Valid=2819, Invalid=29401, Unknown=0, NotChecked=0, Total=32220 [2022-11-03 01:57:09,709 INFO L413 NwaCegarLoop]: 151 mSDtfsCounter, 1971 mSDsluCounter, 1337 mSDsCounter, 0 mSdLazyCounter, 3983 mSolverCounterSat, 1599 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 2.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1978 SdHoareTripleChecker+Valid, 1296 SdHoareTripleChecker+Invalid, 5582 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1599 IncrementalHoareTripleChecker+Valid, 3983 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.8s IncrementalHoareTripleChecker+Time [2022-11-03 01:57:09,710 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1978 Valid, 1296 Invalid, 5582 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1599 Valid, 3983 Invalid, 0 Unknown, 0 Unchecked, 2.8s Time] [2022-11-03 01:57:09,719 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 8844 states. [2022-11-03 01:57:10,731 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 8844 to 6051. [2022-11-03 01:57:10,743 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 6051 states, 4184 states have (on average 1.2043499043977055) internal successors, (5039), 4472 states have internal predecessors, (5039), 889 states have call successors, (889), 757 states have call predecessors, (889), 977 states have return successors, (1342), 944 states have call predecessors, (1342), 889 states have call successors, (1342) [2022-11-03 01:57:10,761 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 6051 states to 6051 states and 7270 transitions. [2022-11-03 01:57:10,763 INFO L78 Accepts]: Start accepts. Automaton has 6051 states and 7270 transitions. Word has length 80 [2022-11-03 01:57:10,764 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:57:10,764 INFO L495 AbstractCegarLoop]: Abstraction has 6051 states and 7270 transitions. [2022-11-03 01:57:10,764 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 28 states, 26 states have (on average 4.538461538461538) internal successors, (118), 25 states have internal predecessors, (118), 9 states have call successors, (18), 6 states have call predecessors, (18), 9 states have return successors, (19), 12 states have call predecessors, (19), 6 states have call successors, (19) [2022-11-03 01:57:10,764 INFO L276 IsEmpty]: Start isEmpty. Operand 6051 states and 7270 transitions. [2022-11-03 01:57:10,773 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 99 [2022-11-03 01:57:10,774 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:57:10,774 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:57:10,807 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2022-11-03 01:57:10,987 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 01:57:10,987 INFO L420 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:57:10,987 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:57:10,988 INFO L85 PathProgramCache]: Analyzing trace with hash 1534334987, now seen corresponding path program 1 times [2022-11-03 01:57:10,988 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:57:10,988 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1400164774] [2022-11-03 01:57:10,988 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:57:10,988 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:57:11,010 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:57:11,121 INFO L134 CoverageAnalysis]: Checked inductivity of 61 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 55 trivial. 0 not checked. [2022-11-03 01:57:11,121 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:57:11,122 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1400164774] [2022-11-03 01:57:11,122 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1400164774] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 01:57:11,122 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 01:57:11,122 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-03 01:57:11,122 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [77695098] [2022-11-03 01:57:11,122 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 01:57:11,123 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-03 01:57:11,123 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:57:11,123 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-03 01:57:11,124 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-03 01:57:11,124 INFO L87 Difference]: Start difference. First operand 6051 states and 7270 transitions. Second operand has 4 states, 4 states have (on average 10.75) internal successors, (43), 4 states have internal predecessors, (43), 1 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (11), 2 states have call predecessors, (11), 1 states have call successors, (11) [2022-11-03 01:57:12,158 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:57:12,158 INFO L93 Difference]: Finished difference Result 6596 states and 8005 transitions. [2022-11-03 01:57:12,158 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-03 01:57:12,159 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 10.75) internal successors, (43), 4 states have internal predecessors, (43), 1 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (11), 2 states have call predecessors, (11), 1 states have call successors, (11) Word has length 98 [2022-11-03 01:57:12,159 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:57:12,189 INFO L225 Difference]: With dead ends: 6596 [2022-11-03 01:57:12,190 INFO L226 Difference]: Without dead ends: 6420 [2022-11-03 01:57:12,194 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-03 01:57:12,195 INFO L413 NwaCegarLoop]: 65 mSDtfsCounter, 56 mSDsluCounter, 130 mSDsCounter, 0 mSdLazyCounter, 53 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 56 SdHoareTripleChecker+Valid, 178 SdHoareTripleChecker+Invalid, 57 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 53 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-03 01:57:12,196 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [56 Valid, 178 Invalid, 57 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 53 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-03 01:57:12,202 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 6420 states. [2022-11-03 01:57:13,124 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 6420 to 5815. [2022-11-03 01:57:13,146 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5815 states, 4008 states have (on average 1.1798902195608783) internal successors, (4729), 4274 states have internal predecessors, (4729), 853 states have call successors, (853), 729 states have call predecessors, (853), 953 states have return successors, (1311), 924 states have call predecessors, (1311), 853 states have call successors, (1311) [2022-11-03 01:57:13,163 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5815 states to 5815 states and 6893 transitions. [2022-11-03 01:57:13,164 INFO L78 Accepts]: Start accepts. Automaton has 5815 states and 6893 transitions. Word has length 98 [2022-11-03 01:57:13,166 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:57:13,166 INFO L495 AbstractCegarLoop]: Abstraction has 5815 states and 6893 transitions. [2022-11-03 01:57:13,167 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 10.75) internal successors, (43), 4 states have internal predecessors, (43), 1 states have call successors, (11), 1 states have call predecessors, (11), 2 states have return successors, (11), 2 states have call predecessors, (11), 1 states have call successors, (11) [2022-11-03 01:57:13,167 INFO L276 IsEmpty]: Start isEmpty. Operand 5815 states and 6893 transitions. [2022-11-03 01:57:13,172 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 107 [2022-11-03 01:57:13,172 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:57:13,172 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:57:13,172 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11 [2022-11-03 01:57:13,173 INFO L420 AbstractCegarLoop]: === Iteration 13 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:57:13,173 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:57:13,173 INFO L85 PathProgramCache]: Analyzing trace with hash -1436430757, now seen corresponding path program 1 times [2022-11-03 01:57:13,173 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:57:13,174 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1232333236] [2022-11-03 01:57:13,174 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:57:13,174 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:57:13,205 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:57:13,944 INFO L134 CoverageAnalysis]: Checked inductivity of 83 backedges. 34 proven. 20 refuted. 0 times theorem prover too weak. 29 trivial. 0 not checked. [2022-11-03 01:57:13,944 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:57:13,945 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1232333236] [2022-11-03 01:57:13,945 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1232333236] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 01:57:13,945 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [909497766] [2022-11-03 01:57:13,945 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:57:13,945 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 01:57:13,945 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 01:57:13,947 INFO L229 MonitoredProcess]: Starting monitored process 5 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 01:57:13,975 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2022-11-03 01:57:14,076 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:57:14,078 INFO L263 TraceCheckSpWp]: Trace formula consists of 562 conjuncts, 25 conjunts are in the unsatisfiable core [2022-11-03 01:57:14,082 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 01:57:14,222 INFO L134 CoverageAnalysis]: Checked inductivity of 83 backedges. 59 proven. 24 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 01:57:14,223 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 01:57:14,495 INFO L134 CoverageAnalysis]: Checked inductivity of 83 backedges. 39 proven. 4 refuted. 0 times theorem prover too weak. 40 trivial. 0 not checked. [2022-11-03 01:57:14,496 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [909497766] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 01:57:14,496 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [713927259] [2022-11-03 01:57:14,498 INFO L159 IcfgInterpreter]: Started Sifa with 48 locations of interest [2022-11-03 01:57:14,499 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 01:57:14,499 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 01:57:14,499 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 01:57:14,499 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 01:57:21,098 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 28 for LOIs [2022-11-03 01:57:21,102 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 26 for LOIs [2022-11-03 01:57:21,229 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__methaneQuery with input of size 48 for LOIs [2022-11-03 01:57:21,540 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 59 for LOIs [2022-11-03 01:57:21,905 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneAlarm with input of size 50 for LOIs [2022-11-03 01:57:21,912 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 33 for LOIs [2022-11-03 01:57:21,914 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 01:57:27,923 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '97504#(and (= |timeShift_getWaterLevel_~retValue_acc~7#1| |timeShift_getWaterLevel_#res#1|) (= ~methaneLevelCritical~0 0) (not (= |timeShift___utac_acc__Specification4_spec__1_~tmp___0~0#1| 0)) (= ~head~0.offset 0) (= |timeShift___utac_acc__Specification4_spec__1_~tmp~4#1| |timeShift_getWaterLevel_#res#1|) (= |timeShift___utac_acc__Specification4_spec__1_~tmp~4#1| 0) (<= |timeShift_isPumpRunning_#res#1| 2147483647) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~11#1|) (= 1 ~systemActive~0) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~11#1|) (= |timeShift_getWaterLevel_~retValue_acc~7#1| ~waterLevel~0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification4_spec__1_~tmp___0~0#1|) (= ~head~0.base 0) (= |#NULL.offset| 0) (<= 0 (+ |timeShift_isPumpRunning_#res#1| 2147483648)) (<= 0 |#StackHeapBarrier|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 01:57:27,923 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 01:57:27,923 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 01:57:27,923 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [16, 6, 5] total 21 [2022-11-03 01:57:27,923 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1266185465] [2022-11-03 01:57:27,923 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 01:57:27,924 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 21 states [2022-11-03 01:57:27,924 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:57:27,925 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 21 interpolants. [2022-11-03 01:57:27,925 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=320, Invalid=2650, Unknown=0, NotChecked=0, Total=2970 [2022-11-03 01:57:27,925 INFO L87 Difference]: Start difference. First operand 5815 states and 6893 transitions. Second operand has 21 states, 20 states have (on average 6.75) internal successors, (135), 18 states have internal predecessors, (135), 10 states have call successors, (31), 7 states have call predecessors, (31), 8 states have return successors, (31), 10 states have call predecessors, (31), 10 states have call successors, (31) [2022-11-03 01:57:30,899 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:57:30,899 INFO L93 Difference]: Finished difference Result 10953 states and 13095 transitions. [2022-11-03 01:57:30,900 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 48 states. [2022-11-03 01:57:30,900 INFO L78 Accepts]: Start accepts. Automaton has has 21 states, 20 states have (on average 6.75) internal successors, (135), 18 states have internal predecessors, (135), 10 states have call successors, (31), 7 states have call predecessors, (31), 8 states have return successors, (31), 10 states have call predecessors, (31), 10 states have call successors, (31) Word has length 106 [2022-11-03 01:57:30,900 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:57:30,925 INFO L225 Difference]: With dead ends: 10953 [2022-11-03 01:57:30,925 INFO L226 Difference]: Without dead ends: 5894 [2022-11-03 01:57:30,941 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 403 GetRequests, 297 SyntacticMatches, 8 SemanticMatches, 98 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3982 ImplicationChecksByTransitivity, 7.4s TimeCoverageRelationStatistics Valid=1118, Invalid=8782, Unknown=0, NotChecked=0, Total=9900 [2022-11-03 01:57:30,942 INFO L413 NwaCegarLoop]: 106 mSDtfsCounter, 616 mSDsluCounter, 575 mSDsCounter, 0 mSdLazyCounter, 1402 mSolverCounterSat, 433 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 619 SdHoareTripleChecker+Valid, 587 SdHoareTripleChecker+Invalid, 1835 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 433 IncrementalHoareTripleChecker+Valid, 1402 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.9s IncrementalHoareTripleChecker+Time [2022-11-03 01:57:30,942 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [619 Valid, 587 Invalid, 1835 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [433 Valid, 1402 Invalid, 0 Unknown, 0 Unchecked, 0.9s Time] [2022-11-03 01:57:30,948 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 5894 states. [2022-11-03 01:57:31,721 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 5894 to 4950. [2022-11-03 01:57:31,729 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 4950 states, 3438 states have (on average 1.1701570680628273) internal successors, (4023), 3633 states have internal predecessors, (4023), 699 states have call successors, (699), 629 states have call predecessors, (699), 812 states have return successors, (1028), 775 states have call predecessors, (1028), 699 states have call successors, (1028) [2022-11-03 01:57:31,741 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 4950 states to 4950 states and 5750 transitions. [2022-11-03 01:57:31,743 INFO L78 Accepts]: Start accepts. Automaton has 4950 states and 5750 transitions. Word has length 106 [2022-11-03 01:57:31,743 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:57:31,743 INFO L495 AbstractCegarLoop]: Abstraction has 4950 states and 5750 transitions. [2022-11-03 01:57:31,743 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 21 states, 20 states have (on average 6.75) internal successors, (135), 18 states have internal predecessors, (135), 10 states have call successors, (31), 7 states have call predecessors, (31), 8 states have return successors, (31), 10 states have call predecessors, (31), 10 states have call successors, (31) [2022-11-03 01:57:31,744 INFO L276 IsEmpty]: Start isEmpty. Operand 4950 states and 5750 transitions. [2022-11-03 01:57:31,749 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 130 [2022-11-03 01:57:31,749 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:57:31,749 INFO L195 NwaCegarLoop]: trace histogram [4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:57:31,789 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2022-11-03 01:57:31,964 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable12 [2022-11-03 01:57:31,964 INFO L420 AbstractCegarLoop]: === Iteration 14 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:57:31,965 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:57:31,965 INFO L85 PathProgramCache]: Analyzing trace with hash 1132452947, now seen corresponding path program 2 times [2022-11-03 01:57:31,965 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:57:31,965 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1408518038] [2022-11-03 01:57:31,965 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:57:31,965 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:57:31,992 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:57:32,437 INFO L134 CoverageAnalysis]: Checked inductivity of 134 backedges. 52 proven. 57 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2022-11-03 01:57:32,438 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:57:32,439 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1408518038] [2022-11-03 01:57:32,439 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1408518038] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 01:57:32,439 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [645203113] [2022-11-03 01:57:32,439 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2022-11-03 01:57:32,439 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 01:57:32,439 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 01:57:32,440 INFO L229 MonitoredProcess]: Starting monitored process 6 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 01:57:32,463 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2022-11-03 01:57:32,556 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) [2022-11-03 01:57:32,556 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2022-11-03 01:57:32,559 INFO L263 TraceCheckSpWp]: Trace formula consists of 450 conjuncts, 32 conjunts are in the unsatisfiable core [2022-11-03 01:57:32,562 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 01:57:32,786 INFO L134 CoverageAnalysis]: Checked inductivity of 134 backedges. 79 proven. 9 refuted. 0 times theorem prover too weak. 46 trivial. 0 not checked. [2022-11-03 01:57:32,786 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 01:57:33,348 INFO L134 CoverageAnalysis]: Checked inductivity of 134 backedges. 59 proven. 7 refuted. 0 times theorem prover too weak. 68 trivial. 0 not checked. [2022-11-03 01:57:33,348 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [645203113] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 01:57:33,348 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [681559017] [2022-11-03 01:57:33,351 INFO L159 IcfgInterpreter]: Started Sifa with 54 locations of interest [2022-11-03 01:57:33,351 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 01:57:33,351 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 01:57:33,352 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 01:57:33,352 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 01:57:40,652 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 304 for LOIs [2022-11-03 01:57:40,761 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 26 for LOIs [2022-11-03 01:57:41,067 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__methaneQuery with input of size 38 for LOIs [2022-11-03 01:57:41,198 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 37 for LOIs [2022-11-03 01:57:41,361 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneAlarm with input of size 48 for LOIs [2022-11-03 01:57:41,368 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 40 for LOIs [2022-11-03 01:57:41,373 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 23 for LOIs [2022-11-03 01:57:41,374 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 48 for LOIs [2022-11-03 01:57:41,380 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 01:57:50,578 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '122329#(and (<= ~cleanupTimeShifts~0 4) (<= ~head~0.offset 0) (<= 0 |#NULL.base|) (= |timeShift_getWaterLevel_~retValue_acc~7#1| |timeShift_getWaterLevel_#res#1|) (<= 0 ~head~0.offset) (not (= |timeShift___utac_acc__Specification4_spec__1_~tmp___0~0#1| 0)) (<= 1 ~systemActive~0) (= |timeShift___utac_acc__Specification4_spec__1_~tmp~4#1| |timeShift_getWaterLevel_#res#1|) (= |timeShift___utac_acc__Specification4_spec__1_~tmp~4#1| 0) (<= |timeShift_isPumpRunning_#res#1| 2147483647) (<= |#NULL.offset| 0) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~11#1|) (<= 4 ~cleanupTimeShifts~0) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~11#1|) (<= 0 ~head~0.base) (= |timeShift_getWaterLevel_~retValue_acc~7#1| ~waterLevel~0) (<= |#NULL.base| 0) (<= 0 ~methaneLevelCritical~0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification4_spec__1_~tmp___0~0#1|) (<= ~head~0.base 0) (<= 0 (+ |timeShift_isPumpRunning_#res#1| 2147483648)) (<= 0 |#NULL.offset|) (<= 0 |#StackHeapBarrier|) (<= ~systemActive~0 1))' at error location [2022-11-03 01:57:50,578 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 01:57:50,578 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 01:57:50,578 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [13, 8, 9] total 26 [2022-11-03 01:57:50,578 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [294783236] [2022-11-03 01:57:50,578 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 01:57:50,579 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 26 states [2022-11-03 01:57:50,580 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:57:50,580 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 26 interpolants. [2022-11-03 01:57:50,581 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=347, Invalid=3685, Unknown=0, NotChecked=0, Total=4032 [2022-11-03 01:57:50,581 INFO L87 Difference]: Start difference. First operand 4950 states and 5750 transitions. Second operand has 26 states, 24 states have (on average 6.416666666666667) internal successors, (154), 24 states have internal predecessors, (154), 12 states have call successors, (31), 7 states have call predecessors, (31), 9 states have return successors, (35), 13 states have call predecessors, (35), 10 states have call successors, (35) [2022-11-03 01:57:53,531 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:57:53,531 INFO L93 Difference]: Finished difference Result 8264 states and 9793 transitions. [2022-11-03 01:57:53,531 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 46 states. [2022-11-03 01:57:53,531 INFO L78 Accepts]: Start accepts. Automaton has has 26 states, 24 states have (on average 6.416666666666667) internal successors, (154), 24 states have internal predecessors, (154), 12 states have call successors, (31), 7 states have call predecessors, (31), 9 states have return successors, (35), 13 states have call predecessors, (35), 10 states have call successors, (35) Word has length 129 [2022-11-03 01:57:53,532 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:57:53,533 INFO L225 Difference]: With dead ends: 8264 [2022-11-03 01:57:53,533 INFO L226 Difference]: Without dead ends: 0 [2022-11-03 01:57:53,550 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 465 GetRequests, 339 SyntacticMatches, 20 SemanticMatches, 106 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4796 ImplicationChecksByTransitivity, 10.6s TimeCoverageRelationStatistics Valid=1122, Invalid=10434, Unknown=0, NotChecked=0, Total=11556 [2022-11-03 01:57:53,550 INFO L413 NwaCegarLoop]: 117 mSDtfsCounter, 1012 mSDsluCounter, 489 mSDsCounter, 0 mSdLazyCounter, 2079 mSolverCounterSat, 796 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1012 SdHoareTripleChecker+Valid, 563 SdHoareTripleChecker+Invalid, 2875 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 796 IncrementalHoareTripleChecker+Valid, 2079 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.3s IncrementalHoareTripleChecker+Time [2022-11-03 01:57:53,551 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1012 Valid, 563 Invalid, 2875 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [796 Valid, 2079 Invalid, 0 Unknown, 0 Unchecked, 1.3s Time] [2022-11-03 01:57:53,551 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-03 01:57:53,551 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-03 01:57:53,552 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 01:57:53,552 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-03 01:57:53,553 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 129 [2022-11-03 01:57:53,553 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:57:53,553 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-03 01:57:53,554 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 26 states, 24 states have (on average 6.416666666666667) internal successors, (154), 24 states have internal predecessors, (154), 12 states have call successors, (31), 7 states have call predecessors, (31), 9 states have return successors, (35), 13 states have call predecessors, (35), 10 states have call successors, (35) [2022-11-03 01:57:53,554 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-03 01:57:53,554 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-03 01:57:53,557 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-03 01:57:53,591 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Forceful destruction successful, exit code 0 [2022-11-03 01:57:53,771 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable13,6 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 01:57:53,772 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-03 01:58:59,596 WARN L234 SmtUtils]: Spent 50.31s on a formula simplification. DAG size of input: 191 DAG size of output: 190 (called from [L 182] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.or) [2022-11-03 01:59:19,577 WARN L234 SmtUtils]: Spent 16.10s on a formula simplification. DAG size of input: 141 DAG size of output: 129 (called from [L 182] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.or) [2022-11-03 01:59:26,304 WARN L234 SmtUtils]: Spent 6.72s on a formula simplification. DAG size of input: 456 DAG size of output: 382 (called from [L 182] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.or) [2022-11-03 01:59:50,557 WARN L234 SmtUtils]: Spent 16.33s on a formula simplification. DAG size of input: 619 DAG size of output: 384 (called from [L 182] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.or) [2022-11-03 02:00:00,753 WARN L234 SmtUtils]: Spent 7.57s on a formula simplification. DAG size of input: 908 DAG size of output: 71 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-03 02:00:10,737 WARN L234 SmtUtils]: Spent 6.71s on a formula simplification. DAG size of input: 810 DAG size of output: 66 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-03 02:00:18,046 WARN L234 SmtUtils]: Spent 5.11s on a formula simplification. DAG size of input: 802 DAG size of output: 39 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-03 02:00:47,909 WARN L234 SmtUtils]: Spent 5.63s on a formula simplification. DAG size of input: 778 DAG size of output: 57 (called from [L 149] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.combineInter) [2022-11-03 02:00:59,246 INFO L895 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 841 848) the Hoare annotation is: (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= |old(~pumpRunning~0)| 0)) [2022-11-03 02:00:59,247 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 841 848) no Hoare annotation was computed. [2022-11-03 02:00:59,247 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 731 737) no Hoare annotation was computed. [2022-11-03 02:00:59,247 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 731 737) the Hoare annotation is: true [2022-11-03 02:00:59,247 INFO L895 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 615 626) the Hoare annotation is: (let ((.cse4 (= |old(~methaneLevelCritical~0)| 0))) (let ((.cse2 (= ~methaneLevelCritical~0 0)) (.cse3 (not (= 0 ~systemActive~0))) (.cse0 (not .cse4)) (.cse1 (not (= ~pumpRunning~0 0))) (.cse6 (not (= 1 ~systemActive~0))) (.cse5 (not (<= 1 ~waterLevel~0))) (.cse7 (= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0))) (and (or .cse0 .cse1 .cse2 (not (= 2 ~waterLevel~0)) .cse3) (or .cse1 .cse4 .cse5 (not .cse2) .cse3) (or .cse0 .cse6 .cse7 (not (<= 2 ~waterLevel~0)) (not (= ~pumpRunning~0 1))) (or .cse1 .cse6 .cse5 .cse7)))) [2022-11-03 02:00:59,248 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 615 626) no Hoare annotation was computed. [2022-11-03 02:00:59,248 INFO L899 garLoopResultBuilder]: For program point L799(lines 799 807) no Hoare annotation was computed. [2022-11-03 02:00:59,248 INFO L899 garLoopResultBuilder]: For program point L795(lines 795 812) no Hoare annotation was computed. [2022-11-03 02:00:59,248 INFO L895 garLoopResultBuilder]: At program point L696(line 696) the Hoare annotation is: (let ((.cse1 (not (= 1 ~systemActive~0))) (.cse0 (not (= |old(~pumpRunning~0)| 0)))) (and (or .cse0 .cse1 (not (<= 1 |old(~waterLevel~0)|))) (or .cse1 (and (= ~methaneLevelCritical~0 0) (not (= |old(~pumpRunning~0)| 1))) (not (<= 2 |old(~waterLevel~0)|))) (or .cse1 (not (= |old(~waterLevel~0)| 2))) (or .cse0 (not (= 0 ~systemActive~0))))) [2022-11-03 02:00:59,249 INFO L895 garLoopResultBuilder]: At program point L718-1(lines 718 724) the Hoare annotation is: (let ((.cse5 (= ~methaneLevelCritical~0 0)) (.cse10 (= ~pumpRunning~0 0)) (.cse6 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse9 (= |old(~pumpRunning~0)| 0))) (let ((.cse0 (not .cse9)) (.cse4 (and .cse10 .cse6)) (.cse2 (not (<= 1 |old(~waterLevel~0)|))) (.cse3 (not .cse5)) (.cse7 (not (= |old(~pumpRunning~0)| 1))) (.cse1 (not (= 1 ~systemActive~0))) (.cse11 (and .cse10 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)))) (.cse8 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 (= |old(~waterLevel~0)| 1) .cse1 .cse2 .cse3 (= ~pumpRunning~0 1)) (or .cse0 .cse4 .cse5 .cse1 .cse2) (or .cse0 .cse4 (not (= 0 ~systemActive~0))) (or .cse0 .cse4 .cse1 .cse2 (and (<= 2 ~waterLevel~0) .cse6)) (or (= |timeShift_processEnvironment_~tmp~7#1| 0) .cse1 .cse3 .cse7 .cse8) (or .cse1 .cse9 (and .cse10 (= ~waterLevel~0 1)) (not (= |old(~waterLevel~0)| 2))) (or .cse1 .cse3 .cse7 .cse11 .cse8) (or .cse5 .cse1 .cse9 .cse11 .cse8)))) [2022-11-03 02:00:59,249 INFO L895 garLoopResultBuilder]: At program point L805(line 805) the Hoare annotation is: (let ((.cse1 (not (= 1 ~systemActive~0))) (.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse3 (= |timeShift_processEnvironment_~tmp~7#1| 0)) (.cse0 (not (= |old(~pumpRunning~0)| 0)))) (and (or .cse0 .cse1 (not (<= 1 |old(~waterLevel~0)|))) (or (and .cse2 .cse3 (= ~waterLevel~0 1)) .cse1 (not (= |old(~waterLevel~0)| 2))) (or .cse1 (and (= ~methaneLevelCritical~0 0) (not (= |old(~pumpRunning~0)| 1))) (and .cse2 .cse3 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 (not (= 0 ~systemActive~0))))) [2022-11-03 02:00:59,249 INFO L895 garLoopResultBuilder]: At program point L801(line 801) the Hoare annotation is: (let ((.cse1 (= ~methaneLevelCritical~0 0)) (.cse3 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (= |old(~pumpRunning~0)| 0)))) (and (or (and .cse0 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) .cse1 .cse2 .cse3) (or .cse4 .cse2 (not (<= 1 |old(~waterLevel~0)|))) (or .cse2 (not .cse1) (not (= |old(~pumpRunning~0)| 1)) .cse3) (or (and .cse0 (= ~waterLevel~0 1)) .cse2 (not (= |old(~waterLevel~0)| 2))) (or .cse4 (not (= 0 ~systemActive~0))))) [2022-11-03 02:00:59,250 INFO L895 garLoopResultBuilder]: At program point L797(line 797) the Hoare annotation is: (let ((.cse1 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse3 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (= |old(~pumpRunning~0)| 0)))) (and (or (and .cse0 .cse1) (= ~methaneLevelCritical~0 0) .cse2 .cse3) (or .cse4 .cse2 (not (<= 1 |old(~waterLevel~0)|))) (or .cse2 (not (= |old(~pumpRunning~0)| 1)) (and .cse1 (= ~pumpRunning~0 1)) .cse3) (or (and .cse0 (= ~waterLevel~0 1)) .cse2 (not (= |old(~waterLevel~0)| 2))) (or .cse4 (not (= 0 ~systemActive~0))))) [2022-11-03 02:00:59,250 INFO L899 garLoopResultBuilder]: For program point L797-1(line 797) no Hoare annotation was computed. [2022-11-03 02:00:59,250 INFO L899 garLoopResultBuilder]: For program point L570(lines 570 576) no Hoare annotation was computed. [2022-11-03 02:00:59,250 INFO L895 garLoopResultBuilder]: At program point L566(lines 566 579) the Hoare annotation is: (let ((.cse9 (= |old(~pumpRunning~0)| 0))) (let ((.cse0 (not .cse9)) (.cse7 (= |timeShift___utac_acc__Specification4_spec__1_~tmp~4#1| ~waterLevel~0))) (let ((.cse6 (= ~pumpRunning~0 0)) (.cse12 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse1 (or .cse0 (and .cse7 (<= |old(~waterLevel~0)| ~waterLevel~0)))) (.cse5 (= ~methaneLevelCritical~0 0))) (let ((.cse8 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse4 (not .cse5)) (.cse10 (not (<= 2 |old(~waterLevel~0)|))) (.cse2 (not (= 1 ~systemActive~0))) (.cse3 (not (<= 1 |old(~waterLevel~0)|))) (.cse11 (and .cse6 .cse9 .cse12 .cse1))) (and (or .cse0 (and .cse1 (= ~pumpRunning~0 1)) (= |old(~waterLevel~0)| 1) .cse2 .cse3 .cse4) (or .cse5 .cse2 (and .cse6 .cse7 .cse8) .cse9 .cse10) (or .cse2 (and .cse6 (= |timeShift___utac_acc__Specification4_spec__1_~tmp~4#1| 1) (= ~waterLevel~0 1)) .cse9 (not (= |old(~waterLevel~0)| 2))) (or (and .cse6 .cse7 (= |timeShift_processEnvironment_~tmp~7#1| 0) .cse8) .cse2 .cse4 (not (= |old(~pumpRunning~0)| 1)) .cse10) (or .cse0 .cse5 .cse2 .cse3 .cse11) (or .cse0 (not (= 0 ~systemActive~0)) (and .cse6 .cse7 .cse12)) (or .cse0 .cse2 .cse3 (and (<= 2 ~waterLevel~0) .cse12) .cse11)))))) [2022-11-03 02:00:59,251 INFO L895 garLoopResultBuilder]: At program point L566-1(lines 558 582) the Hoare annotation is: (let ((.cse7 (= |old(~pumpRunning~0)| 0))) (let ((.cse0 (not .cse7)) (.cse2 (= |timeShift___utac_acc__Specification4_spec__1_~tmp~4#1| ~waterLevel~0))) (let ((.cse1 (= ~pumpRunning~0 0)) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse12 (or .cse0 (and .cse2 (<= |old(~waterLevel~0)| ~waterLevel~0)))) (.cse13 (= 1 ~systemActive~0)) (.cse4 (= ~methaneLevelCritical~0 0))) (let ((.cse6 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse11 (not .cse4)) (.cse8 (not (<= 2 |old(~waterLevel~0)|))) (.cse5 (not .cse13)) (.cse9 (and .cse1 .cse13 .cse7 .cse3 (<= 1 |timeShift___utac_acc__Specification4_spec__1_~tmp~4#1|) .cse12)) (.cse10 (not (<= 1 |old(~waterLevel~0)|)))) (and (or .cse0 (and .cse1 .cse2 (not (= |timeShift___utac_acc__Specification4_spec__1_~tmp~4#1| 0)) .cse3) (and .cse1 .cse2 .cse3 (< 0 (+ |timeShift___utac_acc__Specification4_spec__1_~tmp___0~0#1| 1)) (<= |timeShift___utac_acc__Specification4_spec__1_~tmp___0~0#1| 0)) (not (= 0 ~systemActive~0))) (or .cse4 .cse5 (and .cse1 .cse2 .cse6) .cse7 .cse8) (or .cse5 (and .cse1 (= |timeShift___utac_acc__Specification4_spec__1_~tmp~4#1| 1) (= ~waterLevel~0 1)) .cse7 (not (= |old(~waterLevel~0)| 2))) (or .cse0 .cse5 .cse9 .cse10 (and (<= 2 ~waterLevel~0) .cse3)) (or (and .cse1 .cse2 (= |timeShift_processEnvironment_~tmp~7#1| 0) .cse6) .cse5 .cse11 (not (= |old(~pumpRunning~0)| 1)) .cse8) (or .cse0 (and .cse12 (= ~pumpRunning~0 1)) .cse5 .cse11 .cse8) (or .cse0 .cse4 .cse5 .cse9 .cse10)))))) [2022-11-03 02:00:59,251 INFO L895 garLoopResultBuilder]: At program point L810(line 810) the Hoare annotation is: (let ((.cse2 (= |old(~pumpRunning~0)| 0))) (let ((.cse1 (not (= 1 ~systemActive~0))) (.cse0 (not .cse2))) (and (or .cse0 (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse1 (not (<= 1 |old(~waterLevel~0)|))) (or .cse1 (and (= ~methaneLevelCritical~0 0) (not (= |old(~pumpRunning~0)| 1))) .cse2 (not (<= 2 |old(~waterLevel~0)|))) (or .cse1 .cse2 (not (= |old(~waterLevel~0)| 2))) (or .cse0 (not (= 0 ~systemActive~0)))))) [2022-11-03 02:00:59,251 INFO L895 garLoopResultBuilder]: At program point L810-1(lines 791 815) the Hoare annotation is: (let ((.cse9 (= |old(~pumpRunning~0)| 0)) (.cse5 (= ~methaneLevelCritical~0 0)) (.cse10 (= ~pumpRunning~0 0)) (.cse6 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse4 (and .cse10 .cse6)) (.cse2 (not (<= 1 |old(~waterLevel~0)|))) (.cse3 (not .cse5)) (.cse7 (not (= |old(~pumpRunning~0)| 1))) (.cse1 (not (= 1 ~systemActive~0))) (.cse11 (and .cse10 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)))) (.cse8 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not .cse9))) (and (or .cse0 (= |old(~waterLevel~0)| 1) .cse1 .cse2 .cse3 (= ~pumpRunning~0 1)) (or .cse0 .cse4 .cse5 .cse1 .cse2) (or .cse0 .cse4 .cse1 .cse2 (and (<= 2 ~waterLevel~0) .cse6)) (or (= |timeShift_processEnvironment_~tmp~7#1| 0) .cse1 .cse3 .cse7 .cse8) (or .cse1 .cse9 (and .cse10 (= ~waterLevel~0 1)) (not (= |old(~waterLevel~0)| 2))) (or .cse1 .cse3 .cse7 .cse11 .cse8) (or .cse5 .cse1 .cse9 .cse11 .cse8) (or .cse0 (not (= 0 ~systemActive~0)))))) [2022-11-03 02:00:59,251 INFO L899 garLoopResultBuilder]: For program point L711-1(lines 710 729) no Hoare annotation was computed. [2022-11-03 02:00:59,252 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 707 730) the Hoare annotation is: (let ((.cse4 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse3 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse1 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse4))) (and (or .cse0 .cse1 (not (= 0 ~systemActive~0))) (or .cse2 .cse1 (not (= |old(~waterLevel~0)| 2))) (or (= ~methaneLevelCritical~0 0) .cse2 .cse1 .cse3) (or .cse2 (not (= |old(~pumpRunning~0)| 1)) (and .cse4 (= ~pumpRunning~0 1)) .cse3) (or .cse0 .cse2 (not (<= 1 |old(~waterLevel~0)|)) .cse1)))) [2022-11-03 02:00:59,252 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 707 730) no Hoare annotation was computed. [2022-11-03 02:00:59,252 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 696) no Hoare annotation was computed. [2022-11-03 02:00:59,252 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 418 447) no Hoare annotation was computed. [2022-11-03 02:00:59,252 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 418 447) the Hoare annotation is: true [2022-11-03 02:00:59,253 INFO L902 garLoopResultBuilder]: At program point L443(lines 418 447) the Hoare annotation is: true [2022-11-03 02:00:59,253 INFO L899 garLoopResultBuilder]: For program point L439(line 439) no Hoare annotation was computed. [2022-11-03 02:00:59,253 INFO L899 garLoopResultBuilder]: For program point L432(lines 432 436) no Hoare annotation was computed. [2022-11-03 02:00:59,253 INFO L902 garLoopResultBuilder]: At program point L432-1(lines 432 436) the Hoare annotation is: true [2022-11-03 02:00:59,253 INFO L902 garLoopResultBuilder]: At program point L428-2(lines 428 442) the Hoare annotation is: true [2022-11-03 02:00:59,253 INFO L902 garLoopResultBuilder]: At program point L424(line 424) the Hoare annotation is: true [2022-11-03 02:00:59,253 INFO L899 garLoopResultBuilder]: For program point L424-1(line 424) no Hoare annotation was computed. [2022-11-03 02:00:59,254 INFO L899 garLoopResultBuilder]: For program point L989(lines 989 995) no Hoare annotation was computed. [2022-11-03 02:00:59,254 INFO L899 garLoopResultBuilder]: For program point L989-1(lines 989 995) no Hoare annotation was computed. [2022-11-03 02:00:59,254 INFO L895 garLoopResultBuilder]: At program point L506(lines 506 513) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0) (= |ULTIMATE.start_main_~tmp~3#1| 1) (= ~waterLevel~0 1)) [2022-11-03 02:00:59,254 INFO L902 garLoopResultBuilder]: At program point L506-2(lines 506 513) the Hoare annotation is: true [2022-11-03 02:00:59,254 INFO L895 garLoopResultBuilder]: At program point L1014(lines 969 1016) the Hoare annotation is: (let ((.cse6 (= 0 ~systemActive~0))) (let ((.cse1 (or (not (= |old(~methaneLevelCritical~0)| 0)) (= ~methaneLevelCritical~0 1))) (.cse2 (<= 2 ~waterLevel~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse7 (= ~methaneLevelCritical~0 0)) (.cse3 (= 1 ~systemActive~0)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse5 (not .cse6))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse1 .cse3 .cse4 (= ~waterLevel~0 1) .cse5) (and .cse0 .cse4 .cse6) (and .cse7 .cse2 .cse3 .cse4 .cse5 (= ~pumpRunning~0 1)) (and .cse0 .cse7 .cse3 .cse4 (<= 1 ~waterLevel~0) .cse5)))) [2022-11-03 02:00:59,255 INFO L895 garLoopResultBuilder]: At program point L981(line 981) the Hoare annotation is: (let ((.cse6 (= 0 ~systemActive~0))) (let ((.cse1 (or (not (= |old(~methaneLevelCritical~0)| 0)) (= ~methaneLevelCritical~0 1))) (.cse2 (<= 2 ~waterLevel~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse7 (= ~methaneLevelCritical~0 0)) (.cse3 (= 1 ~systemActive~0)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse5 (not .cse6))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse1 .cse3 .cse4 (= ~waterLevel~0 1) .cse5) (and .cse0 .cse4 .cse6) (and .cse7 .cse2 .cse3 .cse4 .cse5 (= ~pumpRunning~0 1)) (and .cse0 .cse7 .cse3 .cse4 (<= 1 ~waterLevel~0) .cse5)))) [2022-11-03 02:00:59,255 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-03 02:00:59,255 INFO L895 garLoopResultBuilder]: At program point L949(line 949) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (not (= ~pumpRunning~0 0)) .cse0) (and (<= 2 ~waterLevel~0) .cse0 (not (= 0 ~systemActive~0))))) [2022-11-03 02:00:59,255 INFO L899 garLoopResultBuilder]: For program point L970(lines 969 1016) no Hoare annotation was computed. [2022-11-03 02:00:59,255 INFO L899 garLoopResultBuilder]: For program point L999(lines 999 1012) no Hoare annotation was computed. [2022-11-03 02:00:59,255 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-03 02:00:59,256 INFO L895 garLoopResultBuilder]: At program point L991(line 991) the Hoare annotation is: (let ((.cse5 (= 0 ~systemActive~0))) (let ((.cse0 (= ~pumpRunning~0 0)) (.cse6 (= ~methaneLevelCritical~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= 1 ~waterLevel~0)) (.cse4 (not .cse5))) (or (and .cse0 (or (not (= |old(~methaneLevelCritical~0)| 0)) (= ~methaneLevelCritical~0 1)) .cse1 .cse2 .cse3 .cse4) (and .cse0 .cse2 .cse5) (and .cse6 (<= 2 ~waterLevel~0) .cse1 .cse2 .cse4 (= ~pumpRunning~0 1)) (and .cse0 .cse6 .cse1 .cse2 .cse3 .cse4)))) [2022-11-03 02:00:59,256 INFO L902 garLoopResultBuilder]: At program point L1020(lines 959 1024) the Hoare annotation is: true [2022-11-03 02:00:59,256 INFO L899 garLoopResultBuilder]: For program point L979(lines 979 985) no Hoare annotation was computed. [2022-11-03 02:00:59,256 INFO L899 garLoopResultBuilder]: For program point L979-1(lines 979 985) no Hoare annotation was computed. [2022-11-03 02:00:59,256 INFO L895 garLoopResultBuilder]: At program point L1017(lines 968 1018) the Hoare annotation is: false [2022-11-03 02:00:59,256 INFO L899 garLoopResultBuilder]: For program point L947(lines 947 953) no Hoare annotation was computed. [2022-11-03 02:00:59,257 INFO L895 garLoopResultBuilder]: At program point L947-1(lines 947 953) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-11-03 02:00:59,257 INFO L899 garLoopResultBuilder]: For program point L1005(lines 1005 1011) no Hoare annotation was computed. [2022-11-03 02:00:59,257 INFO L895 garLoopResultBuilder]: At program point L1005-2(lines 999 1012) the Hoare annotation is: (let ((.cse4 (= ~pumpRunning~0 0)) (.cse5 (or (not (= |old(~methaneLevelCritical~0)| 0)) (= ~methaneLevelCritical~0 1))) (.cse1 (<= 2 ~waterLevel~0)) (.cse2 (= 1 ~systemActive~0)) (.cse0 (= ~methaneLevelCritical~0 0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 (= ~pumpRunning~0 1)) (and (= 2 ~waterLevel~0) .cse0 .cse2 .cse3) (and .cse4 .cse5 .cse2 .cse3 (= ~waterLevel~0 1)) (and .cse4 .cse0 .cse2 .cse3 (<= 1 ~waterLevel~0)) (and .cse4 .cse3 (= 0 ~systemActive~0)) (and .cse5 .cse1 .cse2 (not .cse0) .cse3))) [2022-11-03 02:00:59,257 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 739 763) the Hoare annotation is: (let ((.cse4 (= |old(~pumpRunning~0)| 0))) (let ((.cse1 (not .cse4)) (.cse2 (= ~pumpRunning~0 0)) (.cse3 (not (= 1 ~systemActive~0))) (.cse0 (= ~waterLevel~0 1))) (and (or (not .cse0) .cse1 .cse2 .cse3) (or .cse1 .cse2 .cse3 (not (<= 2 ~waterLevel~0))) (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse3 (and (= ~methaneLevelCritical~0 0) (not (= |old(~pumpRunning~0)| 1))) .cse4 .cse0 (= ~waterLevel~0 0))))) [2022-11-03 02:00:59,258 INFO L895 garLoopResultBuilder]: At program point L758(line 758) the Hoare annotation is: (let ((.cse1 (= |old(~pumpRunning~0)| 0)) (.cse0 (not (= 1 ~systemActive~0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (and (= ~methaneLevelCritical~0 0) (not (= |old(~pumpRunning~0)| 1))) .cse1 (= ~waterLevel~0 1) (= ~waterLevel~0 0)) (or (not .cse1) .cse0 (not (<= 1 ~waterLevel~0))))) [2022-11-03 02:00:59,258 INFO L899 garLoopResultBuilder]: For program point L758-1(lines 739 763) no Hoare annotation was computed. [2022-11-03 02:00:59,258 INFO L895 garLoopResultBuilder]: At program point L829(line 829) the Hoare annotation is: (let ((.cse2 (= |old(~pumpRunning~0)| 0))) (let ((.cse3 (= ~waterLevel~0 1)) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (and (not .cse2) (< 0 ~waterLevel~0)))) (and (or .cse0 (not (<= 2 ~waterLevel~0)) (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~5#1| 1)) .cse1) (or .cse0 (and (= ~methaneLevelCritical~0 0) (not (= |old(~pumpRunning~0)| 1))) .cse2 .cse3 (= ~waterLevel~0 0)) (or (not .cse3) .cse0 .cse1)))) [2022-11-03 02:00:59,258 INFO L895 garLoopResultBuilder]: At program point L829-1(line 829) the Hoare annotation is: (let ((.cse1 (= |old(~pumpRunning~0)| 0))) (let ((.cse2 (= ~waterLevel~0 1)) (.cse0 (not (= 1 ~systemActive~0))) (.cse3 (and (not .cse1) (< 0 ~waterLevel~0)))) (and (or .cse0 (and (= ~methaneLevelCritical~0 0) (not (= |old(~pumpRunning~0)| 1))) .cse1 .cse2 (= ~waterLevel~0 0)) (or (and (= ~methaneLevelCritical~0 |processEnvironment__wrappee__highWaterSensor_activatePump_#t~ret39#1|) (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~5#1| 1)) .cse0 (not (<= 2 ~waterLevel~0)) .cse3) (or (not .cse2) .cse0 .cse3)))) [2022-11-03 02:00:59,258 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 739 763) no Hoare annotation was computed. [2022-11-03 02:00:59,259 INFO L895 garLoopResultBuilder]: At program point L753(line 753) the Hoare annotation is: (let ((.cse1 (= |old(~pumpRunning~0)| 0))) (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse2 (and (not .cse1) (< 0 ~waterLevel~0)))) (and (or .cse0 (and (= ~methaneLevelCritical~0 0) (not (= |old(~pumpRunning~0)| 1))) .cse1 (= ~waterLevel~0 1) (= ~waterLevel~0 0)) (or .cse0 (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~5#1| 0)) (not (<= 1 ~waterLevel~0)) .cse2) (or .cse0 (not (<= 2 ~waterLevel~0)) .cse2)))) [2022-11-03 02:00:59,259 INFO L899 garLoopResultBuilder]: For program point L747(lines 747 755) no Hoare annotation was computed. [2022-11-03 02:00:59,259 INFO L895 garLoopResultBuilder]: At program point L743(lines 743 760) the Hoare annotation is: (let ((.cse4 (= |old(~pumpRunning~0)| 0))) (let ((.cse1 (not .cse4)) (.cse2 (= ~pumpRunning~0 0)) (.cse3 (not (= 1 ~systemActive~0))) (.cse0 (= ~waterLevel~0 1))) (and (or (not .cse0) .cse1 .cse2 .cse3) (or .cse1 .cse2 .cse3 (not (<= 2 ~waterLevel~0))) (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse3 (and (= ~methaneLevelCritical~0 0) (not (= |old(~pumpRunning~0)| 1))) .cse4 .cse0 (= ~waterLevel~0 0))))) [2022-11-03 02:00:59,259 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 603 614) no Hoare annotation was computed. [2022-11-03 02:00:59,259 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 603 614) the Hoare annotation is: (let ((.cse0 (not (= ~pumpRunning~0 0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 .cse1 (not (= 0 ~systemActive~0))) (or .cse0 .cse2 (not (<= 1 |old(~waterLevel~0)|)) .cse1) (or .cse2 (not (= ~methaneLevelCritical~0 0)) (not (= ~pumpRunning~0 1)) .cse1 (not (<= 2 |old(~waterLevel~0)|))))) [2022-11-03 02:00:59,260 INFO L895 garLoopResultBuilder]: At program point L779(line 779) the Hoare annotation is: (or (not (= 1 ~systemActive~0)) (not (<= 1 ~waterLevel~0))) [2022-11-03 02:00:59,260 INFO L895 garLoopResultBuilder]: At program point L775(line 775) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= 1 ~waterLevel~0)))) (and (or .cse0 .cse1 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= |processEnvironment__wrappee__methaneQuery_~tmp~6#1| 1))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1))) [2022-11-03 02:00:59,260 INFO L899 garLoopResultBuilder]: For program point L773(lines 773 781) no Hoare annotation was computed. [2022-11-03 02:00:59,260 INFO L895 garLoopResultBuilder]: At program point L769(lines 769 786) the Hoare annotation is: (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) (not (= 1 ~systemActive~0)) (not (<= 1 ~waterLevel~0))) [2022-11-03 02:00:59,260 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__methaneQueryENTRY(lines 765 789) the Hoare annotation is: (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) (not (= 1 ~systemActive~0)) (not (<= 1 ~waterLevel~0))) [2022-11-03 02:00:59,261 INFO L895 garLoopResultBuilder]: At program point L784(line 784) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (not (= 1 ~systemActive~0)))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1) (or .cse1 (not (<= 1 ~waterLevel~0)) (= |old(~pumpRunning~0)| 0)) (or .cse0 .cse1 (not (<= 2 ~waterLevel~0))))) [2022-11-03 02:00:59,261 INFO L899 garLoopResultBuilder]: For program point L784-1(lines 765 789) no Hoare annotation was computed. [2022-11-03 02:00:59,261 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__methaneQueryEXIT(lines 765 789) no Hoare annotation was computed. [2022-11-03 02:00:59,261 INFO L902 garLoopResultBuilder]: At program point isMethaneAlarmENTRY(lines 849 859) the Hoare annotation is: true [2022-11-03 02:00:59,261 INFO L899 garLoopResultBuilder]: For program point isMethaneAlarmEXIT(lines 849 859) no Hoare annotation was computed. [2022-11-03 02:00:59,264 INFO L444 BasicCegarLoop]: Path program histogram: [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:00:59,267 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-03 02:00:59,296 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 03.11 02:00:59 BoogieIcfgContainer [2022-11-03 02:00:59,296 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-03 02:00:59,297 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-03 02:00:59,297 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-03 02:00:59,297 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-03 02:00:59,298 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 01:55:19" (3/4) ... [2022-11-03 02:00:59,301 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-03 02:00:59,306 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-11-03 02:00:59,306 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-03 02:00:59,306 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-03 02:00:59,307 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-03 02:00:59,307 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-03 02:00:59,307 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 02:00:59,307 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-03 02:00:59,307 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2022-11-03 02:00:59,308 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2022-11-03 02:00:59,315 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 79 nodes and edges [2022-11-03 02:00:59,315 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 28 nodes and edges [2022-11-03 02:00:59,316 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 13 nodes and edges [2022-11-03 02:00:59,316 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-03 02:00:59,317 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-11-03 02:00:59,317 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 02:00:59,318 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 02:00:59,342 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((pumpRunning == 0 && (!(\old(methaneLevelCritical) == 0) || methaneLevelCritical == 1)) && 2 <= waterLevel) && 1 == systemActive) && splverifierCounter == 0) && !(0 == systemActive)) || (((((pumpRunning == 0 && (!(\old(methaneLevelCritical) == 0) || methaneLevelCritical == 1)) && 1 == systemActive) && splverifierCounter == 0) && waterLevel == 1) && !(0 == systemActive))) || ((pumpRunning == 0 && splverifierCounter == 0) && 0 == systemActive)) || (((((methaneLevelCritical == 0 && 2 <= waterLevel) && 1 == systemActive) && splverifierCounter == 0) && !(0 == systemActive)) && pumpRunning == 1)) || (((((pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive) && splverifierCounter == 0) && 1 <= waterLevel) && !(0 == systemActive)) [2022-11-03 02:00:59,342 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(pumpRunning) == 0) || (pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel)) || !(0 == systemActive)) && ((!(1 == systemActive) || (pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2))) && (((methaneLevelCritical == 0 || !(1 == systemActive)) || (pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel)) || !(2 <= \old(waterLevel)))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || (\old(waterLevel) == waterLevel && pumpRunning == 1)) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(1 <= \old(waterLevel))) || (pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel)) [2022-11-03 02:00:59,343 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((!(\old(pumpRunning) == 0) || \old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(waterLevel))) || !(methaneLevelCritical == 0)) || pumpRunning == 1) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || methaneLevelCritical == 0) || !(1 == systemActive)) || !(1 <= \old(waterLevel)))) && ((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(1 <= \old(waterLevel))) || (2 <= waterLevel && \old(waterLevel) == waterLevel))) && ((((tmp == 0 || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(2 <= \old(waterLevel)))) && (((!(1 == systemActive) || \old(pumpRunning) == 0) || (pumpRunning == 0 && waterLevel == 1)) || !(\old(waterLevel) == 2))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel + 1)) || !(2 <= \old(waterLevel)))) && ((((methaneLevelCritical == 0 || !(1 == systemActive)) || \old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel + 1)) || !(2 <= \old(waterLevel))) [2022-11-03 02:00:59,343 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((!(\old(pumpRunning) == 0) || \old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(waterLevel))) || !(methaneLevelCritical == 0)) || pumpRunning == 1) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || methaneLevelCritical == 0) || !(1 == systemActive)) || !(1 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(1 <= \old(waterLevel))) || (2 <= waterLevel && \old(waterLevel) == waterLevel))) && ((((tmp == 0 || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(2 <= \old(waterLevel)))) && (((!(1 == systemActive) || \old(pumpRunning) == 0) || (pumpRunning == 0 && waterLevel == 1)) || !(\old(waterLevel) == 2))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel + 1)) || !(2 <= \old(waterLevel)))) && ((((methaneLevelCritical == 0 || !(1 == systemActive)) || \old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel + 1)) || !(2 <= \old(waterLevel)))) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) [2022-11-03 02:00:59,344 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (pumpRunning == \old(pumpRunning) || !(1 == systemActive)) || !(1 <= waterLevel) [2022-11-03 02:00:59,344 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(1 == systemActive)) && (((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(2 <= waterLevel))) && (((((pumpRunning == \old(pumpRunning) || !(1 == systemActive)) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || \old(pumpRunning) == 0) || waterLevel == 1) || waterLevel == 0) [2022-11-03 02:00:59,345 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((!(\old(pumpRunning) == 0) || ((!(\old(pumpRunning) == 0) || (tmp == waterLevel && \old(waterLevel) <= waterLevel)) && pumpRunning == 1)) || \old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(waterLevel))) || !(methaneLevelCritical == 0)) && ((((methaneLevelCritical == 0 || !(1 == systemActive)) || ((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel + 1)) || \old(pumpRunning) == 0) || !(2 <= \old(waterLevel)))) && (((!(1 == systemActive) || ((pumpRunning == 0 && tmp == 1) && waterLevel == 1)) || \old(pumpRunning) == 0) || !(\old(waterLevel) == 2))) && (((((((pumpRunning == 0 && tmp == waterLevel) && tmp == 0) && \old(waterLevel) == waterLevel + 1) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) || !(1 == systemActive)) || !(1 <= \old(waterLevel))) || (((pumpRunning == 0 && \old(pumpRunning) == 0) && \old(waterLevel) == waterLevel) && (!(\old(pumpRunning) == 0) || (tmp == waterLevel && \old(waterLevel) <= waterLevel))))) && ((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || ((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(1 <= \old(waterLevel))) || (2 <= waterLevel && \old(waterLevel) == waterLevel)) || (((pumpRunning == 0 && \old(pumpRunning) == 0) && \old(waterLevel) == waterLevel) && (!(\old(pumpRunning) == 0) || (tmp == waterLevel && \old(waterLevel) <= waterLevel)))) [2022-11-03 02:00:59,345 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && tmp == waterLevel) && !(tmp == 0)) && \old(waterLevel) == waterLevel)) || ((((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel) && 0 < tmp___0 + 1) && tmp___0 <= 0)) || !(0 == systemActive)) && ((((methaneLevelCritical == 0 || !(1 == systemActive)) || ((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel + 1)) || \old(pumpRunning) == 0) || !(2 <= \old(waterLevel)))) && (((!(1 == systemActive) || ((pumpRunning == 0 && tmp == 1) && waterLevel == 1)) || \old(pumpRunning) == 0) || !(\old(waterLevel) == 2))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((((pumpRunning == 0 && 1 == systemActive) && \old(pumpRunning) == 0) && \old(waterLevel) == waterLevel) && 1 <= tmp) && (!(\old(pumpRunning) == 0) || (tmp == waterLevel && \old(waterLevel) <= waterLevel)))) || !(1 <= \old(waterLevel))) || (2 <= waterLevel && \old(waterLevel) == waterLevel))) && (((((((pumpRunning == 0 && tmp == waterLevel) && tmp == 0) && \old(waterLevel) == waterLevel + 1) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || ((!(\old(pumpRunning) == 0) || (tmp == waterLevel && \old(waterLevel) <= waterLevel)) && pumpRunning == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) || !(1 == systemActive)) || (((((pumpRunning == 0 && 1 == systemActive) && \old(pumpRunning) == 0) && \old(waterLevel) == waterLevel) && 1 <= tmp) && (!(\old(pumpRunning) == 0) || (tmp == waterLevel && \old(waterLevel) <= waterLevel)))) || !(1 <= \old(waterLevel))) [2022-11-03 02:00:59,345 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(1 == systemActive) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || \old(pumpRunning) == 0) || waterLevel == 1) || waterLevel == 0) && (((((methaneLevelCritical == aux-isMethaneAlarm()-aux && pumpRunning == 0) && tmp == 1) || !(1 == systemActive)) || !(2 <= waterLevel)) || (!(\old(pumpRunning) == 0) && 0 < waterLevel))) && ((!(waterLevel == 1) || !(1 == systemActive)) || (!(\old(pumpRunning) == 0) && 0 < waterLevel)) [2022-11-03 02:00:59,346 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(1 <= \old(waterLevel))) && ((!(1 == systemActive) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || !(2 <= \old(waterLevel)))) && (!(1 == systemActive) || !(\old(waterLevel) == 2))) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) [2022-11-03 02:00:59,372 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/witness.graphml [2022-11-03 02:00:59,372 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-03 02:00:59,373 INFO L158 Benchmark]: Toolchain (without parser) took 340796.81ms. Allocated memory was 123.7MB in the beginning and 1.5GB in the end (delta: 1.4GB). Free memory was 86.0MB in the beginning and 799.2MB in the end (delta: -713.2MB). Peak memory consumption was 685.4MB. Max. memory is 16.1GB. [2022-11-03 02:00:59,373 INFO L158 Benchmark]: CDTParser took 0.28ms. Allocated memory is still 123.7MB. Free memory is still 103.3MB. There was no memory consumed. Max. memory is 16.1GB. [2022-11-03 02:00:59,373 INFO L158 Benchmark]: CACSL2BoogieTranslator took 546.23ms. Allocated memory is still 123.7MB. Free memory was 85.8MB in the beginning and 90.2MB in the end (delta: -4.4MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2022-11-03 02:00:59,374 INFO L158 Benchmark]: Boogie Procedure Inliner took 67.38ms. Allocated memory is still 123.7MB. Free memory was 90.2MB in the beginning and 87.5MB in the end (delta: 2.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-03 02:00:59,374 INFO L158 Benchmark]: Boogie Preprocessor took 46.80ms. Allocated memory is still 123.7MB. Free memory was 87.5MB in the beginning and 86.0MB in the end (delta: 1.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-03 02:00:59,374 INFO L158 Benchmark]: RCFGBuilder took 750.47ms. Allocated memory is still 123.7MB. Free memory was 86.0MB in the beginning and 52.5MB in the end (delta: 33.6MB). Peak memory consumption was 33.6MB. Max. memory is 16.1GB. [2022-11-03 02:00:59,375 INFO L158 Benchmark]: TraceAbstraction took 339303.64ms. Allocated memory was 123.7MB in the beginning and 1.5GB in the end (delta: 1.4GB). Free memory was 51.9MB in the beginning and 805.5MB in the end (delta: -753.6MB). Peak memory consumption was 931.5MB. Max. memory is 16.1GB. [2022-11-03 02:00:59,375 INFO L158 Benchmark]: Witness Printer took 75.27ms. Allocated memory is still 1.5GB. Free memory was 805.5MB in the beginning and 799.2MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-03 02:00:59,377 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.28ms. Allocated memory is still 123.7MB. Free memory is still 103.3MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 546.23ms. Allocated memory is still 123.7MB. Free memory was 85.8MB in the beginning and 90.2MB in the end (delta: -4.4MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 67.38ms. Allocated memory is still 123.7MB. Free memory was 90.2MB in the beginning and 87.5MB in the end (delta: 2.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 46.80ms. Allocated memory is still 123.7MB. Free memory was 87.5MB in the beginning and 86.0MB in the end (delta: 1.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 750.47ms. Allocated memory is still 123.7MB. Free memory was 86.0MB in the beginning and 52.5MB in the end (delta: 33.6MB). Peak memory consumption was 33.6MB. Max. memory is 16.1GB. * TraceAbstraction took 339303.64ms. Allocated memory was 123.7MB in the beginning and 1.5GB in the end (delta: 1.4GB). Free memory was 51.9MB in the beginning and 805.5MB in the end (delta: -753.6MB). Peak memory consumption was 931.5MB. Max. memory is 16.1GB. * Witness Printer took 75.27ms. Allocated memory is still 1.5GB. Free memory was 805.5MB in the beginning and 799.2MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 696]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 73 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 339.2s, OverallIterations: 14, TraceHistogramMax: 4, PathProgramHistogramMax: 2, EmptinessCheckTime: 0.1s, AutomataDifference: 50.2s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 185.5s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 10711 SdHoareTripleChecker+Valid, 18.2s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 10641 mSDsluCounter, 8435 SdHoareTripleChecker+Invalid, 15.3s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 7980 mSDsCounter, 8860 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 24303 IncrementalHoareTripleChecker+Invalid, 33163 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 8860 mSolverCounterUnsat, 1547 mSDtfsCounter, 24303 mSolverCounterSat, 0.2s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 2207 GetRequests, 1227 SyntacticMatches, 44 SemanticMatches, 936 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 76430 ImplicationChecksByTransitivity, 62.8s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=6080occurred in iteration=10, InterpolantAutomatonStates: 698, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 4.5s AutomataMinimizationTime, 14 MinimizatonAttempts, 6759 StatesRemovedByMinimization, 11 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 42 LocationsWithAnnotation, 13678 PreInvPairs, 15473 NumberOfFragments, 2263 HoareAnnotationTreeSize, 13678 FomulaSimplifications, 2376205 FormulaSimplificationTreeSizeReduction, 116.7s HoareSimplificationTime, 42 FomulaSimplificationsInter, 2451480 FormulaSimplificationTreeSizeReductionInter, 68.1s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.6s SatisfiabilityAnalysisTime, 8.3s InterpolantComputationTime, 1206 NumberOfCodeBlocks, 1145 NumberOfCodeBlocksAsserted, 20 NumberOfCheckSat, 1610 ConstructedInterpolants, 0 QuantifiedInterpolants, 5262 SizeOfPredicates, 58 NumberOfNonLiveVariables, 2314 ConjunctsInSsa, 149 ConjunctsInUnsatCore, 24 InterpolantComputations, 9 PerfectInterpolantSequences, 755/969 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 959]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 718]: Loop Invariant Derived loop invariant: (((((((((((!(\old(pumpRunning) == 0) || \old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(waterLevel))) || !(methaneLevelCritical == 0)) || pumpRunning == 1) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || methaneLevelCritical == 0) || !(1 == systemActive)) || !(1 <= \old(waterLevel)))) && ((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(1 <= \old(waterLevel))) || (2 <= waterLevel && \old(waterLevel) == waterLevel))) && ((((tmp == 0 || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(2 <= \old(waterLevel)))) && (((!(1 == systemActive) || \old(pumpRunning) == 0) || (pumpRunning == 0 && waterLevel == 1)) || !(\old(waterLevel) == 2))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel + 1)) || !(2 <= \old(waterLevel)))) && ((((methaneLevelCritical == 0 || !(1 == systemActive)) || \old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel + 1)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 558]: Loop Invariant Derived loop invariant: ((((((((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && tmp == waterLevel) && !(tmp == 0)) && \old(waterLevel) == waterLevel)) || ((((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel) && 0 < tmp___0 + 1) && tmp___0 <= 0)) || !(0 == systemActive)) && ((((methaneLevelCritical == 0 || !(1 == systemActive)) || ((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel + 1)) || \old(pumpRunning) == 0) || !(2 <= \old(waterLevel)))) && (((!(1 == systemActive) || ((pumpRunning == 0 && tmp == 1) && waterLevel == 1)) || \old(pumpRunning) == 0) || !(\old(waterLevel) == 2))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((((pumpRunning == 0 && 1 == systemActive) && \old(pumpRunning) == 0) && \old(waterLevel) == waterLevel) && 1 <= tmp) && (!(\old(pumpRunning) == 0) || (tmp == waterLevel && \old(waterLevel) <= waterLevel)))) || !(1 <= \old(waterLevel))) || (2 <= waterLevel && \old(waterLevel) == waterLevel))) && (((((((pumpRunning == 0 && tmp == waterLevel) && tmp == 0) && \old(waterLevel) == waterLevel + 1) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || ((!(\old(pumpRunning) == 0) || (tmp == waterLevel && \old(waterLevel) <= waterLevel)) && pumpRunning == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) || !(1 == systemActive)) || (((((pumpRunning == 0 && 1 == systemActive) && \old(pumpRunning) == 0) && \old(waterLevel) == waterLevel) && 1 <= tmp) && (!(\old(pumpRunning) == 0) || (tmp == waterLevel && \old(waterLevel) <= waterLevel)))) || !(1 <= \old(waterLevel))) - InvariantResult [Line: 566]: Loop Invariant Derived loop invariant: ((((((((((!(\old(pumpRunning) == 0) || ((!(\old(pumpRunning) == 0) || (tmp == waterLevel && \old(waterLevel) <= waterLevel)) && pumpRunning == 1)) || \old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(waterLevel))) || !(methaneLevelCritical == 0)) && ((((methaneLevelCritical == 0 || !(1 == systemActive)) || ((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel + 1)) || \old(pumpRunning) == 0) || !(2 <= \old(waterLevel)))) && (((!(1 == systemActive) || ((pumpRunning == 0 && tmp == 1) && waterLevel == 1)) || \old(pumpRunning) == 0) || !(\old(waterLevel) == 2))) && (((((((pumpRunning == 0 && tmp == waterLevel) && tmp == 0) && \old(waterLevel) == waterLevel + 1) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) || !(1 == systemActive)) || !(1 <= \old(waterLevel))) || (((pumpRunning == 0 && \old(pumpRunning) == 0) && \old(waterLevel) == waterLevel) && (!(\old(pumpRunning) == 0) || (tmp == waterLevel && \old(waterLevel) <= waterLevel))))) && ((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || ((pumpRunning == 0 && tmp == waterLevel) && \old(waterLevel) == waterLevel))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(1 <= \old(waterLevel))) || (2 <= waterLevel && \old(waterLevel) == waterLevel)) || (((pumpRunning == 0 && \old(pumpRunning) == 0) && \old(waterLevel) == waterLevel) && (!(\old(pumpRunning) == 0) || (tmp == waterLevel && \old(waterLevel) <= waterLevel)))) - InvariantResult [Line: 707]: Loop Invariant Derived loop invariant: (((((!(\old(pumpRunning) == 0) || (pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel)) || !(0 == systemActive)) && ((!(1 == systemActive) || (pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2))) && (((methaneLevelCritical == 0 || !(1 == systemActive)) || (pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel)) || !(2 <= \old(waterLevel)))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || (\old(waterLevel) == waterLevel && pumpRunning == 1)) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(1 <= \old(waterLevel))) || (pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel)) - InvariantResult [Line: 506]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 769]: Loop Invariant Derived loop invariant: (pumpRunning == \old(pumpRunning) || !(1 == systemActive)) || !(1 <= waterLevel) - InvariantResult [Line: 696]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(1 <= \old(waterLevel))) && ((!(1 == systemActive) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || !(2 <= \old(waterLevel)))) && (!(1 == systemActive) || !(\old(waterLevel) == 2))) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) - InvariantResult [Line: 743]: Loop Invariant Derived loop invariant: ((((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(1 == systemActive)) && (((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(2 <= waterLevel))) && (((((pumpRunning == \old(pumpRunning) || !(1 == systemActive)) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || \old(pumpRunning) == 0) || waterLevel == 1) || waterLevel == 0) - InvariantResult [Line: 969]: Loop Invariant Derived loop invariant: ((((((((pumpRunning == 0 && (!(\old(methaneLevelCritical) == 0) || methaneLevelCritical == 1)) && 2 <= waterLevel) && 1 == systemActive) && splverifierCounter == 0) && !(0 == systemActive)) || (((((pumpRunning == 0 && (!(\old(methaneLevelCritical) == 0) || methaneLevelCritical == 1)) && 1 == systemActive) && splverifierCounter == 0) && waterLevel == 1) && !(0 == systemActive))) || ((pumpRunning == 0 && splverifierCounter == 0) && 0 == systemActive)) || (((((methaneLevelCritical == 0 && 2 <= waterLevel) && 1 == systemActive) && splverifierCounter == 0) && !(0 == systemActive)) && pumpRunning == 1)) || (((((pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive) && splverifierCounter == 0) && 1 <= waterLevel) && !(0 == systemActive)) - InvariantResult [Line: 849]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 829]: Loop Invariant Derived loop invariant: (((((!(1 == systemActive) || (methaneLevelCritical == 0 && !(\old(pumpRunning) == 1))) || \old(pumpRunning) == 0) || waterLevel == 1) || waterLevel == 0) && (((((methaneLevelCritical == aux-isMethaneAlarm()-aux && pumpRunning == 0) && tmp == 1) || !(1 == systemActive)) || !(2 <= waterLevel)) || (!(\old(pumpRunning) == 0) && 0 < waterLevel))) && ((!(waterLevel == 1) || !(1 == systemActive)) || (!(\old(pumpRunning) == 0) && 0 < waterLevel)) - InvariantResult [Line: 418]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 947]: Loop Invariant Derived loop invariant: pumpRunning == 0 && splverifierCounter == 0 - InvariantResult [Line: 428]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 791]: Loop Invariant Derived loop invariant: (((((((((((!(\old(pumpRunning) == 0) || \old(waterLevel) == 1) || !(1 == systemActive)) || !(1 <= \old(waterLevel))) || !(methaneLevelCritical == 0)) || pumpRunning == 1) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || methaneLevelCritical == 0) || !(1 == systemActive)) || !(1 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(1 <= \old(waterLevel))) || (2 <= waterLevel && \old(waterLevel) == waterLevel))) && ((((tmp == 0 || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(2 <= \old(waterLevel)))) && (((!(1 == systemActive) || \old(pumpRunning) == 0) || (pumpRunning == 0 && waterLevel == 1)) || !(\old(waterLevel) == 2))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel + 1)) || !(2 <= \old(waterLevel)))) && ((((methaneLevelCritical == 0 || !(1 == systemActive)) || \old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel + 1)) || !(2 <= \old(waterLevel)))) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) - InvariantResult [Line: 506]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive) && tmp == 1) && waterLevel == 1 - InvariantResult [Line: 968]: Loop Invariant Derived loop invariant: 0 RESULT: Ultimate proved your program to be correct! [2022-11-03 02:00:59,447 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8a59362a-f189-49e1-8fcc-df029130d1f5/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE