./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product45.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 5e519f3a Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product45.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 603cfb64133b588a2e9c81e31ac984484d295feb0a468539180131e3ac5a47d6 --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-5e519f3 [2022-11-03 01:57:28,953 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-03 01:57:28,956 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-03 01:57:29,014 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-03 01:57:29,015 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-03 01:57:29,020 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-03 01:57:29,023 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-03 01:57:29,026 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-03 01:57:29,029 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-03 01:57:29,033 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-03 01:57:29,034 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-03 01:57:29,037 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-03 01:57:29,037 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-03 01:57:29,044 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-03 01:57:29,045 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-03 01:57:29,047 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-03 01:57:29,049 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-03 01:57:29,050 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-03 01:57:29,052 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-03 01:57:29,057 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-03 01:57:29,064 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-03 01:57:29,065 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-03 01:57:29,066 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-03 01:57:29,068 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-03 01:57:29,075 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-03 01:57:29,076 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-03 01:57:29,076 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-03 01:57:29,078 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-03 01:57:29,079 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-03 01:57:29,080 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-03 01:57:29,080 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-03 01:57:29,081 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-03 01:57:29,083 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-03 01:57:29,085 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-03 01:57:29,086 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-03 01:57:29,086 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-03 01:57:29,087 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-03 01:57:29,087 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-03 01:57:29,087 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-03 01:57:29,088 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-03 01:57:29,089 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-03 01:57:29,090 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-03 01:57:29,136 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-03 01:57:29,136 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-03 01:57:29,137 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-03 01:57:29,137 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-03 01:57:29,138 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-03 01:57:29,138 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-03 01:57:29,139 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-03 01:57:29,139 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-03 01:57:29,139 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-03 01:57:29,139 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-03 01:57:29,141 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-03 01:57:29,141 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-03 01:57:29,141 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-03 01:57:29,142 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-03 01:57:29,142 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-03 01:57:29,142 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-03 01:57:29,142 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-03 01:57:29,143 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-03 01:57:29,143 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-03 01:57:29,144 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-03 01:57:29,144 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-03 01:57:29,144 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-03 01:57:29,144 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-03 01:57:29,145 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-03 01:57:29,145 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-03 01:57:29,145 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-03 01:57:29,145 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-03 01:57:29,146 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-03 01:57:29,146 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-03 01:57:29,146 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-03 01:57:29,146 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-03 01:57:29,147 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-03 01:57:29,147 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 01:57:29,147 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-03 01:57:29,148 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-03 01:57:29,148 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-03 01:57:29,148 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-03 01:57:29,148 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-03 01:57:29,149 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-03 01:57:29,149 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-03 01:57:29,149 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-03 01:57:29,149 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 603cfb64133b588a2e9c81e31ac984484d295feb0a468539180131e3ac5a47d6 [2022-11-03 01:57:29,399 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-03 01:57:29,420 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-03 01:57:29,423 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-03 01:57:29,424 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-03 01:57:29,440 INFO L275 PluginConnector]: CDTParser initialized [2022-11-03 01:57:29,442 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/../../sv-benchmarks/c/product-lines/minepump_spec5_product45.cil.c [2022-11-03 01:57:29,531 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/data/415c1d152/449afb6e6b7c49389b23f7dbe12ad09d/FLAG9b225c748 [2022-11-03 01:57:30,140 INFO L306 CDTParser]: Found 1 translation units. [2022-11-03 01:57:30,140 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/sv-benchmarks/c/product-lines/minepump_spec5_product45.cil.c [2022-11-03 01:57:30,151 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/data/415c1d152/449afb6e6b7c49389b23f7dbe12ad09d/FLAG9b225c748 [2022-11-03 01:57:30,419 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/data/415c1d152/449afb6e6b7c49389b23f7dbe12ad09d [2022-11-03 01:57:30,421 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-03 01:57:30,423 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-03 01:57:30,424 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-03 01:57:30,425 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-03 01:57:30,428 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-03 01:57:30,429 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 01:57:30" (1/1) ... [2022-11-03 01:57:30,430 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@237bad84 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:57:30, skipping insertion in model container [2022-11-03 01:57:30,430 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 01:57:30" (1/1) ... [2022-11-03 01:57:30,440 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-03 01:57:30,492 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-03 01:57:30,776 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/sv-benchmarks/c/product-lines/minepump_spec5_product45.cil.c[3064,3077] [2022-11-03 01:57:30,902 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 01:57:30,912 INFO L203 MainTranslator]: Completed pre-run [2022-11-03 01:57:30,931 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/sv-benchmarks/c/product-lines/minepump_spec5_product45.cil.c[3064,3077] [2022-11-03 01:57:30,974 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 01:57:30,990 INFO L208 MainTranslator]: Completed translation [2022-11-03 01:57:30,990 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:57:30 WrapperNode [2022-11-03 01:57:30,991 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-03 01:57:30,992 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-03 01:57:30,992 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-03 01:57:30,992 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-03 01:57:31,000 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:57:30" (1/1) ... [2022-11-03 01:57:31,014 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:57:30" (1/1) ... [2022-11-03 01:57:31,061 INFO L138 Inliner]: procedures = 56, calls = 158, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 264 [2022-11-03 01:57:31,062 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-03 01:57:31,063 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-03 01:57:31,064 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-03 01:57:31,064 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-03 01:57:31,074 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:57:30" (1/1) ... [2022-11-03 01:57:31,074 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:57:30" (1/1) ... [2022-11-03 01:57:31,088 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:57:30" (1/1) ... [2022-11-03 01:57:31,089 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:57:30" (1/1) ... [2022-11-03 01:57:31,100 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:57:30" (1/1) ... [2022-11-03 01:57:31,114 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:57:30" (1/1) ... [2022-11-03 01:57:31,115 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:57:30" (1/1) ... [2022-11-03 01:57:31,116 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:57:30" (1/1) ... [2022-11-03 01:57:31,122 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-03 01:57:31,123 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-03 01:57:31,123 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-03 01:57:31,123 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-03 01:57:31,124 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:57:30" (1/1) ... [2022-11-03 01:57:31,132 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 01:57:31,144 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 01:57:31,160 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-03 01:57:31,194 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-03 01:57:31,213 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-03 01:57:31,213 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-03 01:57:31,213 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-03 01:57:31,214 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-03 01:57:31,214 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-03 01:57:31,214 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-03 01:57:31,214 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-03 01:57:31,214 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-03 01:57:31,215 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-03 01:57:31,215 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2022-11-03 01:57:31,215 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2022-11-03 01:57:31,215 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-11-03 01:57:31,215 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-11-03 01:57:31,215 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2022-11-03 01:57:31,216 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2022-11-03 01:57:31,216 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-03 01:57:31,216 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-03 01:57:31,216 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-03 01:57:31,216 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-03 01:57:31,216 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-03 01:57:31,325 INFO L235 CfgBuilder]: Building ICFG [2022-11-03 01:57:31,327 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-03 01:57:31,751 INFO L276 CfgBuilder]: Performing block encoding [2022-11-03 01:57:31,897 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-03 01:57:31,898 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-03 01:57:31,900 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 01:57:31 BoogieIcfgContainer [2022-11-03 01:57:31,901 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-03 01:57:31,904 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-03 01:57:31,904 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-03 01:57:31,909 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-03 01:57:31,909 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.11 01:57:30" (1/3) ... [2022-11-03 01:57:31,911 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@10c53538 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 01:57:31, skipping insertion in model container [2022-11-03 01:57:31,911 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 01:57:30" (2/3) ... [2022-11-03 01:57:31,912 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@10c53538 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 01:57:31, skipping insertion in model container [2022-11-03 01:57:31,912 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 01:57:31" (3/3) ... [2022-11-03 01:57:31,913 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product45.cil.c [2022-11-03 01:57:31,934 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-03 01:57:31,934 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-03 01:57:32,010 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-03 01:57:32,028 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@1dc31f42, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-03 01:57:32,028 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-03 01:57:32,033 INFO L276 IsEmpty]: Start isEmpty. Operand has 64 states, 40 states have (on average 1.4) internal successors, (56), 48 states have internal predecessors, (56), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 12 states have call predecessors, (14), 14 states have call successors, (14) [2022-11-03 01:57:32,043 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2022-11-03 01:57:32,043 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:57:32,044 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:57:32,044 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:57:32,050 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:57:32,050 INFO L85 PathProgramCache]: Analyzing trace with hash -1911075339, now seen corresponding path program 1 times [2022-11-03 01:57:32,061 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:57:32,061 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [193367585] [2022-11-03 01:57:32,061 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:57:32,062 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:57:32,205 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:57:32,340 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 01:57:32,341 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:57:32,341 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [193367585] [2022-11-03 01:57:32,342 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [193367585] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 01:57:32,342 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 01:57:32,343 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-03 01:57:32,344 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1078275528] [2022-11-03 01:57:32,345 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 01:57:32,350 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-03 01:57:32,350 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:57:32,385 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-03 01:57:32,387 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 01:57:32,390 INFO L87 Difference]: Start difference. First operand has 64 states, 40 states have (on average 1.4) internal successors, (56), 48 states have internal predecessors, (56), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 12 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 01:57:32,486 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:57:32,486 INFO L93 Difference]: Finished difference Result 126 states and 169 transitions. [2022-11-03 01:57:32,489 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-03 01:57:32,490 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 21 [2022-11-03 01:57:32,491 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:57:32,499 INFO L225 Difference]: With dead ends: 126 [2022-11-03 01:57:32,500 INFO L226 Difference]: Without dead ends: 59 [2022-11-03 01:57:32,503 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 01:57:32,507 INFO L413 NwaCegarLoop]: 64 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 64 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 01:57:32,508 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 64 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 01:57:32,528 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 59 states. [2022-11-03 01:57:32,562 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 59 to 59. [2022-11-03 01:57:32,577 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 59 states, 37 states have (on average 1.2972972972972974) internal successors, (48), 44 states have internal predecessors, (48), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 11 states have call predecessors, (13), 13 states have call successors, (13) [2022-11-03 01:57:32,579 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 59 states to 59 states and 75 transitions. [2022-11-03 01:57:32,581 INFO L78 Accepts]: Start accepts. Automaton has 59 states and 75 transitions. Word has length 21 [2022-11-03 01:57:32,590 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:57:32,591 INFO L495 AbstractCegarLoop]: Abstraction has 59 states and 75 transitions. [2022-11-03 01:57:32,591 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 01:57:32,591 INFO L276 IsEmpty]: Start isEmpty. Operand 59 states and 75 transitions. [2022-11-03 01:57:32,593 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2022-11-03 01:57:32,594 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:57:32,594 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:57:32,594 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-03 01:57:32,595 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:57:32,595 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:57:32,610 INFO L85 PathProgramCache]: Analyzing trace with hash 1425674059, now seen corresponding path program 1 times [2022-11-03 01:57:32,610 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:57:32,611 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [623306429] [2022-11-03 01:57:32,611 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:57:32,611 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:57:32,668 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:57:32,774 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 01:57:32,774 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:57:32,775 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [623306429] [2022-11-03 01:57:32,775 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [623306429] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 01:57:32,775 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 01:57:32,775 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 01:57:32,776 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2131481825] [2022-11-03 01:57:32,776 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 01:57:32,777 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 01:57:32,777 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:57:32,778 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 01:57:32,778 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 01:57:32,779 INFO L87 Difference]: Start difference. First operand 59 states and 75 transitions. Second operand has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-03 01:57:32,828 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:57:32,828 INFO L93 Difference]: Finished difference Result 116 states and 151 transitions. [2022-11-03 01:57:32,829 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 01:57:32,829 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 24 [2022-11-03 01:57:32,830 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:57:32,836 INFO L225 Difference]: With dead ends: 116 [2022-11-03 01:57:32,837 INFO L226 Difference]: Without dead ends: 59 [2022-11-03 01:57:32,838 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 01:57:32,839 INFO L413 NwaCegarLoop]: 58 mSDtfsCounter, 62 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 16 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 62 SdHoareTripleChecker+Valid, 58 SdHoareTripleChecker+Invalid, 16 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 16 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-03 01:57:32,840 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [62 Valid, 58 Invalid, 16 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 16 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-03 01:57:32,841 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 59 states. [2022-11-03 01:57:32,858 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 59 to 59. [2022-11-03 01:57:32,859 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 59 states, 37 states have (on average 1.2702702702702702) internal successors, (47), 44 states have internal predecessors, (47), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 11 states have call predecessors, (13), 13 states have call successors, (13) [2022-11-03 01:57:32,866 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 59 states to 59 states and 74 transitions. [2022-11-03 01:57:32,866 INFO L78 Accepts]: Start accepts. Automaton has 59 states and 74 transitions. Word has length 24 [2022-11-03 01:57:32,868 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:57:32,870 INFO L495 AbstractCegarLoop]: Abstraction has 59 states and 74 transitions. [2022-11-03 01:57:32,870 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-03 01:57:32,871 INFO L276 IsEmpty]: Start isEmpty. Operand 59 states and 74 transitions. [2022-11-03 01:57:32,874 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2022-11-03 01:57:32,875 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:57:32,875 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:57:32,875 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-03 01:57:32,875 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:57:32,876 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:57:32,876 INFO L85 PathProgramCache]: Analyzing trace with hash 149706667, now seen corresponding path program 1 times [2022-11-03 01:57:32,876 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:57:32,876 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1317658548] [2022-11-03 01:57:32,876 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:57:32,877 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:57:32,918 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:57:33,061 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 01:57:33,062 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:57:33,062 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1317658548] [2022-11-03 01:57:33,062 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1317658548] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 01:57:33,063 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 01:57:33,063 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 01:57:33,063 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1520535983] [2022-11-03 01:57:33,063 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 01:57:33,064 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 01:57:33,064 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:57:33,064 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 01:57:33,065 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 01:57:33,065 INFO L87 Difference]: Start difference. First operand 59 states and 74 transitions. Second operand has 3 states, 3 states have (on average 7.666666666666667) internal successors, (23), 3 states have internal predecessors, (23), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-03 01:57:33,142 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:57:33,143 INFO L93 Difference]: Finished difference Result 163 states and 215 transitions. [2022-11-03 01:57:33,143 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 01:57:33,143 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.666666666666667) internal successors, (23), 3 states have internal predecessors, (23), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 31 [2022-11-03 01:57:33,144 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:57:33,145 INFO L225 Difference]: With dead ends: 163 [2022-11-03 01:57:33,146 INFO L226 Difference]: Without dead ends: 106 [2022-11-03 01:57:33,147 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 01:57:33,148 INFO L413 NwaCegarLoop]: 76 mSDtfsCounter, 53 mSDsluCounter, 60 mSDsCounter, 0 mSdLazyCounter, 29 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 53 SdHoareTripleChecker+Valid, 128 SdHoareTripleChecker+Invalid, 33 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 29 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 01:57:33,149 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [53 Valid, 128 Invalid, 33 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 29 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 01:57:33,150 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 106 states. [2022-11-03 01:57:33,167 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 106 to 104. [2022-11-03 01:57:33,168 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 104 states, 67 states have (on average 1.2388059701492538) internal successors, (83), 74 states have internal predecessors, (83), 22 states have call successors, (22), 16 states have call predecessors, (22), 14 states have return successors, (28), 20 states have call predecessors, (28), 20 states have call successors, (28) [2022-11-03 01:57:33,170 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 104 states to 104 states and 133 transitions. [2022-11-03 01:57:33,170 INFO L78 Accepts]: Start accepts. Automaton has 104 states and 133 transitions. Word has length 31 [2022-11-03 01:57:33,171 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:57:33,171 INFO L495 AbstractCegarLoop]: Abstraction has 104 states and 133 transitions. [2022-11-03 01:57:33,171 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.666666666666667) internal successors, (23), 3 states have internal predecessors, (23), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-03 01:57:33,171 INFO L276 IsEmpty]: Start isEmpty. Operand 104 states and 133 transitions. [2022-11-03 01:57:33,172 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-11-03 01:57:33,172 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:57:33,173 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:57:33,173 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-03 01:57:33,173 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:57:33,174 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:57:33,174 INFO L85 PathProgramCache]: Analyzing trace with hash -924075518, now seen corresponding path program 1 times [2022-11-03 01:57:33,174 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:57:33,174 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1380650525] [2022-11-03 01:57:33,174 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:57:33,175 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:57:33,187 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:57:33,231 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 01:57:33,231 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:57:33,232 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1380650525] [2022-11-03 01:57:33,232 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1380650525] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 01:57:33,232 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 01:57:33,232 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 01:57:33,232 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1191323836] [2022-11-03 01:57:33,233 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 01:57:33,233 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 01:57:33,233 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:57:33,234 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 01:57:33,234 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 01:57:33,234 INFO L87 Difference]: Start difference. First operand 104 states and 133 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 2 states have call successors, (6), 2 states have call predecessors, (6), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-03 01:57:33,295 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:57:33,295 INFO L93 Difference]: Finished difference Result 164 states and 204 transitions. [2022-11-03 01:57:33,296 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 01:57:33,296 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 2 states have call successors, (6), 2 states have call predecessors, (6), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) Word has length 33 [2022-11-03 01:57:33,297 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:57:33,298 INFO L225 Difference]: With dead ends: 164 [2022-11-03 01:57:33,298 INFO L226 Difference]: Without dead ends: 88 [2022-11-03 01:57:33,299 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 01:57:33,301 INFO L413 NwaCegarLoop]: 49 mSDtfsCounter, 7 mSDsluCounter, 51 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 10 SdHoareTripleChecker+Valid, 89 SdHoareTripleChecker+Invalid, 25 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-03 01:57:33,301 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [10 Valid, 89 Invalid, 25 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-03 01:57:33,302 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 88 states. [2022-11-03 01:57:33,332 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 88 to 88. [2022-11-03 01:57:33,333 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 88 states, 57 states have (on average 1.2456140350877194) internal successors, (71), 64 states have internal predecessors, (71), 16 states have call successors, (16), 14 states have call predecessors, (16), 14 states have return successors, (20), 16 states have call predecessors, (20), 16 states have call successors, (20) [2022-11-03 01:57:33,334 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 88 states to 88 states and 107 transitions. [2022-11-03 01:57:33,334 INFO L78 Accepts]: Start accepts. Automaton has 88 states and 107 transitions. Word has length 33 [2022-11-03 01:57:33,335 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:57:33,335 INFO L495 AbstractCegarLoop]: Abstraction has 88 states and 107 transitions. [2022-11-03 01:57:33,338 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 2 states have call successors, (6), 2 states have call predecessors, (6), 1 states have return successors, (4), 2 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-03 01:57:33,338 INFO L276 IsEmpty]: Start isEmpty. Operand 88 states and 107 transitions. [2022-11-03 01:57:33,339 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2022-11-03 01:57:33,339 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:57:33,339 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:57:33,339 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-03 01:57:33,340 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:57:33,340 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:57:33,340 INFO L85 PathProgramCache]: Analyzing trace with hash -797057377, now seen corresponding path program 1 times [2022-11-03 01:57:33,340 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:57:33,341 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1865683333] [2022-11-03 01:57:33,341 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:57:33,341 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:57:33,372 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:57:33,591 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-03 01:57:33,591 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:57:33,592 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1865683333] [2022-11-03 01:57:33,592 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1865683333] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 01:57:33,593 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 01:57:33,593 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-11-03 01:57:33,594 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1354993299] [2022-11-03 01:57:33,598 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 01:57:33,601 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-11-03 01:57:33,601 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:57:33,601 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-11-03 01:57:33,602 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-11-03 01:57:33,603 INFO L87 Difference]: Start difference. First operand 88 states and 107 transitions. Second operand has 7 states, 6 states have (on average 4.333333333333333) internal successors, (26), 6 states have internal predecessors, (26), 2 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-03 01:57:34,016 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:57:34,017 INFO L93 Difference]: Finished difference Result 202 states and 249 transitions. [2022-11-03 01:57:34,017 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2022-11-03 01:57:34,021 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 4.333333333333333) internal successors, (26), 6 states have internal predecessors, (26), 2 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) Word has length 35 [2022-11-03 01:57:34,021 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:57:34,031 INFO L225 Difference]: With dead ends: 202 [2022-11-03 01:57:34,031 INFO L226 Difference]: Without dead ends: 116 [2022-11-03 01:57:34,032 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 25 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=53, Invalid=157, Unknown=0, NotChecked=0, Total=210 [2022-11-03 01:57:34,033 INFO L413 NwaCegarLoop]: 49 mSDtfsCounter, 63 mSDsluCounter, 209 mSDsCounter, 0 mSdLazyCounter, 237 mSolverCounterSat, 37 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 70 SdHoareTripleChecker+Valid, 220 SdHoareTripleChecker+Invalid, 274 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 37 IncrementalHoareTripleChecker+Valid, 237 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-03 01:57:34,034 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [70 Valid, 220 Invalid, 274 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [37 Valid, 237 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-03 01:57:34,035 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 116 states. [2022-11-03 01:57:34,055 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 116 to 106. [2022-11-03 01:57:34,063 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 106 states, 70 states have (on average 1.2285714285714286) internal successors, (86), 77 states have internal predecessors, (86), 18 states have call successors, (18), 14 states have call predecessors, (18), 17 states have return successors, (25), 19 states have call predecessors, (25), 18 states have call successors, (25) [2022-11-03 01:57:34,065 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 106 states to 106 states and 129 transitions. [2022-11-03 01:57:34,065 INFO L78 Accepts]: Start accepts. Automaton has 106 states and 129 transitions. Word has length 35 [2022-11-03 01:57:34,066 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:57:34,066 INFO L495 AbstractCegarLoop]: Abstraction has 106 states and 129 transitions. [2022-11-03 01:57:34,066 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 6 states have (on average 4.333333333333333) internal successors, (26), 6 states have internal predecessors, (26), 2 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 2 states have call successors, (4) [2022-11-03 01:57:34,067 INFO L276 IsEmpty]: Start isEmpty. Operand 106 states and 129 transitions. [2022-11-03 01:57:34,070 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 37 [2022-11-03 01:57:34,070 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:57:34,071 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:57:34,071 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-03 01:57:34,071 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:57:34,072 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:57:34,072 INFO L85 PathProgramCache]: Analyzing trace with hash 2003657004, now seen corresponding path program 1 times [2022-11-03 01:57:34,072 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:57:34,072 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [17086478] [2022-11-03 01:57:34,073 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:57:34,073 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:57:34,096 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:57:34,484 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 01:57:34,485 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:57:34,485 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [17086478] [2022-11-03 01:57:34,485 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [17086478] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 01:57:34,485 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 01:57:34,486 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-11-03 01:57:34,486 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [847312159] [2022-11-03 01:57:34,486 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 01:57:34,486 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-11-03 01:57:34,487 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:57:34,488 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-11-03 01:57:34,488 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2022-11-03 01:57:34,489 INFO L87 Difference]: Start difference. First operand 106 states and 129 transitions. Second operand has 7 states, 7 states have (on average 3.7142857142857144) internal successors, (26), 7 states have internal predecessors, (26), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-03 01:57:34,748 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:57:34,748 INFO L93 Difference]: Finished difference Result 278 states and 340 transitions. [2022-11-03 01:57:34,749 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-11-03 01:57:34,749 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 3.7142857142857144) internal successors, (26), 7 states have internal predecessors, (26), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) Word has length 36 [2022-11-03 01:57:34,749 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:57:34,754 INFO L225 Difference]: With dead ends: 278 [2022-11-03 01:57:34,755 INFO L226 Difference]: Without dead ends: 174 [2022-11-03 01:57:34,755 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=35, Unknown=0, NotChecked=0, Total=56 [2022-11-03 01:57:34,765 INFO L413 NwaCegarLoop]: 81 mSDtfsCounter, 78 mSDsluCounter, 261 mSDsCounter, 0 mSdLazyCounter, 208 mSolverCounterSat, 10 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 79 SdHoareTripleChecker+Valid, 301 SdHoareTripleChecker+Invalid, 218 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 10 IncrementalHoareTripleChecker+Valid, 208 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-03 01:57:34,767 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [79 Valid, 301 Invalid, 218 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [10 Valid, 208 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-03 01:57:34,771 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 174 states. [2022-11-03 01:57:34,809 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 174 to 168. [2022-11-03 01:57:34,810 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 168 states, 109 states have (on average 1.201834862385321) internal successors, (131), 120 states have internal predecessors, (131), 31 states have call successors, (31), 26 states have call predecessors, (31), 27 states have return successors, (42), 29 states have call predecessors, (42), 31 states have call successors, (42) [2022-11-03 01:57:34,813 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 168 states to 168 states and 204 transitions. [2022-11-03 01:57:34,814 INFO L78 Accepts]: Start accepts. Automaton has 168 states and 204 transitions. Word has length 36 [2022-11-03 01:57:34,815 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:57:34,816 INFO L495 AbstractCegarLoop]: Abstraction has 168 states and 204 transitions. [2022-11-03 01:57:34,816 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 3.7142857142857144) internal successors, (26), 7 states have internal predecessors, (26), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-03 01:57:34,816 INFO L276 IsEmpty]: Start isEmpty. Operand 168 states and 204 transitions. [2022-11-03 01:57:34,821 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 40 [2022-11-03 01:57:34,821 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:57:34,822 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:57:34,822 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-03 01:57:34,822 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:57:34,823 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:57:34,823 INFO L85 PathProgramCache]: Analyzing trace with hash -1526016149, now seen corresponding path program 1 times [2022-11-03 01:57:34,823 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:57:34,823 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [894051160] [2022-11-03 01:57:34,823 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:57:34,824 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:57:34,856 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:57:35,110 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 01:57:35,110 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:57:35,110 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [894051160] [2022-11-03 01:57:35,111 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [894051160] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 01:57:35,112 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 01:57:35,112 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-11-03 01:57:35,112 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [967898849] [2022-11-03 01:57:35,112 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 01:57:35,112 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-03 01:57:35,113 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:57:35,113 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-03 01:57:35,114 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=39, Unknown=0, NotChecked=0, Total=56 [2022-11-03 01:57:35,114 INFO L87 Difference]: Start difference. First operand 168 states and 204 transitions. Second operand has 8 states, 7 states have (on average 3.857142857142857) internal successors, (27), 7 states have internal predecessors, (27), 5 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 4 states have call predecessors, (5), 5 states have call successors, (5) [2022-11-03 01:57:35,596 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:57:35,597 INFO L93 Difference]: Finished difference Result 421 states and 531 transitions. [2022-11-03 01:57:35,597 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2022-11-03 01:57:35,597 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 3.857142857142857) internal successors, (27), 7 states have internal predecessors, (27), 5 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 4 states have call predecessors, (5), 5 states have call successors, (5) Word has length 39 [2022-11-03 01:57:35,598 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:57:35,601 INFO L225 Difference]: With dead ends: 421 [2022-11-03 01:57:35,601 INFO L226 Difference]: Without dead ends: 303 [2022-11-03 01:57:35,602 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 29 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=67, Invalid=143, Unknown=0, NotChecked=0, Total=210 [2022-11-03 01:57:35,606 INFO L413 NwaCegarLoop]: 73 mSDtfsCounter, 203 mSDsluCounter, 176 mSDsCounter, 0 mSdLazyCounter, 272 mSolverCounterSat, 99 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 209 SdHoareTripleChecker+Valid, 222 SdHoareTripleChecker+Invalid, 371 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 99 IncrementalHoareTripleChecker+Valid, 272 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-03 01:57:35,606 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [209 Valid, 222 Invalid, 371 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [99 Valid, 272 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-03 01:57:35,608 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 303 states. [2022-11-03 01:57:35,666 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 303 to 250. [2022-11-03 01:57:35,667 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 250 states, 166 states have (on average 1.2108433734939759) internal successors, (201), 182 states have internal predecessors, (201), 44 states have call successors, (44), 33 states have call predecessors, (44), 39 states have return successors, (61), 46 states have call predecessors, (61), 44 states have call successors, (61) [2022-11-03 01:57:35,669 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 250 states to 250 states and 306 transitions. [2022-11-03 01:57:35,669 INFO L78 Accepts]: Start accepts. Automaton has 250 states and 306 transitions. Word has length 39 [2022-11-03 01:57:35,669 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:57:35,670 INFO L495 AbstractCegarLoop]: Abstraction has 250 states and 306 transitions. [2022-11-03 01:57:35,670 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 3.857142857142857) internal successors, (27), 7 states have internal predecessors, (27), 5 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 4 states have call predecessors, (5), 5 states have call successors, (5) [2022-11-03 01:57:35,670 INFO L276 IsEmpty]: Start isEmpty. Operand 250 states and 306 transitions. [2022-11-03 01:57:35,672 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 69 [2022-11-03 01:57:35,672 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:57:35,672 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:57:35,673 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-03 01:57:35,673 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:57:35,673 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:57:35,673 INFO L85 PathProgramCache]: Analyzing trace with hash 41164400, now seen corresponding path program 1 times [2022-11-03 01:57:35,674 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:57:35,674 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [102365188] [2022-11-03 01:57:35,674 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:57:35,674 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:57:35,720 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:57:35,901 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 15 proven. 1 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2022-11-03 01:57:35,902 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:57:35,906 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [102365188] [2022-11-03 01:57:35,906 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [102365188] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 01:57:35,907 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [86844607] [2022-11-03 01:57:35,907 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:57:35,907 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 01:57:35,907 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 01:57:35,914 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 01:57:35,930 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-03 01:57:36,061 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:57:36,065 INFO L263 TraceCheckSpWp]: Trace formula consists of 476 conjuncts, 22 conjunts are in the unsatisfiable core [2022-11-03 01:57:36,071 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 01:57:36,237 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 30 proven. 1 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 01:57:36,237 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 01:57:36,435 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 15 proven. 1 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2022-11-03 01:57:36,436 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [86844607] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 01:57:36,436 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2015177227] [2022-11-03 01:57:36,459 INFO L159 IcfgInterpreter]: Started Sifa with 40 locations of interest [2022-11-03 01:57:36,459 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 01:57:36,463 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 01:57:36,469 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 01:57:36,469 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 01:57:48,389 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 320 for LOIs [2022-11-03 01:57:48,474 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 52 for LOIs [2022-11-03 01:57:49,101 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 25 for LOIs [2022-11-03 01:57:49,103 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__methaneQuery with input of size 26 for LOIs [2022-11-03 01:57:49,220 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneAlarm with input of size 28 for LOIs [2022-11-03 01:57:49,222 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 01:58:04,346 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '4077#(and (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1|) (= |timeShift_getWaterLevel_~retValue_acc~1#1| ~waterLevel~0) (= ~head~0.offset 0) (<= |#NULL.offset| 0) (= 1 ~systemActive~0) (= |old(~pumpRunning~0)| 0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| |timeShift_getWaterLevel_#res#1|) (<= ~methaneLevelCritical~0 0) (<= 0 ~head~0.base) (<= 0 ~methaneLevelCritical~0) (= |old(~waterLevel~0)| ~waterLevel~0) (<= 2 |timeShift_getWaterLevel_#res#1|) (<= ~head~0.base 0) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~3#1| 2)) (<= 0 |#NULL.offset|) (= |timeShift___utac_acc__Specification5_spec__3_~tmp~3#1| |timeShift_getWaterLevel_#res#1|) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (<= |timeShift_getWaterLevel_~retValue_acc~1#1| 2147483647) (= ~pumpRunning~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0) (= |old(~switchedOnBeforeTS~0)| 0))' at error location [2022-11-03 01:58:04,346 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 01:58:04,346 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 01:58:04,346 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [6, 6, 6] total 8 [2022-11-03 01:58:04,346 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [191151172] [2022-11-03 01:58:04,347 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 01:58:04,347 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-03 01:58:04,347 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:58:04,348 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-03 01:58:04,348 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=171, Invalid=1311, Unknown=0, NotChecked=0, Total=1482 [2022-11-03 01:58:04,349 INFO L87 Difference]: Start difference. First operand 250 states and 306 transitions. Second operand has 8 states, 8 states have (on average 6.75) internal successors, (54), 8 states have internal predecessors, (54), 3 states have call successors, (13), 3 states have call predecessors, (13), 3 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2022-11-03 01:58:04,917 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:58:04,917 INFO L93 Difference]: Finished difference Result 800 states and 1008 transitions. [2022-11-03 01:58:04,918 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-11-03 01:58:04,918 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 6.75) internal successors, (54), 8 states have internal predecessors, (54), 3 states have call successors, (13), 3 states have call predecessors, (13), 3 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) Word has length 68 [2022-11-03 01:58:04,918 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:58:04,922 INFO L225 Difference]: With dead ends: 800 [2022-11-03 01:58:04,922 INFO L226 Difference]: Without dead ends: 552 [2022-11-03 01:58:04,924 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 216 GetRequests, 171 SyntacticMatches, 3 SemanticMatches, 42 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 580 ImplicationChecksByTransitivity, 15.3s TimeCoverageRelationStatistics Valid=212, Invalid=1680, Unknown=0, NotChecked=0, Total=1892 [2022-11-03 01:58:04,925 INFO L413 NwaCegarLoop]: 108 mSDtfsCounter, 174 mSDsluCounter, 362 mSDsCounter, 0 mSdLazyCounter, 303 mSolverCounterSat, 103 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 175 SdHoareTripleChecker+Valid, 401 SdHoareTripleChecker+Invalid, 406 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 103 IncrementalHoareTripleChecker+Valid, 303 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-03 01:58:04,925 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [175 Valid, 401 Invalid, 406 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [103 Valid, 303 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-03 01:58:04,926 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 552 states. [2022-11-03 01:58:04,980 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 552 to 410. [2022-11-03 01:58:04,983 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 410 states, 268 states have (on average 1.1828358208955223) internal successors, (317), 297 states have internal predecessors, (317), 70 states have call successors, (70), 59 states have call predecessors, (70), 71 states have return successors, (120), 71 states have call predecessors, (120), 70 states have call successors, (120) [2022-11-03 01:58:04,987 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 410 states to 410 states and 507 transitions. [2022-11-03 01:58:04,987 INFO L78 Accepts]: Start accepts. Automaton has 410 states and 507 transitions. Word has length 68 [2022-11-03 01:58:04,989 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:58:04,990 INFO L495 AbstractCegarLoop]: Abstraction has 410 states and 507 transitions. [2022-11-03 01:58:04,990 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 6.75) internal successors, (54), 8 states have internal predecessors, (54), 3 states have call successors, (13), 3 states have call predecessors, (13), 3 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2022-11-03 01:58:04,990 INFO L276 IsEmpty]: Start isEmpty. Operand 410 states and 507 transitions. [2022-11-03 01:58:04,992 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 72 [2022-11-03 01:58:04,992 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:58:04,992 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:58:05,032 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-03 01:58:05,214 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable7 [2022-11-03 01:58:05,214 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:58:05,215 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:58:05,215 INFO L85 PathProgramCache]: Analyzing trace with hash -223573989, now seen corresponding path program 1 times [2022-11-03 01:58:05,215 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:58:05,215 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2056942982] [2022-11-03 01:58:05,215 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:58:05,215 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:58:05,240 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:58:05,487 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 1 proven. 20 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2022-11-03 01:58:05,487 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:58:05,487 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2056942982] [2022-11-03 01:58:05,491 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2056942982] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 01:58:05,491 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [116142228] [2022-11-03 01:58:05,491 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:58:05,491 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 01:58:05,491 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 01:58:05,495 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 01:58:05,518 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-03 01:58:05,609 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:58:05,611 INFO L263 TraceCheckSpWp]: Trace formula consists of 465 conjuncts, 13 conjunts are in the unsatisfiable core [2022-11-03 01:58:05,614 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 01:58:05,672 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 16 proven. 1 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2022-11-03 01:58:05,673 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 01:58:05,769 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 7 proven. 1 refuted. 0 times theorem prover too weak. 19 trivial. 0 not checked. [2022-11-03 01:58:05,769 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [116142228] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 01:58:05,769 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [661607622] [2022-11-03 01:58:05,777 INFO L159 IcfgInterpreter]: Started Sifa with 47 locations of interest [2022-11-03 01:58:05,777 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 01:58:05,777 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 01:58:05,778 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 01:58:05,778 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 01:58:14,779 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 321 for LOIs [2022-11-03 01:58:14,881 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 53 for LOIs [2022-11-03 01:58:15,615 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 26 for LOIs [2022-11-03 01:58:15,617 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__methaneQuery with input of size 63 for LOIs [2022-11-03 01:58:16,060 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneAlarm with input of size 48 for LOIs [2022-11-03 01:58:16,067 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 32 for LOIs [2022-11-03 01:58:16,070 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 01:58:30,190 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '6392#(and (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1| 0)) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1|) (= |timeShift_getWaterLevel_~retValue_acc~1#1| ~waterLevel~0) (<= 0 (+ 2147483648 |old(~pumpRunning~0)|)) (= ~head~0.offset 0) (<= 1 ~systemActive~0) (<= |old(~switchedOnBeforeTS~0)| 2147483647) (<= |old(~pumpRunning~0)| 2147483647) (<= |#NULL.offset| 0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| |timeShift_getWaterLevel_#res#1|) (<= ~methaneLevelCritical~0 0) (<= 0 ~head~0.base) (<= 0 (+ |old(~switchedOnBeforeTS~0)| 2147483648)) (<= 0 ~methaneLevelCritical~0) (<= 0 (+ |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1| 2147483648)) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1| 2147483647) (<= 0 (+ |timeShift_getWaterLevel_~retValue_acc~1#1| 2147483648)) (<= ~head~0.base 0) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~3#1| 2)) (<= 0 |#NULL.offset|) (= |timeShift___utac_acc__Specification5_spec__3_~tmp~3#1| |timeShift_getWaterLevel_#res#1|) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (<= |timeShift_getWaterLevel_~retValue_acc~1#1| 2147483647) (<= ~systemActive~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 01:58:30,190 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 01:58:30,190 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 01:58:30,191 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 14 [2022-11-03 01:58:30,191 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1168544362] [2022-11-03 01:58:30,191 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 01:58:30,191 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2022-11-03 01:58:30,191 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:58:30,192 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2022-11-03 01:58:30,193 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=299, Invalid=2151, Unknown=0, NotChecked=0, Total=2450 [2022-11-03 01:58:30,193 INFO L87 Difference]: Start difference. First operand 410 states and 507 transitions. Second operand has 14 states, 12 states have (on average 5.916666666666667) internal successors, (71), 12 states have internal predecessors, (71), 5 states have call successors, (18), 3 states have call predecessors, (18), 6 states have return successors, (21), 7 states have call predecessors, (21), 5 states have call successors, (21) [2022-11-03 01:58:31,500 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:58:31,500 INFO L93 Difference]: Finished difference Result 781 states and 1002 transitions. [2022-11-03 01:58:31,502 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 31 states. [2022-11-03 01:58:31,503 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 12 states have (on average 5.916666666666667) internal successors, (71), 12 states have internal predecessors, (71), 5 states have call successors, (18), 3 states have call predecessors, (18), 6 states have return successors, (21), 7 states have call predecessors, (21), 5 states have call successors, (21) Word has length 71 [2022-11-03 01:58:31,503 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:58:31,506 INFO L225 Difference]: With dead ends: 781 [2022-11-03 01:58:31,506 INFO L226 Difference]: Without dead ends: 503 [2022-11-03 01:58:31,509 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 263 GetRequests, 189 SyntacticMatches, 1 SemanticMatches, 73 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1918 ImplicationChecksByTransitivity, 14.8s TimeCoverageRelationStatistics Valid=613, Invalid=4937, Unknown=0, NotChecked=0, Total=5550 [2022-11-03 01:58:31,510 INFO L413 NwaCegarLoop]: 83 mSDtfsCounter, 358 mSDsluCounter, 455 mSDsCounter, 0 mSdLazyCounter, 686 mSolverCounterSat, 233 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 363 SdHoareTripleChecker+Valid, 436 SdHoareTripleChecker+Invalid, 919 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 233 IncrementalHoareTripleChecker+Valid, 686 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2022-11-03 01:58:31,510 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [363 Valid, 436 Invalid, 919 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [233 Valid, 686 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2022-11-03 01:58:31,511 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 503 states. [2022-11-03 01:58:31,552 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 503 to 445. [2022-11-03 01:58:31,553 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 445 states, 291 states have (on average 1.1546391752577319) internal successors, (336), 321 states have internal predecessors, (336), 75 states have call successors, (75), 67 states have call predecessors, (75), 78 states have return successors, (118), 78 states have call predecessors, (118), 75 states have call successors, (118) [2022-11-03 01:58:31,555 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 445 states to 445 states and 529 transitions. [2022-11-03 01:58:31,556 INFO L78 Accepts]: Start accepts. Automaton has 445 states and 529 transitions. Word has length 71 [2022-11-03 01:58:31,556 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:58:31,556 INFO L495 AbstractCegarLoop]: Abstraction has 445 states and 529 transitions. [2022-11-03 01:58:31,557 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 12 states have (on average 5.916666666666667) internal successors, (71), 12 states have internal predecessors, (71), 5 states have call successors, (18), 3 states have call predecessors, (18), 6 states have return successors, (21), 7 states have call predecessors, (21), 5 states have call successors, (21) [2022-11-03 01:58:31,557 INFO L276 IsEmpty]: Start isEmpty. Operand 445 states and 529 transitions. [2022-11-03 01:58:31,558 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 98 [2022-11-03 01:58:31,559 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 01:58:31,559 INFO L195 NwaCegarLoop]: trace histogram [5, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:58:31,595 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-03 01:58:31,782 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 01:58:31,782 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 01:58:31,783 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 01:58:31,783 INFO L85 PathProgramCache]: Analyzing trace with hash 610013678, now seen corresponding path program 1 times [2022-11-03 01:58:31,783 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 01:58:31,783 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [942913371] [2022-11-03 01:58:31,783 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:58:31,783 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 01:58:31,804 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:58:32,967 INFO L134 CoverageAnalysis]: Checked inductivity of 84 backedges. 14 proven. 42 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2022-11-03 01:58:32,967 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 01:58:32,967 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [942913371] [2022-11-03 01:58:32,967 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [942913371] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 01:58:32,967 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [825922789] [2022-11-03 01:58:32,968 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 01:58:32,968 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 01:58:32,968 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 01:58:32,969 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 01:58:32,994 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-11-03 01:58:33,106 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 01:58:33,109 INFO L263 TraceCheckSpWp]: Trace formula consists of 574 conjuncts, 30 conjunts are in the unsatisfiable core [2022-11-03 01:58:33,113 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 01:58:33,418 INFO L134 CoverageAnalysis]: Checked inductivity of 84 backedges. 61 proven. 15 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-03 01:58:33,418 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 01:58:33,946 INFO L134 CoverageAnalysis]: Checked inductivity of 84 backedges. 51 proven. 5 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2022-11-03 01:58:33,947 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [825922789] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 01:58:33,947 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1944453394] [2022-11-03 01:58:33,949 INFO L159 IcfgInterpreter]: Started Sifa with 43 locations of interest [2022-11-03 01:58:33,949 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 01:58:33,950 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 01:58:33,950 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 01:58:33,950 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 01:58:41,793 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 324 for LOIs [2022-11-03 01:58:41,915 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 36 for LOIs [2022-11-03 01:58:42,340 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 29 for LOIs [2022-11-03 01:58:42,342 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__methaneQuery with input of size 28 for LOIs [2022-11-03 01:58:42,445 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneAlarm with input of size 57 for LOIs [2022-11-03 01:58:42,459 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 01:58:53,457 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '8966#(and (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1|) (= ~methaneLevelCritical~0 0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| ~waterLevel~0) (= ~head~0.offset 0) (<= |old(~switchedOnBeforeTS~0)| 2147483647) (= 1 ~systemActive~0) (= |old(~pumpRunning~0)| 0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| |timeShift_getWaterLevel_#res#1|) (<= 2 |old(~waterLevel~0)|) (<= 0 (+ |old(~switchedOnBeforeTS~0)| 2147483648)) (<= 2 |timeShift_getWaterLevel_#res#1|) (= ~head~0.base 0) (= |#NULL.offset| 0) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~3#1| 2)) (= |timeShift___utac_acc__Specification5_spec__3_~tmp~3#1| |timeShift_getWaterLevel_#res#1|) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (<= |timeShift_getWaterLevel_~retValue_acc~1#1| 2147483647) (= ~pumpRunning~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 01:58:53,457 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 01:58:53,457 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 01:58:53,457 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [22, 11, 11] total 34 [2022-11-03 01:58:53,457 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1095495432] [2022-11-03 01:58:53,457 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 01:58:53,458 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 34 states [2022-11-03 01:58:53,458 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 01:58:53,459 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 34 interpolants. [2022-11-03 01:58:53,460 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=490, Invalid=3932, Unknown=0, NotChecked=0, Total=4422 [2022-11-03 01:58:53,460 INFO L87 Difference]: Start difference. First operand 445 states and 529 transitions. Second operand has 34 states, 33 states have (on average 4.212121212121212) internal successors, (139), 33 states have internal predecessors, (139), 18 states have call successors, (31), 8 states have call predecessors, (31), 11 states have return successors, (30), 17 states have call predecessors, (30), 17 states have call successors, (30) [2022-11-03 01:58:58,462 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 01:58:58,462 INFO L93 Difference]: Finished difference Result 1011 states and 1223 transitions. [2022-11-03 01:58:58,462 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 73 states. [2022-11-03 01:58:58,463 INFO L78 Accepts]: Start accepts. Automaton has has 34 states, 33 states have (on average 4.212121212121212) internal successors, (139), 33 states have internal predecessors, (139), 18 states have call successors, (31), 8 states have call predecessors, (31), 11 states have return successors, (30), 17 states have call predecessors, (30), 17 states have call successors, (30) Word has length 97 [2022-11-03 01:58:58,463 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 01:58:58,464 INFO L225 Difference]: With dead ends: 1011 [2022-11-03 01:58:58,464 INFO L226 Difference]: Without dead ends: 0 [2022-11-03 01:58:58,475 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 408 GetRequests, 275 SyntacticMatches, 4 SemanticMatches, 129 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 6578 ImplicationChecksByTransitivity, 14.3s TimeCoverageRelationStatistics Valid=2283, Invalid=14747, Unknown=0, NotChecked=0, Total=17030 [2022-11-03 01:58:58,475 INFO L413 NwaCegarLoop]: 87 mSDtfsCounter, 1532 mSDsluCounter, 717 mSDsCounter, 0 mSdLazyCounter, 2042 mSolverCounterSat, 1136 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1539 SdHoareTripleChecker+Valid, 637 SdHoareTripleChecker+Invalid, 3178 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1136 IncrementalHoareTripleChecker+Valid, 2042 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.9s IncrementalHoareTripleChecker+Time [2022-11-03 01:58:58,476 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1539 Valid, 637 Invalid, 3178 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1136 Valid, 2042 Invalid, 0 Unknown, 0 Unchecked, 1.9s Time] [2022-11-03 01:58:58,476 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-03 01:58:58,477 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-03 01:58:58,477 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 01:58:58,477 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-03 01:58:58,477 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 97 [2022-11-03 01:58:58,477 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 01:58:58,478 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-03 01:58:58,478 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 34 states, 33 states have (on average 4.212121212121212) internal successors, (139), 33 states have internal predecessors, (139), 18 states have call successors, (31), 8 states have call predecessors, (31), 11 states have return successors, (30), 17 states have call predecessors, (30), 17 states have call successors, (30) [2022-11-03 01:58:58,478 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-03 01:58:58,478 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-03 01:58:58,481 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-03 01:58:58,536 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2022-11-03 01:58:58,702 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-03 01:58:58,704 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-03 01:59:04,749 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 610 616) no Hoare annotation was computed. [2022-11-03 01:59:04,749 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 610 616) the Hoare annotation is: true [2022-11-03 01:59:04,749 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 83 94) the Hoare annotation is: true [2022-11-03 01:59:04,749 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 83 94) no Hoare annotation was computed. [2022-11-03 01:59:04,750 INFO L899 garLoopResultBuilder]: For program point L897(lines 897 901) no Hoare annotation was computed. [2022-11-03 01:59:04,750 INFO L902 garLoopResultBuilder]: At program point L897-1(lines 897 901) the Hoare annotation is: true [2022-11-03 01:59:04,750 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 883 912) no Hoare annotation was computed. [2022-11-03 01:59:04,750 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 883 912) the Hoare annotation is: true [2022-11-03 01:59:04,750 INFO L902 garLoopResultBuilder]: At program point L893-2(lines 893 907) the Hoare annotation is: true [2022-11-03 01:59:04,750 INFO L902 garLoopResultBuilder]: At program point L889(line 889) the Hoare annotation is: true [2022-11-03 01:59:04,751 INFO L899 garLoopResultBuilder]: For program point L889-1(line 889) no Hoare annotation was computed. [2022-11-03 01:59:04,751 INFO L902 garLoopResultBuilder]: At program point L908(lines 883 912) the Hoare annotation is: true [2022-11-03 01:59:04,751 INFO L899 garLoopResultBuilder]: For program point L904(line 904) no Hoare annotation was computed. [2022-11-03 01:59:04,751 INFO L895 garLoopResultBuilder]: At program point L155(line 155) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) (not (<= |old(~waterLevel~0)| 1)) .cse0) (or .cse0 (not (= |old(~waterLevel~0)| 2))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (not (<= |old(~waterLevel~0)| 2))))) [2022-11-03 01:59:04,752 INFO L895 garLoopResultBuilder]: At program point L663(line 663) the Hoare annotation is: (let ((.cse1 (= ~pumpRunning~0 0)) (.cse0 (not (= 1 ~systemActive~0)))) (and (or .cse0 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse1) (not (= |old(~waterLevel~0)| 2))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and .cse1 (= |old(~waterLevel~0)| ~waterLevel~0) (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (not (<= |old(~waterLevel~0)| 2))) (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) (not (<= |old(~waterLevel~0)| 1)) .cse0 (= |old(~switchedOnBeforeTS~0)| 0)))) [2022-11-03 01:59:04,757 INFO L895 garLoopResultBuilder]: At program point L663-1(lines 644 668) the Hoare annotation is: (let ((.cse13 (not (= |old(~pumpRunning~0)| 0))) (.cse12 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse9 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse10 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse11 (or .cse13 .cse12))) (let ((.cse3 (and .cse9 .cse7 .cse10 .cse11)) (.cse4 (not (= |old(~waterLevel~0)| 2))) (.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse6 (not (= ~switchedOnBeforeTS~0 0))) (.cse5 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse2 (not (= 1 ~systemActive~0))) (.cse1 (= ~pumpRunning~0 0))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (let ((.cse8 (< 0 |old(~waterLevel~0)|))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse2 (and .cse6 .cse1 .cse7 .cse8) (and .cse9 .cse7 .cse8 .cse10) .cse5)) (or (and .cse6 .cse1 .cse7 .cse11) .cse2 .cse3 (and .cse12 (or .cse9 (= ~pumpRunning~0 1))) .cse4) (or .cse0 .cse2 (and .cse9 .cse12 .cse10) (not (<= |old(~waterLevel~0)| 0)) (and .cse6 .cse1 .cse12) .cse5) (or (not (<= |old(~waterLevel~0)| 1)) .cse13 .cse2 (and .cse1 .cse12 .cse10)))))) [2022-11-03 01:59:04,757 INFO L895 garLoopResultBuilder]: At program point L597-1(lines 597 603) the Hoare annotation is: (let ((.cse13 (not (= |old(~pumpRunning~0)| 0))) (.cse12 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse9 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse10 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse11 (or .cse13 .cse12))) (let ((.cse3 (and .cse9 .cse7 .cse10 .cse11)) (.cse4 (not (= |old(~waterLevel~0)| 2))) (.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse6 (not (= ~switchedOnBeforeTS~0 0))) (.cse5 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse2 (not (= 1 ~systemActive~0))) (.cse1 (= ~pumpRunning~0 0))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (let ((.cse8 (< 0 |old(~waterLevel~0)|))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse2 (and .cse6 .cse1 .cse7 .cse8) (and .cse9 .cse7 .cse8 .cse10) .cse5)) (or (and .cse6 .cse1 .cse7 .cse11) .cse2 .cse3 (and .cse12 (or .cse9 (= ~pumpRunning~0 1))) .cse4) (or .cse0 .cse2 (and .cse9 .cse12 .cse10) (not (<= |old(~waterLevel~0)| 0)) (and .cse6 .cse1 .cse12) .cse5) (or (not (<= |old(~waterLevel~0)| 1)) .cse13 .cse2 (and .cse1 .cse12 .cse10)))))) [2022-11-03 01:59:04,758 INFO L895 garLoopResultBuilder]: At program point L556(line 556) the Hoare annotation is: (let ((.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= ~switchedOnBeforeTS~0 0))) (.cse2 (= ~pumpRunning~0 0)) (.cse6 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse9 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse4 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~3#1| ~waterLevel~0)) (.cse7 (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (and (let ((.cse3 (let ((.cse8 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse8) (= |old(~waterLevel~0)| ~waterLevel~0)) (and .cse9 .cse8))))) (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) .cse0 (and .cse1 .cse2 .cse3 .cse4) .cse5 (and .cse6 .cse3 .cse4 .cse7) (= |old(~switchedOnBeforeTS~0)| 0))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and .cse2 .cse4 .cse7 (= |old(~waterLevel~0)| |timeShift___utac_acc__Specification5_spec__3_~tmp~3#1|)) .cse5) (or .cse0 (and .cse1 .cse2 .cse9 .cse4) (and .cse6 .cse9 .cse4 .cse7) (not (= |old(~waterLevel~0)| 2))))) [2022-11-03 01:59:04,758 INFO L899 garLoopResultBuilder]: For program point L556-1(line 556) no Hoare annotation was computed. [2022-11-03 01:59:04,758 INFO L899 garLoopResultBuilder]: For program point L590-2(lines 586 608) no Hoare annotation was computed. [2022-11-03 01:59:04,758 INFO L895 garLoopResultBuilder]: At program point L652(lines 652 660) the Hoare annotation is: (let ((.cse1 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse3 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse0 (not (= 1 ~systemActive~0))) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) .cse0 (and .cse1 (let ((.cse2 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse2) (= |old(~waterLevel~0)| ~waterLevel~0)) (and .cse3 .cse2))) .cse4) .cse5) (or (and .cse1 .cse3 .cse4) .cse0 (not (= |old(~waterLevel~0)| 2))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse5))) [2022-11-03 01:59:04,758 INFO L899 garLoopResultBuilder]: For program point L648(lines 648 665) no Hoare annotation was computed. [2022-11-03 01:59:04,759 INFO L895 garLoopResultBuilder]: At program point L541(line 541) the Hoare annotation is: (let ((.cse3 (not (= |old(~waterLevel~0)| 2))) (.cse5 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse0 (not (= ~switchedOnBeforeTS~0 0))) (.cse6 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (= |old(~switchedOnBeforeTS~0)| 0))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse2 (and .cse5 .cse6) .cse3) (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) .cse2 (and .cse5 .cse6 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (not (<= |old(~waterLevel~0)| 2))) (or (not (<= |old(~waterLevel~0)| 1)) .cse1 .cse2 (and .cse0 (= ~pumpRunning~0 0) .cse6) .cse4))) [2022-11-03 01:59:04,759 INFO L895 garLoopResultBuilder]: At program point L541-1(line 541) the Hoare annotation is: (let ((.cse8 (= 1 ~systemActive~0))) (let ((.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse3 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse4 (not (<= |old(~waterLevel~0)| 2))) (.cse1 (not .cse8)) (.cse7 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse5 (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__2_#t~ret32#1|)) (.cse6 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse2 (not (= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1 .cse3) (or (not (= |old(~pumpRunning~0)| 0)) .cse1 .cse4 (and (= ~pumpRunning~0 0) .cse5 .cse6)) (or .cse0 .cse1 (and .cse7 .cse5 .cse8 .cse6 .cse3) .cse4 (= |old(~switchedOnBeforeTS~0)| 0)) (or .cse1 (and .cse7 .cse5 .cse8 .cse6) .cse2)))) [2022-11-03 01:59:04,759 INFO L899 garLoopResultBuilder]: For program point L558(lines 558 568) no Hoare annotation was computed. [2022-11-03 01:59:04,759 INFO L899 garLoopResultBuilder]: For program point L554(lines 554 571) no Hoare annotation was computed. [2022-11-03 01:59:04,760 INFO L895 garLoopResultBuilder]: At program point L554-1(lines 546 574) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse10 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse11 (not (= ~switchedOnBeforeTS~0 0))) (.cse3 (= ~pumpRunning~0 0)) (.cse14 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse5 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse18 (or .cse0 .cse10)) (.cse8 (= 1 ~systemActive~0)) (.cse4 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~3#1| ~waterLevel~0)) (.cse7 (= ~pumpRunning~0 |old(~pumpRunning~0)|))) (let ((.cse2 (and (= 2 ~waterLevel~0) .cse8 .cse10 .cse4 (or .cse7 (= ~pumpRunning~0 1)))) (.cse6 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse1 (not .cse8)) (.cse15 (and .cse7 .cse14 .cse8 .cse4 .cse5 .cse18)) (.cse16 (not (= |old(~waterLevel~0)| 2))) (.cse17 (and .cse11 .cse3 .cse14 .cse8 .cse4 .cse18)) (.cse13 (= |old(~switchedOnBeforeTS~0)| 0))) (and (or .cse0 .cse1 .cse2 (and .cse3 .cse4 .cse5 (= |old(~waterLevel~0)| |timeShift___utac_acc__Specification5_spec__3_~tmp~3#1|)) (not (<= |old(~waterLevel~0)| 2))) (let ((.cse12 (< 0 |old(~waterLevel~0)|))) (let ((.cse9 (and .cse14 .cse12))) (or .cse6 (not (<= |old(~waterLevel~0)| 1)) (and .cse7 .cse8 (<= ~waterLevel~0 0) (or .cse9 .cse10) .cse4 .cse5) .cse1 (and .cse11 .cse3 .cse8 (or (and (not .cse12) .cse10) .cse9) .cse4) .cse13))) (or .cse1 .cse2 .cse15 .cse16 .cse17) (or .cse6 .cse1 .cse15 .cse16 .cse17 .cse13))))) [2022-11-03 01:59:04,760 INFO L895 garLoopResultBuilder]: At program point L658(line 658) the Hoare annotation is: (let ((.cse1 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse3 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse0 (not (= 1 ~systemActive~0))) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) .cse0 (and .cse1 (let ((.cse2 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse2) (= |old(~waterLevel~0)| ~waterLevel~0)) (and .cse3 .cse2))) .cse4) .cse5) (or (and .cse1 .cse3 .cse4) .cse0 (not (= |old(~waterLevel~0)| 2))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse5))) [2022-11-03 01:59:04,760 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 583 609) the Hoare annotation is: (let ((.cse3 (not (= |old(~waterLevel~0)| 2))) (.cse5 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse0 (not (= ~switchedOnBeforeTS~0 0))) (.cse6 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (= |old(~switchedOnBeforeTS~0)| 0))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse2 (and .cse5 .cse6) .cse3) (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) .cse2 (and .cse5 .cse6 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (not (<= |old(~waterLevel~0)| 2))) (or (not (<= |old(~waterLevel~0)| 1)) .cse1 .cse2 (and .cse0 (= ~pumpRunning~0 0) .cse6) .cse4))) [2022-11-03 01:59:04,760 INFO L899 garLoopResultBuilder]: For program point L559(lines 559 565) no Hoare annotation was computed. [2022-11-03 01:59:04,761 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 583 609) no Hoare annotation was computed. [2022-11-03 01:59:04,761 INFO L895 garLoopResultBuilder]: At program point L650(line 650) the Hoare annotation is: (let ((.cse1 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse3 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse0 (not (= 1 ~systemActive~0))) (.cse5 (not (<= |old(~waterLevel~0)| 2)))) (and (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) .cse0 (and .cse1 (let ((.cse2 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse2) (= |old(~waterLevel~0)| ~waterLevel~0)) (and .cse3 .cse2))) .cse4) .cse5) (or (and .cse1 .cse3 .cse4) .cse0 (not (= |old(~waterLevel~0)| 2))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse5))) [2022-11-03 01:59:04,761 INFO L899 garLoopResultBuilder]: For program point L650-1(line 650) no Hoare annotation was computed. [2022-11-03 01:59:04,761 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 155) no Hoare annotation was computed. [2022-11-03 01:59:04,761 INFO L895 garLoopResultBuilder]: At program point L832(lines 789 834) the Hoare annotation is: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (or (and .cse0 .cse1 (= ~waterLevel~0 1) .cse2) (and (= 2 ~waterLevel~0) .cse0 .cse1) (and (= ~pumpRunning~0 0) (<= ~waterLevel~0 1) .cse0 .cse1) (and .cse0 .cse1 (<= ~waterLevel~0 0) .cse2))) [2022-11-03 01:59:04,761 INFO L899 garLoopResultBuilder]: For program point L799(lines 799 805) no Hoare annotation was computed. [2022-11-03 01:59:04,761 INFO L899 garLoopResultBuilder]: For program point L799-1(lines 799 805) no Hoare annotation was computed. [2022-11-03 01:59:04,761 INFO L895 garLoopResultBuilder]: At program point L965(lines 965 972) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1) (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) [2022-11-03 01:59:04,762 INFO L902 garLoopResultBuilder]: At program point L965-2(lines 965 972) the Hoare annotation is: true [2022-11-03 01:59:04,762 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-03 01:59:04,762 INFO L895 garLoopResultBuilder]: At program point L825-2(lines 819 830) the Hoare annotation is: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and (= 2 ~waterLevel~0) .cse0 .cse1) (and .cse0 .cse1 .cse2 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse0 .cse1 .cse2))) [2022-11-03 01:59:04,762 INFO L899 garLoopResultBuilder]: For program point L809(lines 809 815) no Hoare annotation was computed. [2022-11-03 01:59:04,762 INFO L899 garLoopResultBuilder]: For program point L809-1(lines 809 815) no Hoare annotation was computed. [2022-11-03 01:59:04,762 INFO L902 garLoopResultBuilder]: At program point L838(lines 779 842) the Hoare annotation is: true [2022-11-03 01:59:04,762 INFO L895 garLoopResultBuilder]: At program point L801(line 801) the Hoare annotation is: (let ((.cse2 (<= ~waterLevel~0 1)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= 2 ~waterLevel~0) .cse0 .cse1) (and .cse2 .cse0 .cse1 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse2 .cse0 .cse1))) [2022-11-03 01:59:04,762 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-03 01:59:04,762 INFO L895 garLoopResultBuilder]: At program point L835(lines 788 836) the Hoare annotation is: false [2022-11-03 01:59:04,762 INFO L899 garLoopResultBuilder]: For program point L790(lines 789 834) no Hoare annotation was computed. [2022-11-03 01:59:04,763 INFO L895 garLoopResultBuilder]: At program point L811(line 811) the Hoare annotation is: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and (= 2 ~waterLevel~0) .cse0 .cse1) (and .cse0 .cse1 .cse2 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (and (= ~pumpRunning~0 0) .cse0 .cse1 .cse2))) [2022-11-03 01:59:04,763 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 71 82) no Hoare annotation was computed. [2022-11-03 01:59:04,763 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 71 82) the Hoare annotation is: (let ((.cse1 (not (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 .cse1 .cse2 (not (<= |old(~waterLevel~0)| 0))) (or (not (<= |old(~waterLevel~0)| 1)) (not (= ~pumpRunning~0 0)) .cse0 .cse2) (or (not (= |old(~waterLevel~0)| 1)) .cse0 .cse1 (= ~waterLevel~0 1)) (or .cse0 (not (= |old(~waterLevel~0)| 2)) .cse2))) [2022-11-03 01:59:04,763 INFO L895 garLoopResultBuilder]: At program point L632(line 632) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2))) (.cse2 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 (= ~switchedOnBeforeTS~0 0) .cse2) (or .cse0 (and (or (<= 2 ~waterLevel~0) (= |processEnvironment__wrappee__methaneQuery_~tmp~4#1| 0)) (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) .cse1 .cse2))) [2022-11-03 01:59:04,763 INFO L899 garLoopResultBuilder]: For program point L626(lines 626 634) no Hoare annotation was computed. [2022-11-03 01:59:04,763 INFO L895 garLoopResultBuilder]: At program point L622(lines 622 639) the Hoare annotation is: (or (not (= 1 ~systemActive~0)) (not (<= ~waterLevel~0 2)) (= ~pumpRunning~0 ~switchedOnBeforeTS~0) (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|))) [2022-11-03 01:59:04,764 INFO L895 garLoopResultBuilder]: At program point L682(line 682) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 (not (<= ~waterLevel~0 2)) (= ~switchedOnBeforeTS~0 0) .cse1) (or .cse0 (not (= 2 ~waterLevel~0)) (= ~pumpRunning~0 ~switchedOnBeforeTS~0) .cse1) (or .cse0 (not (<= ~waterLevel~0 1)) .cse1))) [2022-11-03 01:59:04,764 INFO L895 garLoopResultBuilder]: At program point L682-1(line 682) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 (not (<= ~waterLevel~0 2)) (= ~switchedOnBeforeTS~0 0) .cse1) (or .cse0 (not (= 2 ~waterLevel~0)) (= ~pumpRunning~0 ~switchedOnBeforeTS~0) .cse1) (or .cse0 (not (<= ~waterLevel~0 1)) .cse1))) [2022-11-03 01:59:04,764 INFO L895 garLoopResultBuilder]: At program point L637(line 637) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2))) (.cse2 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 (= ~pumpRunning~0 ~switchedOnBeforeTS~0) .cse2) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1 .cse2))) [2022-11-03 01:59:04,764 INFO L899 garLoopResultBuilder]: For program point L637-1(lines 618 642) no Hoare annotation was computed. [2022-11-03 01:59:04,764 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__methaneQueryENTRY(lines 618 642) the Hoare annotation is: (or (not (= 1 ~systemActive~0)) (not (<= ~waterLevel~0 2)) (= ~pumpRunning~0 ~switchedOnBeforeTS~0) (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|))) [2022-11-03 01:59:04,765 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__methaneQueryEXIT(lines 618 642) no Hoare annotation was computed. [2022-11-03 01:59:04,765 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 713 721) no Hoare annotation was computed. [2022-11-03 01:59:04,765 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 713 721) the Hoare annotation is: true [2022-11-03 01:59:04,765 INFO L902 garLoopResultBuilder]: At program point isMethaneAlarmENTRY(lines 702 712) the Hoare annotation is: true [2022-11-03 01:59:04,765 INFO L899 garLoopResultBuilder]: For program point isMethaneAlarmEXIT(lines 702 712) no Hoare annotation was computed. [2022-11-03 01:59:04,768 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 01:59:04,770 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-03 01:59:04,802 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 03.11 01:59:04 BoogieIcfgContainer [2022-11-03 01:59:04,803 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-03 01:59:04,803 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-03 01:59:04,803 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-03 01:59:04,804 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-03 01:59:04,804 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 01:57:31" (3/4) ... [2022-11-03 01:59:04,807 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-03 01:59:04,813 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-03 01:59:04,813 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-03 01:59:04,813 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-03 01:59:04,813 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-03 01:59:04,814 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-03 01:59:04,814 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2022-11-03 01:59:04,814 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-11-03 01:59:04,814 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2022-11-03 01:59:04,822 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 78 nodes and edges [2022-11-03 01:59:04,823 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 24 nodes and edges [2022-11-03 01:59:04,823 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 14 nodes and edges [2022-11-03 01:59:04,824 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-03 01:59:04,824 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-11-03 01:59:04,825 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 01:59:04,825 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 01:59:04,850 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || !(\old(waterLevel) == 2)) || pumpRunning == switchedOnBeforeTS) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || pumpRunning == switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == 0 && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || ((((pumpRunning == \old(pumpRunning) && pumpRunning == aux-isPumpRunning()-aux) && 1 == systemActive) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || \old(switchedOnBeforeTS) == 0)) && ((!(1 == systemActive) || (((pumpRunning == \old(pumpRunning) && pumpRunning == aux-isPumpRunning()-aux) && 1 == systemActive) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2)) [2022-11-03 01:59:04,851 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || pumpRunning == 0) || !(1 == systemActive)) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && pumpRunning == switchedOnBeforeTS) && (!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel))) || !(\old(waterLevel) == 2)) || \old(switchedOnBeforeTS) == 0) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && 0 < \old(waterLevel))) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && 0 < \old(waterLevel)) && pumpRunning == switchedOnBeforeTS)) || \old(switchedOnBeforeTS) == 0)) && (((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && (!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && pumpRunning == switchedOnBeforeTS) && (!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel))) || (\old(waterLevel) == waterLevel && (pumpRunning == \old(pumpRunning) || pumpRunning == 1))) || !(\old(waterLevel) == 2))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 0)) || ((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel)) || \old(switchedOnBeforeTS) == 0)) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) [2022-11-03 01:59:04,852 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((((2 == waterLevel && 1 == systemActive) && \old(waterLevel) == waterLevel) && tmp == waterLevel) && (pumpRunning == \old(pumpRunning) || pumpRunning == 1))) || (((pumpRunning == 0 && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS) && \old(waterLevel) == tmp)) || !(\old(waterLevel) <= 2)) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (((((pumpRunning == \old(pumpRunning) && 1 == systemActive) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(1 == systemActive)) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && 1 == systemActive) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == waterLevel)) || \old(switchedOnBeforeTS) == 0)) && ((((!(1 == systemActive) || ((((2 == waterLevel && 1 == systemActive) && \old(waterLevel) == waterLevel) && tmp == waterLevel) && (pumpRunning == \old(pumpRunning) || pumpRunning == 1))) || (((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && 1 == systemActive) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS) && (!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel))) || !(\old(waterLevel) == 2)) || (((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && 1 == systemActive) && tmp == waterLevel) && (!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel)))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || (((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && 1 == systemActive) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS) && (!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel))) || !(\old(waterLevel) == 2)) || (((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && 1 == systemActive) && tmp == waterLevel) && (!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel))) || \old(switchedOnBeforeTS) == 0) [2022-11-03 01:59:04,852 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) && (!(1 == systemActive) || !(\old(waterLevel) == 2))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-03 01:59:04,852 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || pumpRunning == 0) || !(1 == systemActive)) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && pumpRunning == switchedOnBeforeTS) && (!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel))) || !(\old(waterLevel) == 2)) || \old(switchedOnBeforeTS) == 0) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && 0 < \old(waterLevel))) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && 0 < \old(waterLevel)) && pumpRunning == switchedOnBeforeTS)) || \old(switchedOnBeforeTS) == 0)) && (((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && (!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && pumpRunning == switchedOnBeforeTS) && (!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel))) || (\old(waterLevel) == waterLevel && (pumpRunning == \old(pumpRunning) || pumpRunning == 1))) || !(\old(waterLevel) == 2))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 0)) || ((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel)) || \old(switchedOnBeforeTS) == 0)) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) [2022-11-03 01:59:04,852 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(1 == systemActive) || !(waterLevel <= 2)) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning)) [2022-11-03 01:59:04,853 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || ((pumpRunning == \old(pumpRunning) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && ((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && pumpRunning == switchedOnBeforeTS) || !(1 == systemActive)) || !(\old(waterLevel) == 2))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) [2022-11-03 01:59:04,853 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(1 == systemActive) || !(waterLevel <= 2)) || switchedOnBeforeTS == 0) || !(switchedOnBeforeTS == \old(pumpRunning))) && (((!(1 == systemActive) || !(2 == waterLevel)) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning)))) && ((!(1 == systemActive) || !(waterLevel <= 1)) || !(switchedOnBeforeTS == \old(pumpRunning))) [2022-11-03 01:59:04,875 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/witness.graphml [2022-11-03 01:59:04,875 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-03 01:59:04,876 INFO L158 Benchmark]: Toolchain (without parser) took 94452.78ms. Allocated memory was 90.2MB in the beginning and 677.4MB in the end (delta: 587.2MB). Free memory was 54.8MB in the beginning and 460.3MB in the end (delta: -405.5MB). Peak memory consumption was 180.1MB. Max. memory is 16.1GB. [2022-11-03 01:59:04,876 INFO L158 Benchmark]: CDTParser took 0.31ms. Allocated memory is still 90.2MB. Free memory was 62.0MB in the beginning and 62.0MB in the end (delta: 30.9kB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-03 01:59:04,876 INFO L158 Benchmark]: CACSL2BoogieTranslator took 566.68ms. Allocated memory is still 90.2MB. Free memory was 54.6MB in the beginning and 57.4MB in the end (delta: -2.8MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2022-11-03 01:59:04,877 INFO L158 Benchmark]: Boogie Procedure Inliner took 70.73ms. Allocated memory is still 90.2MB. Free memory was 57.4MB in the beginning and 55.0MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-03 01:59:04,877 INFO L158 Benchmark]: Boogie Preprocessor took 59.28ms. Allocated memory is still 90.2MB. Free memory was 55.0MB in the beginning and 53.2MB in the end (delta: 1.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-03 01:59:04,877 INFO L158 Benchmark]: RCFGBuilder took 777.75ms. Allocated memory was 90.2MB in the beginning and 125.8MB in the end (delta: 35.7MB). Free memory was 53.2MB in the beginning and 88.7MB in the end (delta: -35.5MB). Peak memory consumption was 24.1MB. Max. memory is 16.1GB. [2022-11-03 01:59:04,878 INFO L158 Benchmark]: TraceAbstraction took 92899.11ms. Allocated memory was 125.8MB in the beginning and 677.4MB in the end (delta: 551.6MB). Free memory was 87.9MB in the beginning and 466.6MB in the end (delta: -378.8MB). Peak memory consumption was 404.1MB. Max. memory is 16.1GB. [2022-11-03 01:59:04,878 INFO L158 Benchmark]: Witness Printer took 71.76ms. Allocated memory is still 677.4MB. Free memory was 466.6MB in the beginning and 460.3MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-03 01:59:04,880 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.31ms. Allocated memory is still 90.2MB. Free memory was 62.0MB in the beginning and 62.0MB in the end (delta: 30.9kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 566.68ms. Allocated memory is still 90.2MB. Free memory was 54.6MB in the beginning and 57.4MB in the end (delta: -2.8MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 70.73ms. Allocated memory is still 90.2MB. Free memory was 57.4MB in the beginning and 55.0MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 59.28ms. Allocated memory is still 90.2MB. Free memory was 55.0MB in the beginning and 53.2MB in the end (delta: 1.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 777.75ms. Allocated memory was 90.2MB in the beginning and 125.8MB in the end (delta: 35.7MB). Free memory was 53.2MB in the beginning and 88.7MB in the end (delta: -35.5MB). Peak memory consumption was 24.1MB. Max. memory is 16.1GB. * TraceAbstraction took 92899.11ms. Allocated memory was 125.8MB in the beginning and 677.4MB in the end (delta: 551.6MB). Free memory was 87.9MB in the beginning and 466.6MB in the end (delta: -378.8MB). Peak memory consumption was 404.1MB. Max. memory is 16.1GB. * Witness Printer took 71.76ms. Allocated memory is still 677.4MB. Free memory was 466.6MB in the beginning and 460.3MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 155]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 64 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 92.8s, OverallIterations: 10, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 8.5s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 6.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2560 SdHoareTripleChecker+Valid, 3.8s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2530 mSDsluCounter, 2556 SdHoareTripleChecker+Invalid, 3.0s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2291 mSDsCounter, 1623 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 3835 IncrementalHoareTripleChecker+Invalid, 5458 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 1623 mSolverCounterUnsat, 728 mSDtfsCounter, 3835 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 945 GetRequests, 658 SyntacticMatches, 8 SemanticMatches, 279 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 9134 ImplicationChecksByTransitivity, 44.7s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=445occurred in iteration=9, InterpolantAutomatonStates: 160, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 10 MinimizatonAttempts, 271 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 37 LocationsWithAnnotation, 1336 PreInvPairs, 1553 NumberOfFragments, 1873 HoareAnnotationTreeSize, 1336 FomulaSimplifications, 5021 FormulaSimplificationTreeSizeReduction, 0.5s HoareSimplificationTime, 37 FomulaSimplificationsInter, 25699 FormulaSimplificationTreeSizeReductionInter, 5.4s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.4s SatisfiabilityAnalysisTime, 4.2s InterpolantComputationTime, 691 NumberOfCodeBlocks, 691 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 911 ConstructedInterpolants, 0 QuantifiedInterpolants, 2756 SizeOfPredicates, 26 NumberOfNonLiveVariables, 1515 ConjunctsInSsa, 65 ConjunctsInUnsatCore, 16 InterpolantComputations, 7 PerfectInterpolantSequences, 353/440 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 597]: Loop Invariant Derived loop invariant: ((((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || pumpRunning == 0) || !(1 == systemActive)) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && pumpRunning == switchedOnBeforeTS) && (!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel))) || !(\old(waterLevel) == 2)) || \old(switchedOnBeforeTS) == 0) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && 0 < \old(waterLevel))) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && 0 < \old(waterLevel)) && pumpRunning == switchedOnBeforeTS)) || \old(switchedOnBeforeTS) == 0)) && (((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && (!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && pumpRunning == switchedOnBeforeTS) && (!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel))) || (\old(waterLevel) == waterLevel && (pumpRunning == \old(pumpRunning) || pumpRunning == 1))) || !(\old(waterLevel) == 2))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 0)) || ((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel)) || \old(switchedOnBeforeTS) == 0)) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) - InvariantResult [Line: 622]: Loop Invariant Derived loop invariant: ((!(1 == systemActive) || !(waterLevel <= 2)) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning)) - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 652]: Loop Invariant Derived loop invariant: ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || ((pumpRunning == \old(pumpRunning) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && ((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && pumpRunning == switchedOnBeforeTS) || !(1 == systemActive)) || !(\old(waterLevel) == 2))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 789]: Loop Invariant Derived loop invariant: (((((1 == systemActive && splverifierCounter == 0) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS) || ((2 == waterLevel && 1 == systemActive) && splverifierCounter == 0)) || (((pumpRunning == 0 && waterLevel <= 1) && 1 == systemActive) && splverifierCounter == 0)) || (((1 == systemActive && splverifierCounter == 0) && waterLevel <= 0) && pumpRunning == switchedOnBeforeTS) - InvariantResult [Line: 644]: Loop Invariant Derived loop invariant: ((((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || pumpRunning == 0) || !(1 == systemActive)) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && pumpRunning == switchedOnBeforeTS) && (!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel))) || !(\old(waterLevel) == 2)) || \old(switchedOnBeforeTS) == 0) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && 0 < \old(waterLevel))) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && 0 < \old(waterLevel)) && pumpRunning == switchedOnBeforeTS)) || \old(switchedOnBeforeTS) == 0)) && (((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && (!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && pumpRunning == switchedOnBeforeTS) && (!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel))) || (\old(waterLevel) == waterLevel && (pumpRunning == \old(pumpRunning) || pumpRunning == 1))) || !(\old(waterLevel) == 2))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 0)) || ((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel)) || \old(switchedOnBeforeTS) == 0)) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) - InvariantResult [Line: 546]: Loop Invariant Derived loop invariant: ((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((((2 == waterLevel && 1 == systemActive) && \old(waterLevel) == waterLevel) && tmp == waterLevel) && (pumpRunning == \old(pumpRunning) || pumpRunning == 1))) || (((pumpRunning == 0 && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS) && \old(waterLevel) == tmp)) || !(\old(waterLevel) <= 2)) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (((((pumpRunning == \old(pumpRunning) && 1 == systemActive) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(1 == systemActive)) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && 1 == systemActive) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == waterLevel)) || \old(switchedOnBeforeTS) == 0)) && ((((!(1 == systemActive) || ((((2 == waterLevel && 1 == systemActive) && \old(waterLevel) == waterLevel) && tmp == waterLevel) && (pumpRunning == \old(pumpRunning) || pumpRunning == 1))) || (((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && 1 == systemActive) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS) && (!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel))) || !(\old(waterLevel) == 2)) || (((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && 1 == systemActive) && tmp == waterLevel) && (!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel)))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || (((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && 1 == systemActive) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS) && (!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel))) || !(\old(waterLevel) == 2)) || (((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && 1 == systemActive) && tmp == waterLevel) && (!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel))) || \old(switchedOnBeforeTS) == 0) - InvariantResult [Line: 788]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 155]: Loop Invariant Derived loop invariant: (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) && (!(1 == systemActive) || !(\old(waterLevel) == 2))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) - InvariantResult [Line: 702]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 541]: Loop Invariant Derived loop invariant: ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || !(\old(waterLevel) == 2)) || pumpRunning == switchedOnBeforeTS) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || pumpRunning == switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == 0 && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || ((((pumpRunning == \old(pumpRunning) && pumpRunning == aux-isPumpRunning()-aux) && 1 == systemActive) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || \old(switchedOnBeforeTS) == 0)) && ((!(1 == systemActive) || (((pumpRunning == \old(pumpRunning) && pumpRunning == aux-isPumpRunning()-aux) && 1 == systemActive) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2)) - InvariantResult [Line: 883]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 682]: Loop Invariant Derived loop invariant: ((((!(1 == systemActive) || !(waterLevel <= 2)) || switchedOnBeforeTS == 0) || !(switchedOnBeforeTS == \old(pumpRunning))) && (((!(1 == systemActive) || !(2 == waterLevel)) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning)))) && ((!(1 == systemActive) || !(waterLevel <= 1)) || !(switchedOnBeforeTS == \old(pumpRunning))) - InvariantResult [Line: 965]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 965]: Loop Invariant Derived loop invariant: ((pumpRunning == 0 && 1 == systemActive) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS - InvariantResult [Line: 779]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 893]: Loop Invariant Derived loop invariant: 1 RESULT: Ultimate proved your program to be correct! [2022-11-03 01:59:04,939 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a27f63f3-6bd8-4849-9676-3678a76273fd/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE