./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product56.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 5e519f3a Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product56.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 7bcd24ea8f621c8db79e853f5aaf064ffcae573e6c1e9f03eb1f84bb0c15fc3c --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-5e519f3 [2022-11-03 02:42:24,177 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-03 02:42:24,180 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-03 02:42:24,230 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-03 02:42:24,231 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-03 02:42:24,236 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-03 02:42:24,237 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-03 02:42:24,239 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-03 02:42:24,240 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-03 02:42:24,241 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-03 02:42:24,242 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-03 02:42:24,244 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-03 02:42:24,244 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-03 02:42:24,245 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-03 02:42:24,251 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-03 02:42:24,257 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-03 02:42:24,260 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-03 02:42:24,269 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-03 02:42:24,271 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-03 02:42:24,273 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-03 02:42:24,274 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-03 02:42:24,276 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-03 02:42:24,277 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-03 02:42:24,278 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-03 02:42:24,282 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-03 02:42:24,283 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-03 02:42:24,283 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-03 02:42:24,284 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-03 02:42:24,285 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-03 02:42:24,286 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-03 02:42:24,287 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-03 02:42:24,288 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-03 02:42:24,289 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-03 02:42:24,290 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-03 02:42:24,291 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-03 02:42:24,292 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-03 02:42:24,292 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-03 02:42:24,293 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-03 02:42:24,293 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-03 02:42:24,294 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-03 02:42:24,295 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-03 02:42:24,296 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-03 02:42:24,323 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-03 02:42:24,323 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-03 02:42:24,323 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-03 02:42:24,324 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-03 02:42:24,324 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-03 02:42:24,324 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-03 02:42:24,325 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-03 02:42:24,325 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-03 02:42:24,325 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-03 02:42:24,325 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-03 02:42:24,326 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-03 02:42:24,326 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-03 02:42:24,326 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-03 02:42:24,326 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-03 02:42:24,327 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-03 02:42:24,327 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-03 02:42:24,327 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-03 02:42:24,328 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-03 02:42:24,328 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-03 02:42:24,329 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-03 02:42:24,329 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-03 02:42:24,329 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-03 02:42:24,329 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-03 02:42:24,330 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-03 02:42:24,330 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-03 02:42:24,330 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-03 02:42:24,330 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-03 02:42:24,331 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-03 02:42:24,331 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-03 02:42:24,331 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-03 02:42:24,331 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-03 02:42:24,332 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-03 02:42:24,332 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 02:42:24,332 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-03 02:42:24,332 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-03 02:42:24,333 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-03 02:42:24,333 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-03 02:42:24,333 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-03 02:42:24,333 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-03 02:42:24,333 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-03 02:42:24,334 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-03 02:42:24,334 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 7bcd24ea8f621c8db79e853f5aaf064ffcae573e6c1e9f03eb1f84bb0c15fc3c [2022-11-03 02:42:24,674 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-03 02:42:24,704 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-03 02:42:24,708 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-03 02:42:24,709 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-03 02:42:24,710 INFO L275 PluginConnector]: CDTParser initialized [2022-11-03 02:42:24,712 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/../../sv-benchmarks/c/product-lines/minepump_spec5_product56.cil.c [2022-11-03 02:42:24,791 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/data/75563656a/910e8b45942b456da4ddf306e8823dce/FLAG7b897cec4 [2022-11-03 02:42:25,385 INFO L306 CDTParser]: Found 1 translation units. [2022-11-03 02:42:25,386 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/sv-benchmarks/c/product-lines/minepump_spec5_product56.cil.c [2022-11-03 02:42:25,397 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/data/75563656a/910e8b45942b456da4ddf306e8823dce/FLAG7b897cec4 [2022-11-03 02:42:25,661 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/data/75563656a/910e8b45942b456da4ddf306e8823dce [2022-11-03 02:42:25,663 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-03 02:42:25,665 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-03 02:42:25,667 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-03 02:42:25,667 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-03 02:42:25,671 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-03 02:42:25,672 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 02:42:25" (1/1) ... [2022-11-03 02:42:25,673 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@38f0b611 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:42:25, skipping insertion in model container [2022-11-03 02:42:25,674 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 02:42:25" (1/1) ... [2022-11-03 02:42:25,682 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-03 02:42:25,743 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-03 02:42:26,149 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/sv-benchmarks/c/product-lines/minepump_spec5_product56.cil.c[8146,8159] [2022-11-03 02:42:26,242 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 02:42:26,251 INFO L203 MainTranslator]: Completed pre-run [2022-11-03 02:42:26,303 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/sv-benchmarks/c/product-lines/minepump_spec5_product56.cil.c[8146,8159] [2022-11-03 02:42:26,370 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 02:42:26,391 INFO L208 MainTranslator]: Completed translation [2022-11-03 02:42:26,392 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:42:26 WrapperNode [2022-11-03 02:42:26,392 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-03 02:42:26,393 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-03 02:42:26,393 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-03 02:42:26,394 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-03 02:42:26,402 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:42:26" (1/1) ... [2022-11-03 02:42:26,430 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:42:26" (1/1) ... [2022-11-03 02:42:26,459 INFO L138 Inliner]: procedures = 60, calls = 164, calls flagged for inlining = 27, calls inlined = 24, statements flattened = 294 [2022-11-03 02:42:26,459 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-03 02:42:26,460 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-03 02:42:26,460 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-03 02:42:26,460 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-03 02:42:26,470 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:42:26" (1/1) ... [2022-11-03 02:42:26,470 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:42:26" (1/1) ... [2022-11-03 02:42:26,473 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:42:26" (1/1) ... [2022-11-03 02:42:26,473 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:42:26" (1/1) ... [2022-11-03 02:42:26,486 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:42:26" (1/1) ... [2022-11-03 02:42:26,492 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:42:26" (1/1) ... [2022-11-03 02:42:26,493 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:42:26" (1/1) ... [2022-11-03 02:42:26,496 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:42:26" (1/1) ... [2022-11-03 02:42:26,510 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-03 02:42:26,511 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-03 02:42:26,511 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-03 02:42:26,511 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-03 02:42:26,512 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:42:26" (1/1) ... [2022-11-03 02:42:26,519 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 02:42:26,531 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:42:26,543 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-03 02:42:26,553 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-03 02:42:26,601 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-03 02:42:26,602 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-03 02:42:26,602 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-03 02:42:26,602 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-03 02:42:26,602 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-03 02:42:26,603 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-03 02:42:26,603 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-03 02:42:26,603 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 02:42:26,603 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 02:42:26,603 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-03 02:42:26,603 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-03 02:42:26,604 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2022-11-03 02:42:26,604 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2022-11-03 02:42:26,604 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-11-03 02:42:26,604 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-11-03 02:42:26,605 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-11-03 02:42:26,605 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-11-03 02:42:26,606 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-03 02:42:26,606 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-03 02:42:26,606 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-03 02:42:26,606 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-03 02:42:26,606 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-03 02:42:26,739 INFO L235 CfgBuilder]: Building ICFG [2022-11-03 02:42:26,741 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-03 02:42:27,272 INFO L276 CfgBuilder]: Performing block encoding [2022-11-03 02:42:27,456 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-03 02:42:27,457 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-03 02:42:27,460 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 02:42:27 BoogieIcfgContainer [2022-11-03 02:42:27,460 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-03 02:42:27,464 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-03 02:42:27,464 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-03 02:42:27,469 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-03 02:42:27,469 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.11 02:42:25" (1/3) ... [2022-11-03 02:42:27,470 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7df94c4f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 02:42:27, skipping insertion in model container [2022-11-03 02:42:27,470 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:42:26" (2/3) ... [2022-11-03 02:42:27,470 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@7df94c4f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 02:42:27, skipping insertion in model container [2022-11-03 02:42:27,471 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 02:42:27" (3/3) ... [2022-11-03 02:42:27,472 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product56.cil.c [2022-11-03 02:42:27,492 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-03 02:42:27,493 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-03 02:42:27,584 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-03 02:42:27,606 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@31cc8669, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-03 02:42:27,606 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-03 02:42:27,620 INFO L276 IsEmpty]: Start isEmpty. Operand has 74 states, 46 states have (on average 1.4565217391304348) internal successors, (67), 57 states have internal predecessors, (67), 17 states have call successors, (17), 9 states have call predecessors, (17), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) [2022-11-03 02:42:27,633 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2022-11-03 02:42:27,633 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:42:27,634 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:42:27,643 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:42:27,655 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:42:27,656 INFO L85 PathProgramCache]: Analyzing trace with hash -1059687252, now seen corresponding path program 1 times [2022-11-03 02:42:27,695 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:42:27,697 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [665973200] [2022-11-03 02:42:27,697 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:42:27,698 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:42:27,846 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:42:27,987 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 02:42:27,988 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:42:27,989 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [665973200] [2022-11-03 02:42:27,990 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [665973200] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:42:27,991 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:42:27,991 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-03 02:42:27,993 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1000968175] [2022-11-03 02:42:27,995 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:42:28,003 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-03 02:42:28,004 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:42:28,047 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-03 02:42:28,048 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 02:42:28,052 INFO L87 Difference]: Start difference. First operand has 74 states, 46 states have (on average 1.4565217391304348) internal successors, (67), 57 states have internal predecessors, (67), 17 states have call successors, (17), 9 states have call predecessors, (17), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) Second operand has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 02:42:28,146 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:42:28,146 INFO L93 Difference]: Finished difference Result 146 states and 203 transitions. [2022-11-03 02:42:28,147 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-03 02:42:28,149 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 21 [2022-11-03 02:42:28,150 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:42:28,164 INFO L225 Difference]: With dead ends: 146 [2022-11-03 02:42:28,164 INFO L226 Difference]: Without dead ends: 69 [2022-11-03 02:42:28,172 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 02:42:28,177 INFO L413 NwaCegarLoop]: 79 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 19 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 79 SdHoareTripleChecker+Invalid, 20 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 19 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-03 02:42:28,179 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 79 Invalid, 20 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 19 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-03 02:42:28,202 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 69 states. [2022-11-03 02:42:28,232 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 69 to 69. [2022-11-03 02:42:28,233 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 69 states, 43 states have (on average 1.372093023255814) internal successors, (59), 53 states have internal predecessors, (59), 17 states have call successors, (17), 9 states have call predecessors, (17), 8 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2022-11-03 02:42:28,236 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 69 states to 69 states and 92 transitions. [2022-11-03 02:42:28,238 INFO L78 Accepts]: Start accepts. Automaton has 69 states and 92 transitions. Word has length 21 [2022-11-03 02:42:28,238 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:42:28,239 INFO L495 AbstractCegarLoop]: Abstraction has 69 states and 92 transitions. [2022-11-03 02:42:28,239 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 02:42:28,239 INFO L276 IsEmpty]: Start isEmpty. Operand 69 states and 92 transitions. [2022-11-03 02:42:28,242 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2022-11-03 02:42:28,242 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:42:28,242 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:42:28,243 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-03 02:42:28,243 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:42:28,244 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:42:28,244 INFO L85 PathProgramCache]: Analyzing trace with hash 1231371985, now seen corresponding path program 1 times [2022-11-03 02:42:28,244 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:42:28,245 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [352456951] [2022-11-03 02:42:28,245 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:42:28,245 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:42:28,298 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:42:28,437 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 02:42:28,438 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:42:28,438 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [352456951] [2022-11-03 02:42:28,438 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [352456951] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:42:28,438 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:42:28,439 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 02:42:28,439 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2105049336] [2022-11-03 02:42:28,439 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:42:28,440 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 02:42:28,441 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:42:28,441 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 02:42:28,441 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 02:42:28,442 INFO L87 Difference]: Start difference. First operand 69 states and 92 transitions. Second operand has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 02:42:28,518 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:42:28,520 INFO L93 Difference]: Finished difference Result 110 states and 146 transitions. [2022-11-03 02:42:28,521 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 02:42:28,521 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 22 [2022-11-03 02:42:28,522 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:42:28,524 INFO L225 Difference]: With dead ends: 110 [2022-11-03 02:42:28,526 INFO L226 Difference]: Without dead ends: 61 [2022-11-03 02:42:28,527 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 02:42:28,529 INFO L413 NwaCegarLoop]: 65 mSDtfsCounter, 14 mSDsluCounter, 61 mSDsCounter, 0 mSdLazyCounter, 28 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 18 SdHoareTripleChecker+Valid, 114 SdHoareTripleChecker+Invalid, 28 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 28 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:42:28,530 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [18 Valid, 114 Invalid, 28 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 28 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:42:28,531 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 61 states. [2022-11-03 02:42:28,545 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 61 to 61. [2022-11-03 02:42:28,546 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 61 states, 38 states have (on average 1.394736842105263) internal successors, (53), 48 states have internal predecessors, (53), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 9 states have call predecessors, (14), 14 states have call successors, (14) [2022-11-03 02:42:28,547 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 61 states to 61 states and 81 transitions. [2022-11-03 02:42:28,548 INFO L78 Accepts]: Start accepts. Automaton has 61 states and 81 transitions. Word has length 22 [2022-11-03 02:42:28,548 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:42:28,548 INFO L495 AbstractCegarLoop]: Abstraction has 61 states and 81 transitions. [2022-11-03 02:42:28,548 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 02:42:28,549 INFO L276 IsEmpty]: Start isEmpty. Operand 61 states and 81 transitions. [2022-11-03 02:42:28,550 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-11-03 02:42:28,550 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:42:28,550 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:42:28,550 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-03 02:42:28,551 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:42:28,551 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:42:28,551 INFO L85 PathProgramCache]: Analyzing trace with hash 88149764, now seen corresponding path program 1 times [2022-11-03 02:42:28,551 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:42:28,552 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1700598154] [2022-11-03 02:42:28,552 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:42:28,552 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:42:28,608 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:42:28,700 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 02:42:28,700 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:42:28,701 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1700598154] [2022-11-03 02:42:28,701 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1700598154] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:42:28,701 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:42:28,701 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 02:42:28,702 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1146929139] [2022-11-03 02:42:28,702 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:42:28,702 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 02:42:28,702 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:42:28,703 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 02:42:28,703 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 02:42:28,704 INFO L87 Difference]: Start difference. First operand 61 states and 81 transitions. Second operand has 3 states, 3 states have (on average 6.333333333333333) internal successors, (19), 3 states have internal predecessors, (19), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-03 02:42:28,828 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:42:28,828 INFO L93 Difference]: Finished difference Result 179 states and 240 transitions. [2022-11-03 02:42:28,829 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 02:42:28,829 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.333333333333333) internal successors, (19), 3 states have internal predecessors, (19), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 25 [2022-11-03 02:42:28,830 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:42:28,831 INFO L225 Difference]: With dead ends: 179 [2022-11-03 02:42:28,831 INFO L226 Difference]: Without dead ends: 120 [2022-11-03 02:42:28,832 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 02:42:28,834 INFO L413 NwaCegarLoop]: 88 mSDtfsCounter, 73 mSDsluCounter, 75 mSDsCounter, 0 mSdLazyCounter, 34 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 73 SdHoareTripleChecker+Valid, 151 SdHoareTripleChecker+Invalid, 35 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 34 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:42:28,834 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [73 Valid, 151 Invalid, 35 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 34 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:42:28,835 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 120 states. [2022-11-03 02:42:28,854 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 120 to 117. [2022-11-03 02:42:28,854 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 117 states, 72 states have (on average 1.4027777777777777) internal successors, (101), 91 states have internal predecessors, (101), 28 states have call successors, (28), 16 states have call predecessors, (28), 16 states have return successors, (28), 17 states have call predecessors, (28), 28 states have call successors, (28) [2022-11-03 02:42:28,856 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 117 states to 117 states and 157 transitions. [2022-11-03 02:42:28,856 INFO L78 Accepts]: Start accepts. Automaton has 117 states and 157 transitions. Word has length 25 [2022-11-03 02:42:28,856 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:42:28,857 INFO L495 AbstractCegarLoop]: Abstraction has 117 states and 157 transitions. [2022-11-03 02:42:28,857 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.333333333333333) internal successors, (19), 3 states have internal predecessors, (19), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-03 02:42:28,857 INFO L276 IsEmpty]: Start isEmpty. Operand 117 states and 157 transitions. [2022-11-03 02:42:28,859 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2022-11-03 02:42:28,859 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:42:28,859 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:42:28,859 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-03 02:42:28,860 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:42:28,860 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:42:28,860 INFO L85 PathProgramCache]: Analyzing trace with hash -577044933, now seen corresponding path program 1 times [2022-11-03 02:42:28,860 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:42:28,861 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1679092672] [2022-11-03 02:42:28,861 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:42:28,861 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:42:28,879 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:42:29,066 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-03 02:42:29,067 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:42:29,067 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1679092672] [2022-11-03 02:42:29,067 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1679092672] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:42:29,067 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:42:29,068 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-03 02:42:29,068 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1535698891] [2022-11-03 02:42:29,068 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:42:29,069 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-03 02:42:29,069 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:42:29,069 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-03 02:42:29,070 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-03 02:42:29,070 INFO L87 Difference]: Start difference. First operand 117 states and 157 transitions. Second operand has 6 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 02:42:29,298 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:42:29,299 INFO L93 Difference]: Finished difference Result 322 states and 445 transitions. [2022-11-03 02:42:29,299 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-11-03 02:42:29,300 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 28 [2022-11-03 02:42:29,300 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:42:29,308 INFO L225 Difference]: With dead ends: 322 [2022-11-03 02:42:29,308 INFO L226 Difference]: Without dead ends: 207 [2022-11-03 02:42:29,314 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-11-03 02:42:29,317 INFO L413 NwaCegarLoop]: 79 mSDtfsCounter, 41 mSDsluCounter, 299 mSDsCounter, 0 mSdLazyCounter, 135 mSolverCounterSat, 11 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 42 SdHoareTripleChecker+Valid, 335 SdHoareTripleChecker+Invalid, 146 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 11 IncrementalHoareTripleChecker+Valid, 135 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-03 02:42:29,320 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [42 Valid, 335 Invalid, 146 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [11 Valid, 135 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-03 02:42:29,323 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 207 states. [2022-11-03 02:42:29,369 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 207 to 198. [2022-11-03 02:42:29,377 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 198 states, 129 states have (on average 1.310077519379845) internal successors, (169), 146 states have internal predecessors, (169), 38 states have call successors, (38), 30 states have call predecessors, (38), 30 states have return successors, (50), 33 states have call predecessors, (50), 38 states have call successors, (50) [2022-11-03 02:42:29,382 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 198 states to 198 states and 257 transitions. [2022-11-03 02:42:29,383 INFO L78 Accepts]: Start accepts. Automaton has 198 states and 257 transitions. Word has length 28 [2022-11-03 02:42:29,384 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:42:29,384 INFO L495 AbstractCegarLoop]: Abstraction has 198 states and 257 transitions. [2022-11-03 02:42:29,384 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 02:42:29,384 INFO L276 IsEmpty]: Start isEmpty. Operand 198 states and 257 transitions. [2022-11-03 02:42:29,389 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-11-03 02:42:29,393 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:42:29,394 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:42:29,394 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-03 02:42:29,394 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:42:29,395 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:42:29,397 INFO L85 PathProgramCache]: Analyzing trace with hash -1008014715, now seen corresponding path program 1 times [2022-11-03 02:42:29,397 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:42:29,397 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1107676772] [2022-11-03 02:42:29,398 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:42:29,398 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:42:29,440 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:42:29,748 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 02:42:29,749 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:42:29,749 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1107676772] [2022-11-03 02:42:29,749 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1107676772] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:42:29,750 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:42:29,750 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-03 02:42:29,750 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1407542849] [2022-11-03 02:42:29,750 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:42:29,751 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-03 02:42:29,751 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:42:29,752 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-03 02:42:29,752 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2022-11-03 02:42:29,752 INFO L87 Difference]: Start difference. First operand 198 states and 257 transitions. Second operand has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 6 states have internal predecessors, (28), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-03 02:42:29,981 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:42:29,981 INFO L93 Difference]: Finished difference Result 588 states and 762 transitions. [2022-11-03 02:42:29,982 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-11-03 02:42:29,982 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 6 states have internal predecessors, (28), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) Word has length 38 [2022-11-03 02:42:29,982 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:42:29,986 INFO L225 Difference]: With dead ends: 588 [2022-11-03 02:42:29,986 INFO L226 Difference]: Without dead ends: 392 [2022-11-03 02:42:29,987 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=16, Invalid=26, Unknown=0, NotChecked=0, Total=42 [2022-11-03 02:42:29,988 INFO L413 NwaCegarLoop]: 104 mSDtfsCounter, 125 mSDsluCounter, 200 mSDsCounter, 0 mSdLazyCounter, 143 mSolverCounterSat, 23 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 126 SdHoareTripleChecker+Valid, 278 SdHoareTripleChecker+Invalid, 166 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 23 IncrementalHoareTripleChecker+Valid, 143 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-03 02:42:29,989 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [126 Valid, 278 Invalid, 166 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [23 Valid, 143 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-03 02:42:29,990 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 392 states. [2022-11-03 02:42:30,045 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 392 to 378. [2022-11-03 02:42:30,052 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 378 states, 249 states have (on average 1.2891566265060241) internal successors, (321), 275 states have internal predecessors, (321), 69 states have call successors, (69), 57 states have call predecessors, (69), 59 states have return successors, (93), 62 states have call predecessors, (93), 69 states have call successors, (93) [2022-11-03 02:42:30,057 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 378 states to 378 states and 483 transitions. [2022-11-03 02:42:30,058 INFO L78 Accepts]: Start accepts. Automaton has 378 states and 483 transitions. Word has length 38 [2022-11-03 02:42:30,058 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:42:30,058 INFO L495 AbstractCegarLoop]: Abstraction has 378 states and 483 transitions. [2022-11-03 02:42:30,059 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.666666666666667) internal successors, (28), 6 states have internal predecessors, (28), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-03 02:42:30,059 INFO L276 IsEmpty]: Start isEmpty. Operand 378 states and 483 transitions. [2022-11-03 02:42:30,065 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2022-11-03 02:42:30,066 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:42:30,066 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:42:30,066 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-03 02:42:30,067 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:42:30,068 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:42:30,068 INFO L85 PathProgramCache]: Analyzing trace with hash 1238551946, now seen corresponding path program 1 times [2022-11-03 02:42:30,068 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:42:30,069 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1257915151] [2022-11-03 02:42:30,069 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:42:30,069 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:42:30,114 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:42:30,452 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 02:42:30,453 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:42:30,453 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1257915151] [2022-11-03 02:42:30,453 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1257915151] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:42:30,453 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:42:30,453 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-11-03 02:42:30,454 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [589556552] [2022-11-03 02:42:30,454 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:42:30,454 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-03 02:42:30,454 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:42:30,455 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-03 02:42:30,455 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=39, Unknown=0, NotChecked=0, Total=56 [2022-11-03 02:42:30,455 INFO L87 Difference]: Start difference. First operand 378 states and 483 transitions. Second operand has 8 states, 7 states have (on average 4.142857142857143) internal successors, (29), 7 states have internal predecessors, (29), 5 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 4 states have call predecessors, (5), 5 states have call successors, (5) [2022-11-03 02:42:31,137 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:42:31,138 INFO L93 Difference]: Finished difference Result 922 states and 1213 transitions. [2022-11-03 02:42:31,139 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2022-11-03 02:42:31,139 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 4.142857142857143) internal successors, (29), 7 states have internal predecessors, (29), 5 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 4 states have call predecessors, (5), 5 states have call successors, (5) Word has length 41 [2022-11-03 02:42:31,139 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:42:31,145 INFO L225 Difference]: With dead ends: 922 [2022-11-03 02:42:31,145 INFO L226 Difference]: Without dead ends: 658 [2022-11-03 02:42:31,147 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 30 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=67, Invalid=143, Unknown=0, NotChecked=0, Total=210 [2022-11-03 02:42:31,148 INFO L413 NwaCegarLoop]: 97 mSDtfsCounter, 276 mSDsluCounter, 207 mSDsCounter, 0 mSdLazyCounter, 336 mSolverCounterSat, 116 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 285 SdHoareTripleChecker+Valid, 272 SdHoareTripleChecker+Invalid, 452 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 116 IncrementalHoareTripleChecker+Valid, 336 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2022-11-03 02:42:31,148 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [285 Valid, 272 Invalid, 452 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [116 Valid, 336 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2022-11-03 02:42:31,150 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 658 states. [2022-11-03 02:42:31,263 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 658 to 560. [2022-11-03 02:42:31,266 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 560 states, 374 states have (on average 1.2807486631016043) internal successors, (479), 412 states have internal predecessors, (479), 98 states have call successors, (98), 74 states have call predecessors, (98), 87 states have return successors, (137), 97 states have call predecessors, (137), 98 states have call successors, (137) [2022-11-03 02:42:31,274 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 560 states to 560 states and 714 transitions. [2022-11-03 02:42:31,275 INFO L78 Accepts]: Start accepts. Automaton has 560 states and 714 transitions. Word has length 41 [2022-11-03 02:42:31,277 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:42:31,277 INFO L495 AbstractCegarLoop]: Abstraction has 560 states and 714 transitions. [2022-11-03 02:42:31,277 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 4.142857142857143) internal successors, (29), 7 states have internal predecessors, (29), 5 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 4 states have call predecessors, (5), 5 states have call successors, (5) [2022-11-03 02:42:31,278 INFO L276 IsEmpty]: Start isEmpty. Operand 560 states and 714 transitions. [2022-11-03 02:42:31,281 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 64 [2022-11-03 02:42:31,282 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:42:31,284 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:42:31,284 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-03 02:42:31,284 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:42:31,285 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:42:31,285 INFO L85 PathProgramCache]: Analyzing trace with hash 800789391, now seen corresponding path program 1 times [2022-11-03 02:42:31,285 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:42:31,286 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1154237466] [2022-11-03 02:42:31,286 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:42:31,286 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:42:31,316 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:42:31,358 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 15 proven. 0 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2022-11-03 02:42:31,359 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:42:31,359 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1154237466] [2022-11-03 02:42:31,359 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1154237466] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:42:31,359 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:42:31,359 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-03 02:42:31,360 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1994113001] [2022-11-03 02:42:31,360 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:42:31,360 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-03 02:42:31,360 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:42:31,361 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-03 02:42:31,361 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-03 02:42:31,362 INFO L87 Difference]: Start difference. First operand 560 states and 714 transitions. Second operand has 4 states, 3 states have (on average 15.333333333333334) internal successors, (46), 4 states have internal predecessors, (46), 4 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) [2022-11-03 02:42:31,530 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:42:31,530 INFO L93 Difference]: Finished difference Result 934 states and 1189 transitions. [2022-11-03 02:42:31,530 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-11-03 02:42:31,531 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 15.333333333333334) internal successors, (46), 4 states have internal predecessors, (46), 4 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) Word has length 63 [2022-11-03 02:42:31,531 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:42:31,534 INFO L225 Difference]: With dead ends: 934 [2022-11-03 02:42:31,534 INFO L226 Difference]: Without dead ends: 376 [2022-11-03 02:42:31,536 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-03 02:42:31,537 INFO L413 NwaCegarLoop]: 89 mSDtfsCounter, 104 mSDsluCounter, 71 mSDsCounter, 0 mSdLazyCounter, 92 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 104 SdHoareTripleChecker+Valid, 140 SdHoareTripleChecker+Invalid, 96 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 92 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:42:31,538 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [104 Valid, 140 Invalid, 96 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 92 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:42:31,539 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 376 states. [2022-11-03 02:42:31,591 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 376 to 370. [2022-11-03 02:42:31,592 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 370 states, 249 states have (on average 1.2610441767068272) internal successors, (314), 275 states have internal predecessors, (314), 64 states have call successors, (64), 50 states have call predecessors, (64), 56 states have return successors, (83), 63 states have call predecessors, (83), 64 states have call successors, (83) [2022-11-03 02:42:31,594 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 370 states to 370 states and 461 transitions. [2022-11-03 02:42:31,595 INFO L78 Accepts]: Start accepts. Automaton has 370 states and 461 transitions. Word has length 63 [2022-11-03 02:42:31,595 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:42:31,595 INFO L495 AbstractCegarLoop]: Abstraction has 370 states and 461 transitions. [2022-11-03 02:42:31,596 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 15.333333333333334) internal successors, (46), 4 states have internal predecessors, (46), 4 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 4 states have call successors, (7) [2022-11-03 02:42:31,596 INFO L276 IsEmpty]: Start isEmpty. Operand 370 states and 461 transitions. [2022-11-03 02:42:31,597 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 73 [2022-11-03 02:42:31,598 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:42:31,598 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:42:31,598 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-03 02:42:31,598 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:42:31,599 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:42:31,599 INFO L85 PathProgramCache]: Analyzing trace with hash 1350375381, now seen corresponding path program 1 times [2022-11-03 02:42:31,599 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:42:31,599 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [878404250] [2022-11-03 02:42:31,600 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:42:31,600 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:42:31,621 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:42:31,755 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 15 proven. 6 refuted. 0 times theorem prover too weak. 12 trivial. 0 not checked. [2022-11-03 02:42:31,758 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:42:31,758 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [878404250] [2022-11-03 02:42:31,759 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [878404250] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:42:31,760 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1268187053] [2022-11-03 02:42:31,760 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:42:31,760 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:42:31,760 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:42:31,766 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:42:31,788 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-03 02:42:31,939 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:42:31,943 INFO L263 TraceCheckSpWp]: Trace formula consists of 464 conjuncts, 4 conjunts are in the unsatisfiable core [2022-11-03 02:42:31,953 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:42:32,068 INFO L134 CoverageAnalysis]: Checked inductivity of 33 backedges. 33 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:42:32,069 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-03 02:42:32,069 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1268187053] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:42:32,069 INFO L184 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2022-11-03 02:42:32,069 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [7] total 8 [2022-11-03 02:42:32,070 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [234085398] [2022-11-03 02:42:32,070 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:42:32,070 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 02:42:32,070 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:42:32,071 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 02:42:32,071 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=35, Unknown=0, NotChecked=0, Total=56 [2022-11-03 02:42:32,071 INFO L87 Difference]: Start difference. First operand 370 states and 461 transitions. Second operand has 3 states, 3 states have (on average 17.666666666666668) internal successors, (53), 3 states have internal predecessors, (53), 3 states have call successors, (10), 3 states have call predecessors, (10), 3 states have return successors, (9), 3 states have call predecessors, (9), 3 states have call successors, (9) [2022-11-03 02:42:32,157 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:42:32,158 INFO L93 Difference]: Finished difference Result 660 states and 830 transitions. [2022-11-03 02:42:32,158 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 02:42:32,159 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 17.666666666666668) internal successors, (53), 3 states have internal predecessors, (53), 3 states have call successors, (10), 3 states have call predecessors, (10), 3 states have return successors, (9), 3 states have call predecessors, (9), 3 states have call successors, (9) Word has length 72 [2022-11-03 02:42:32,159 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:42:32,161 INFO L225 Difference]: With dead ends: 660 [2022-11-03 02:42:32,161 INFO L226 Difference]: Without dead ends: 360 [2022-11-03 02:42:32,162 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 79 GetRequests, 73 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=35, Unknown=0, NotChecked=0, Total=56 [2022-11-03 02:42:32,163 INFO L413 NwaCegarLoop]: 94 mSDtfsCounter, 40 mSDsluCounter, 53 mSDsCounter, 0 mSdLazyCounter, 42 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 40 SdHoareTripleChecker+Valid, 139 SdHoareTripleChecker+Invalid, 45 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 42 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-03 02:42:32,164 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [40 Valid, 139 Invalid, 45 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 42 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-03 02:42:32,164 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 360 states. [2022-11-03 02:42:32,203 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 360 to 360. [2022-11-03 02:42:32,204 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 360 states, 242 states have (on average 1.2272727272727273) internal successors, (297), 266 states have internal predecessors, (297), 62 states have call successors, (62), 50 states have call predecessors, (62), 55 states have return successors, (73), 61 states have call predecessors, (73), 62 states have call successors, (73) [2022-11-03 02:42:32,206 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 360 states to 360 states and 432 transitions. [2022-11-03 02:42:32,206 INFO L78 Accepts]: Start accepts. Automaton has 360 states and 432 transitions. Word has length 72 [2022-11-03 02:42:32,206 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:42:32,207 INFO L495 AbstractCegarLoop]: Abstraction has 360 states and 432 transitions. [2022-11-03 02:42:32,207 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 17.666666666666668) internal successors, (53), 3 states have internal predecessors, (53), 3 states have call successors, (10), 3 states have call predecessors, (10), 3 states have return successors, (9), 3 states have call predecessors, (9), 3 states have call successors, (9) [2022-11-03 02:42:32,207 INFO L276 IsEmpty]: Start isEmpty. Operand 360 states and 432 transitions. [2022-11-03 02:42:32,208 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 77 [2022-11-03 02:42:32,208 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:42:32,209 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:42:32,253 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-03 02:42:32,422 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable7 [2022-11-03 02:42:32,422 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:42:32,423 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:42:32,423 INFO L85 PathProgramCache]: Analyzing trace with hash -966270148, now seen corresponding path program 1 times [2022-11-03 02:42:32,423 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:42:32,423 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1788382862] [2022-11-03 02:42:32,424 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:42:32,424 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:42:32,450 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:42:32,696 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 12 proven. 10 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-03 02:42:32,696 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:42:32,696 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1788382862] [2022-11-03 02:42:32,696 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1788382862] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:42:32,697 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1237395398] [2022-11-03 02:42:32,697 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:42:32,697 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:42:32,697 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:42:32,714 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:42:32,718 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-03 02:42:32,902 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:42:32,905 INFO L263 TraceCheckSpWp]: Trace formula consists of 484 conjuncts, 8 conjunts are in the unsatisfiable core [2022-11-03 02:42:32,909 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:42:33,067 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 21 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:42:33,068 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 02:42:33,303 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 14 proven. 8 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-03 02:42:33,303 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1237395398] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 02:42:33,303 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1589674672] [2022-11-03 02:42:33,332 INFO L159 IcfgInterpreter]: Started Sifa with 49 locations of interest [2022-11-03 02:42:33,332 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 02:42:33,337 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 02:42:33,343 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 02:42:33,344 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 02:42:44,291 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 307 for LOIs [2022-11-03 02:42:44,397 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 48 for LOIs [2022-11-03 02:42:45,082 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__lowWaterSensor with input of size 64 for LOIs [2022-11-03 02:42:45,613 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 57 for LOIs [2022-11-03 02:42:45,715 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 20 for LOIs [2022-11-03 02:42:45,717 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 39 for LOIs [2022-11-03 02:42:45,721 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 02:42:54,312 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '10028#(and (= ~methaneLevelCritical~0 0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| ~waterLevel~0) (<= 0 (+ 2147483648 |old(~pumpRunning~0)|)) (= ~head~0.offset 0) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 2147483647) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 0)) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~6#1| 2)) (<= |old(~pumpRunning~0)| 2147483647) (= 1 ~systemActive~0) (<= 0 (+ |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 2147483648)) (= |timeShift_getWaterLevel_~retValue_acc~1#1| |timeShift_getWaterLevel_#res#1|) (= ~head~0.base 0) (<= 0 (+ |timeShift_getWaterLevel_~retValue_acc~1#1| 2147483648)) (= |#NULL.offset| 0) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (= |timeShift___utac_acc__Specification5_spec__3_~tmp~6#1| |timeShift_getWaterLevel_#res#1|) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1|) (<= |timeShift_getWaterLevel_~retValue_acc~1#1| 2147483647) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 02:42:54,312 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 02:42:54,312 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 02:42:54,312 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 6, 6] total 15 [2022-11-03 02:42:54,313 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [296667118] [2022-11-03 02:42:54,313 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 02:42:54,313 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 15 states [2022-11-03 02:42:54,314 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:42:54,314 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 15 interpolants. [2022-11-03 02:42:54,315 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=302, Invalid=2050, Unknown=0, NotChecked=0, Total=2352 [2022-11-03 02:42:54,316 INFO L87 Difference]: Start difference. First operand 360 states and 432 transitions. Second operand has 15 states, 11 states have (on average 8.272727272727273) internal successors, (91), 13 states have internal predecessors, (91), 7 states have call successors, (22), 4 states have call predecessors, (22), 8 states have return successors, (21), 9 states have call predecessors, (21), 7 states have call successors, (21) [2022-11-03 02:42:55,593 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:42:55,593 INFO L93 Difference]: Finished difference Result 510 states and 624 transitions. [2022-11-03 02:42:55,594 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 26 states. [2022-11-03 02:42:55,594 INFO L78 Accepts]: Start accepts. Automaton has has 15 states, 11 states have (on average 8.272727272727273) internal successors, (91), 13 states have internal predecessors, (91), 7 states have call successors, (22), 4 states have call predecessors, (22), 8 states have return successors, (21), 9 states have call predecessors, (21), 7 states have call successors, (21) Word has length 76 [2022-11-03 02:42:55,595 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:42:55,598 INFO L225 Difference]: With dead ends: 510 [2022-11-03 02:42:55,598 INFO L226 Difference]: Without dead ends: 508 [2022-11-03 02:42:55,600 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 261 GetRequests, 180 SyntacticMatches, 15 SemanticMatches, 66 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1924 ImplicationChecksByTransitivity, 9.2s TimeCoverageRelationStatistics Valid=530, Invalid=4026, Unknown=0, NotChecked=0, Total=4556 [2022-11-03 02:42:55,601 INFO L413 NwaCegarLoop]: 152 mSDtfsCounter, 343 mSDsluCounter, 1035 mSDsCounter, 0 mSdLazyCounter, 760 mSolverCounterSat, 231 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 348 SdHoareTripleChecker+Valid, 969 SdHoareTripleChecker+Invalid, 991 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 231 IncrementalHoareTripleChecker+Valid, 760 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2022-11-03 02:42:55,601 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [348 Valid, 969 Invalid, 991 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [231 Valid, 760 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2022-11-03 02:42:55,602 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 508 states. [2022-11-03 02:42:55,641 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 508 to 426. [2022-11-03 02:42:55,643 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 426 states, 284 states have (on average 1.2288732394366197) internal successors, (349), 316 states have internal predecessors, (349), 74 states have call successors, (74), 61 states have call predecessors, (74), 67 states have return successors, (89), 72 states have call predecessors, (89), 74 states have call successors, (89) [2022-11-03 02:42:55,646 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 426 states to 426 states and 512 transitions. [2022-11-03 02:42:55,646 INFO L78 Accepts]: Start accepts. Automaton has 426 states and 512 transitions. Word has length 76 [2022-11-03 02:42:55,646 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:42:55,647 INFO L495 AbstractCegarLoop]: Abstraction has 426 states and 512 transitions. [2022-11-03 02:42:55,647 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 15 states, 11 states have (on average 8.272727272727273) internal successors, (91), 13 states have internal predecessors, (91), 7 states have call successors, (22), 4 states have call predecessors, (22), 8 states have return successors, (21), 9 states have call predecessors, (21), 7 states have call successors, (21) [2022-11-03 02:42:55,647 INFO L276 IsEmpty]: Start isEmpty. Operand 426 states and 512 transitions. [2022-11-03 02:42:55,649 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 97 [2022-11-03 02:42:55,649 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:42:55,649 INFO L195 NwaCegarLoop]: trace histogram [4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:42:55,689 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-03 02:42:55,874 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:42:55,874 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:42:55,875 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:42:55,875 INFO L85 PathProgramCache]: Analyzing trace with hash -735363460, now seen corresponding path program 1 times [2022-11-03 02:42:55,875 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:42:55,875 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1880423210] [2022-11-03 02:42:55,876 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:42:55,876 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:42:55,908 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:42:56,174 INFO L134 CoverageAnalysis]: Checked inductivity of 73 backedges. 35 proven. 3 refuted. 0 times theorem prover too weak. 35 trivial. 0 not checked. [2022-11-03 02:42:56,175 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:42:56,175 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1880423210] [2022-11-03 02:42:56,175 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1880423210] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:42:56,175 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1303361496] [2022-11-03 02:42:56,175 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:42:56,176 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:42:56,177 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:42:56,178 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:42:56,213 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-11-03 02:42:56,332 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:42:56,335 INFO L263 TraceCheckSpWp]: Trace formula consists of 551 conjuncts, 18 conjunts are in the unsatisfiable core [2022-11-03 02:42:56,339 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:42:56,584 INFO L134 CoverageAnalysis]: Checked inductivity of 73 backedges. 66 proven. 3 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-11-03 02:42:56,584 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 02:42:56,989 INFO L134 CoverageAnalysis]: Checked inductivity of 73 backedges. 48 proven. 3 refuted. 0 times theorem prover too weak. 22 trivial. 0 not checked. [2022-11-03 02:42:56,989 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1303361496] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 02:42:56,989 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1428287808] [2022-11-03 02:42:56,992 INFO L159 IcfgInterpreter]: Started Sifa with 46 locations of interest [2022-11-03 02:42:56,992 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 02:42:56,993 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 02:42:56,993 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 02:42:56,993 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 02:43:06,548 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 309 for LOIs [2022-11-03 02:43:06,632 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 49 for LOIs [2022-11-03 02:43:07,223 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__lowWaterSensor with input of size 29 for LOIs [2022-11-03 02:43:07,271 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 26 for LOIs [2022-11-03 02:43:07,294 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 42 for LOIs [2022-11-03 02:43:07,306 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 02:43:15,094 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '12131#(and (<= 0 |old(~pumpRunning~0)|) (= |timeShift_getWaterLevel_~retValue_acc~1#1| ~waterLevel~0) (= ~head~0.offset 0) (<= 1 ~systemActive~0) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 1) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~6#1| 2)) (<= |#NULL.offset| 0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| |timeShift_getWaterLevel_#res#1|) (<= |old(~pumpRunning~0)| 0) (<= ~methaneLevelCritical~0 0) (<= 0 ~head~0.base) (<= 0 ~methaneLevelCritical~0) (= |old(~waterLevel~0)| ~waterLevel~0) (<= 1 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1|) (<= 2 |timeShift_getWaterLevel_#res#1|) (<= ~head~0.base 0) (<= 0 |#NULL.offset|) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (= |timeShift___utac_acc__Specification5_spec__3_~tmp~6#1| |timeShift_getWaterLevel_#res#1|) (<= |timeShift_getWaterLevel_~retValue_acc~1#1| 2147483647) (= ~pumpRunning~0 1) (<= ~systemActive~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 02:43:15,094 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 02:43:15,094 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 02:43:15,094 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 9, 9] total 20 [2022-11-03 02:43:15,095 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2024638708] [2022-11-03 02:43:15,095 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 02:43:15,095 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 20 states [2022-11-03 02:43:15,096 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:43:15,096 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 20 interpolants. [2022-11-03 02:43:15,097 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=278, Invalid=1978, Unknown=0, NotChecked=0, Total=2256 [2022-11-03 02:43:15,097 INFO L87 Difference]: Start difference. First operand 426 states and 512 transitions. Second operand has 20 states, 20 states have (on average 5.65) internal successors, (113), 20 states have internal predecessors, (113), 9 states have call successors, (23), 5 states have call predecessors, (23), 8 states have return successors, (24), 10 states have call predecessors, (24), 9 states have call successors, (24) [2022-11-03 02:43:17,200 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:43:17,201 INFO L93 Difference]: Finished difference Result 1331 states and 1745 transitions. [2022-11-03 02:43:17,201 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 32 states. [2022-11-03 02:43:17,202 INFO L78 Accepts]: Start accepts. Automaton has has 20 states, 20 states have (on average 5.65) internal successors, (113), 20 states have internal predecessors, (113), 9 states have call successors, (23), 5 states have call predecessors, (23), 8 states have return successors, (24), 10 states have call predecessors, (24), 9 states have call successors, (24) Word has length 96 [2022-11-03 02:43:17,202 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:43:17,208 INFO L225 Difference]: With dead ends: 1331 [2022-11-03 02:43:17,208 INFO L226 Difference]: Without dead ends: 899 [2022-11-03 02:43:17,211 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 341 GetRequests, 257 SyntacticMatches, 11 SemanticMatches, 73 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2227 ImplicationChecksByTransitivity, 8.8s TimeCoverageRelationStatistics Valid=654, Invalid=4896, Unknown=0, NotChecked=0, Total=5550 [2022-11-03 02:43:17,212 INFO L413 NwaCegarLoop]: 91 mSDtfsCounter, 587 mSDsluCounter, 582 mSDsCounter, 0 mSdLazyCounter, 1334 mSolverCounterSat, 380 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 592 SdHoareTripleChecker+Valid, 567 SdHoareTripleChecker+Invalid, 1714 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 380 IncrementalHoareTripleChecker+Valid, 1334 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:43:17,213 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [592 Valid, 567 Invalid, 1714 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [380 Valid, 1334 Invalid, 0 Unknown, 0 Unchecked, 1.1s Time] [2022-11-03 02:43:17,214 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 899 states. [2022-11-03 02:43:17,279 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 899 to 553. [2022-11-03 02:43:17,280 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 553 states, 372 states have (on average 1.2016129032258065) internal successors, (447), 408 states have internal predecessors, (447), 89 states have call successors, (89), 81 states have call predecessors, (89), 91 states have return successors, (111), 93 states have call predecessors, (111), 89 states have call successors, (111) [2022-11-03 02:43:17,283 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 553 states to 553 states and 647 transitions. [2022-11-03 02:43:17,284 INFO L78 Accepts]: Start accepts. Automaton has 553 states and 647 transitions. Word has length 96 [2022-11-03 02:43:17,284 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:43:17,284 INFO L495 AbstractCegarLoop]: Abstraction has 553 states and 647 transitions. [2022-11-03 02:43:17,284 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 20 states, 20 states have (on average 5.65) internal successors, (113), 20 states have internal predecessors, (113), 9 states have call successors, (23), 5 states have call predecessors, (23), 8 states have return successors, (24), 10 states have call predecessors, (24), 9 states have call successors, (24) [2022-11-03 02:43:17,285 INFO L276 IsEmpty]: Start isEmpty. Operand 553 states and 647 transitions. [2022-11-03 02:43:17,294 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 102 [2022-11-03 02:43:17,294 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:43:17,295 INFO L195 NwaCegarLoop]: trace histogram [5, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:43:17,343 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2022-11-03 02:43:17,510 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-03 02:43:17,510 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:43:17,511 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:43:17,511 INFO L85 PathProgramCache]: Analyzing trace with hash -1954110850, now seen corresponding path program 1 times [2022-11-03 02:43:17,511 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:43:17,511 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [539960396] [2022-11-03 02:43:17,511 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:43:17,511 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:43:17,549 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:43:19,021 INFO L134 CoverageAnalysis]: Checked inductivity of 84 backedges. 14 proven. 42 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2022-11-03 02:43:19,021 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:43:19,022 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [539960396] [2022-11-03 02:43:19,022 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [539960396] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:43:19,022 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1313029969] [2022-11-03 02:43:19,022 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:43:19,022 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:43:19,022 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:43:19,024 INFO L229 MonitoredProcess]: Starting monitored process 5 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:43:19,042 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2022-11-03 02:43:19,164 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:43:19,168 INFO L263 TraceCheckSpWp]: Trace formula consists of 565 conjuncts, 30 conjunts are in the unsatisfiable core [2022-11-03 02:43:19,172 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:43:19,624 INFO L134 CoverageAnalysis]: Checked inductivity of 84 backedges. 62 proven. 16 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2022-11-03 02:43:19,624 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 02:43:20,362 INFO L134 CoverageAnalysis]: Checked inductivity of 84 backedges. 54 proven. 5 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2022-11-03 02:43:20,362 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1313029969] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 02:43:20,362 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1908145966] [2022-11-03 02:43:20,365 INFO L159 IcfgInterpreter]: Started Sifa with 46 locations of interest [2022-11-03 02:43:20,365 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 02:43:20,366 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 02:43:20,366 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 02:43:20,366 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 02:43:25,400 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 35 for LOIs [2022-11-03 02:43:25,407 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 49 for LOIs [2022-11-03 02:43:25,901 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__lowWaterSensor with input of size 26 for LOIs [2022-11-03 02:43:25,941 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 26 for LOIs [2022-11-03 02:43:25,962 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 42 for LOIs [2022-11-03 02:43:25,968 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 02:43:33,675 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '15734#(and (<= 0 |old(~pumpRunning~0)|) (= |timeShift_getWaterLevel_~retValue_acc~1#1| ~waterLevel~0) (= ~head~0.offset 0) (<= 1 ~systemActive~0) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 1) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~6#1| 2)) (<= |#NULL.offset| 0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| |timeShift_getWaterLevel_#res#1|) (<= |old(~pumpRunning~0)| 0) (<= ~methaneLevelCritical~0 0) (<= 0 ~head~0.base) (<= 0 ~methaneLevelCritical~0) (= |old(~waterLevel~0)| ~waterLevel~0) (<= 1 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1|) (<= 2 |timeShift_getWaterLevel_#res#1|) (<= ~head~0.base 0) (<= 0 |#NULL.offset|) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (= |timeShift___utac_acc__Specification5_spec__3_~tmp~6#1| |timeShift_getWaterLevel_#res#1|) (<= |timeShift_getWaterLevel_~retValue_acc~1#1| 2147483647) (= ~pumpRunning~0 1) (<= ~systemActive~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 02:43:33,675 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 02:43:33,675 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 02:43:33,676 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [24, 11, 11] total 38 [2022-11-03 02:43:33,676 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1278526457] [2022-11-03 02:43:33,676 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 02:43:33,677 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 38 states [2022-11-03 02:43:33,678 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:43:33,678 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 38 interpolants. [2022-11-03 02:43:33,679 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=569, Invalid=3721, Unknown=0, NotChecked=0, Total=4290 [2022-11-03 02:43:33,680 INFO L87 Difference]: Start difference. First operand 553 states and 647 transitions. Second operand has 38 states, 35 states have (on average 4.485714285714286) internal successors, (157), 37 states have internal predecessors, (157), 18 states have call successors, (31), 8 states have call predecessors, (31), 13 states have return successors, (31), 19 states have call predecessors, (31), 17 states have call successors, (31) [2022-11-03 02:43:39,992 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:43:39,992 INFO L93 Difference]: Finished difference Result 1542 states and 1866 transitions. [2022-11-03 02:43:39,992 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 77 states. [2022-11-03 02:43:39,993 INFO L78 Accepts]: Start accepts. Automaton has has 38 states, 35 states have (on average 4.485714285714286) internal successors, (157), 37 states have internal predecessors, (157), 18 states have call successors, (31), 8 states have call predecessors, (31), 13 states have return successors, (31), 19 states have call predecessors, (31), 17 states have call successors, (31) Word has length 101 [2022-11-03 02:43:39,993 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:43:39,994 INFO L225 Difference]: With dead ends: 1542 [2022-11-03 02:43:39,994 INFO L226 Difference]: Without dead ends: 0 [2022-11-03 02:43:40,002 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 437 GetRequests, 291 SyntacticMatches, 11 SemanticMatches, 135 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7285 ImplicationChecksByTransitivity, 11.7s TimeCoverageRelationStatistics Valid=2432, Invalid=16200, Unknown=0, NotChecked=0, Total=18632 [2022-11-03 02:43:40,003 INFO L413 NwaCegarLoop]: 174 mSDtfsCounter, 2591 mSDsluCounter, 1191 mSDsCounter, 0 mSdLazyCounter, 2631 mSolverCounterSat, 1863 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 2.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2595 SdHoareTripleChecker+Valid, 1140 SdHoareTripleChecker+Invalid, 4494 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1863 IncrementalHoareTripleChecker+Valid, 2631 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.6s IncrementalHoareTripleChecker+Time [2022-11-03 02:43:40,004 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [2595 Valid, 1140 Invalid, 4494 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1863 Valid, 2631 Invalid, 0 Unknown, 0 Unchecked, 2.6s Time] [2022-11-03 02:43:40,005 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-03 02:43:40,005 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-03 02:43:40,006 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 02:43:40,006 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-03 02:43:40,006 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 101 [2022-11-03 02:43:40,006 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:43:40,007 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-03 02:43:40,007 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 38 states, 35 states have (on average 4.485714285714286) internal successors, (157), 37 states have internal predecessors, (157), 18 states have call successors, (31), 8 states have call predecessors, (31), 13 states have return successors, (31), 19 states have call predecessors, (31), 17 states have call successors, (31) [2022-11-03 02:43:40,007 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-03 02:43:40,007 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-03 02:43:40,010 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-03 02:43:40,059 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2022-11-03 02:43:40,238 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,5 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:43:40,240 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-03 02:43:50,109 INFO L895 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 293 300) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= |old(~pumpRunning~0)| 1))) (.cse2 (= ~pumpRunning~0 1))) (and (or .cse0 .cse1 (not (<= 1 ~switchedOnBeforeTS~0)) (not (< ~waterLevel~0 3)) .cse2) (or .cse0 (not (= 2 ~waterLevel~0)) .cse1 .cse2))) [2022-11-03 02:43:50,110 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 293 300) no Hoare annotation was computed. [2022-11-03 02:43:50,110 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 200 206) no Hoare annotation was computed. [2022-11-03 02:43:50,110 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 200 206) the Hoare annotation is: true [2022-11-03 02:43:50,110 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 84 95) the Hoare annotation is: true [2022-11-03 02:43:50,110 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 84 95) no Hoare annotation was computed. [2022-11-03 02:43:50,111 INFO L902 garLoopResultBuilder]: At program point L962-2(lines 962 976) the Hoare annotation is: true [2022-11-03 02:43:50,111 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 952 981) no Hoare annotation was computed. [2022-11-03 02:43:50,111 INFO L902 garLoopResultBuilder]: At program point L958(line 958) the Hoare annotation is: true [2022-11-03 02:43:50,111 INFO L899 garLoopResultBuilder]: For program point L958-1(line 958) no Hoare annotation was computed. [2022-11-03 02:43:50,111 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 952 981) the Hoare annotation is: true [2022-11-03 02:43:50,112 INFO L902 garLoopResultBuilder]: At program point L977(lines 952 981) the Hoare annotation is: true [2022-11-03 02:43:50,112 INFO L899 garLoopResultBuilder]: For program point L973(line 973) no Hoare annotation was computed. [2022-11-03 02:43:50,112 INFO L899 garLoopResultBuilder]: For program point L966(lines 966 970) no Hoare annotation was computed. [2022-11-03 02:43:50,112 INFO L902 garLoopResultBuilder]: At program point L966-1(lines 966 970) the Hoare annotation is: true [2022-11-03 02:43:50,112 INFO L899 garLoopResultBuilder]: For program point L568(lines 568 574) no Hoare annotation was computed. [2022-11-03 02:43:50,113 INFO L895 garLoopResultBuilder]: At program point L279(line 279) the Hoare annotation is: (let ((.cse4 (not (= |old(~waterLevel~0)| 2))) (.cse3 (not (= |old(~pumpRunning~0)| 1))) (.cse1 (not (< |old(~waterLevel~0)| 3))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0))) (.cse2 (not (= 1 ~systemActive~0)))) (and (or .cse0 (not (= 0 ~systemActive~0)) .cse1) (or .cse2 .cse3 .cse4) (or .cse0 .cse5 .cse2 .cse4) (or .cse2 .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|)) .cse1) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse5 .cse2))) [2022-11-03 02:43:50,114 INFO L895 garLoopResultBuilder]: At program point L279-1(lines 260 284) the Hoare annotation is: (let ((.cse7 (= ~pumpRunning~0 0)) (.cse9 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse8 (and .cse7 .cse9)) (.cse6 (not (= |old(~waterLevel~0)| 2))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (= |old(~pumpRunning~0)| 1))) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse5 (= ~pumpRunning~0 1)) (.cse10 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))) (and (or .cse0 (not (= 0 ~systemActive~0)) (not (< |old(~waterLevel~0)| 3))) (let ((.cse3 (= ~waterLevel~0 1))) (or .cse1 .cse2 (and .cse3 .cse4 .cse5) .cse6 (and .cse7 .cse3 .cse4))) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse8 .cse1) (or .cse1 .cse2 (and .cse7 .cse9 .cse4) (and .cse9 .cse4 .cse5) (not (<= |old(~waterLevel~0)| 0)) .cse10) (or .cse0 .cse8 .cse1 .cse6 (and .cse9 .cse5)) (let ((.cse11 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse12 (< 0 |old(~waterLevel~0)|))) (or (not (= |old(~waterLevel~0)| 1)) .cse1 .cse2 (and .cse7 .cse11 .cse12 .cse4) (and .cse11 .cse12 .cse4 .cse5) .cse10))))) [2022-11-03 02:43:50,115 INFO L895 garLoopResultBuilder]: At program point L531(line 531) the Hoare annotation is: (let ((.cse3 (not (= |old(~pumpRunning~0)| 1))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse1 (not (< |old(~waterLevel~0)| 3)))) (and (or .cse0 (not (= 0 ~systemActive~0)) .cse1) (or .cse2 .cse3 (not (= |old(~waterLevel~0)| 2))) (or .cse2 .cse3 (not (<= 1 |old(~switchedOnBeforeTS~0)|)) .cse1) (or .cse0 .cse2 .cse1))) [2022-11-03 02:43:50,115 INFO L899 garLoopResultBuilder]: For program point L180-2(lines 176 198) no Hoare annotation was computed. [2022-11-03 02:43:50,115 INFO L895 garLoopResultBuilder]: At program point L565(line 565) the Hoare annotation is: (let ((.cse6 (not (= |old(~waterLevel~0)| 2))) (.cse5 (not (= |old(~pumpRunning~0)| 1))) (.cse1 (<= 1 ~switchedOnBeforeTS~0)) (.cse3 (= ~pumpRunning~0 1)) (.cse4 (not (= 1 ~systemActive~0))) (.cse8 (not (= |old(~pumpRunning~0)| 0))) (.cse7 (= ~pumpRunning~0 0)) (.cse12 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse2 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~6#1| ~waterLevel~0)) (.cse9 (not (= 0 ~systemActive~0))) (.cse10 (not (< |old(~waterLevel~0)| 3)))) (and (let ((.cse0 (= ~waterLevel~0 1))) (or (and .cse0 .cse1 .cse2 .cse3) .cse4 .cse5 .cse6 (and .cse7 .cse0 .cse1 .cse2))) (or .cse8 .cse6 .cse9 .cse10) (let ((.cse11 (< 0 |old(~waterLevel~0)|))) (let ((.cse13 (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) .cse11))) (or (not (<= |old(~waterLevel~0)| 1)) .cse4 .cse5 (and .cse7 (or (and (not .cse11) .cse12) .cse13) .cse1 .cse2) (and (<= ~waterLevel~0 0) (or .cse13 .cse12) .cse1 .cse2 .cse3) (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) (or .cse8 .cse4 (and .cse7 (<= ~waterLevel~0 1) .cse12 .cse2) .cse10) (or .cse8 (and .cse7 .cse12 .cse2) .cse9 .cse10))) [2022-11-03 02:43:50,116 INFO L899 garLoopResultBuilder]: For program point L565-1(line 565) no Hoare annotation was computed. [2022-11-03 02:43:50,116 INFO L899 garLoopResultBuilder]: For program point L268(lines 268 276) no Hoare annotation was computed. [2022-11-03 02:43:50,116 INFO L895 garLoopResultBuilder]: At program point L264(lines 264 281) the Hoare annotation is: (let ((.cse8 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse5 (not (= |old(~waterLevel~0)| 2))) (.cse2 (not (= |old(~pumpRunning~0)| 1))) (.cse3 (<= 1 ~switchedOnBeforeTS~0)) (.cse4 (= ~pumpRunning~0 1)) (.cse7 (not (<= |old(~waterLevel~0)| 1))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (and (= ~pumpRunning~0 0) .cse8)) (.cse1 (not (= 1 ~systemActive~0)))) (and (or .cse0 (not (= 0 ~systemActive~0)) (not (< |old(~waterLevel~0)| 3))) (or .cse1 .cse2 (and (= ~waterLevel~0 1) .cse3 .cse4) .cse5) (or .cse0 .cse6 .cse1 .cse5) (or .cse7 .cse1 .cse2 (and (<= ~waterLevel~0 0) (or (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) (< 0 |old(~waterLevel~0)|)) .cse8) .cse3 .cse4) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse7 .cse0 .cse6 .cse1)))) [2022-11-03 02:43:50,117 INFO L895 garLoopResultBuilder]: At program point L550(line 550) the Hoare annotation is: (let ((.cse10 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse5 (<= 1 ~switchedOnBeforeTS~0)) (.cse4 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse6 (not (< |old(~waterLevel~0)| 3))) (.cse2 (not (= |old(~pumpRunning~0)| 1))) (.cse9 (not (= |old(~waterLevel~0)| 2))) (.cse3 (and .cse10 (= ~pumpRunning~0 1))) (.cse0 (not (<= |old(~waterLevel~0)| 1))) (.cse7 (not (= |old(~pumpRunning~0)| 0))) (.cse8 (and (= ~pumpRunning~0 0) .cse10)) (.cse1 (not (= 1 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse1 .cse2 .cse5 .cse4 .cse6) (or .cse7 .cse8 .cse1 .cse9) (or .cse7 .cse1 .cse5 .cse4 .cse6) (or .cse7 .cse8 (not (= 0 ~systemActive~0)) .cse6) (or .cse1 .cse2 .cse9 .cse3) (or .cse0 .cse7 .cse8 .cse1)))) [2022-11-03 02:43:50,117 INFO L895 garLoopResultBuilder]: At program point L550-1(line 550) the Hoare annotation is: (let ((.cse7 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (and (= ~pumpRunning~0 0) .cse7)) (.cse4 (not (< |old(~waterLevel~0)| 3))) (.cse2 (not (= 1 ~systemActive~0))) (.cse5 (and (<= 1 |timeShift___utac_acc__Specification5_spec__2_#t~ret28#1|) .cse7 (= ~pumpRunning~0 1))) (.cse6 (not (= |old(~pumpRunning~0)| 1))) (.cse3 (not (= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse1 (not (= 0 ~systemActive~0)) .cse4) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse2) (or .cse2 .cse5 .cse6 (not (<= 1 |old(~switchedOnBeforeTS~0)|)) .cse4) (or .cse2 .cse5 .cse6 .cse3)))) [2022-11-03 02:43:50,117 INFO L895 garLoopResultBuilder]: At program point L187-1(lines 187 193) the Hoare annotation is: (let ((.cse6 (= ~pumpRunning~0 0)) (.cse9 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse7 (not (= |old(~pumpRunning~0)| 0))) (.cse8 (and .cse6 .cse9)) (.cse5 (not (= |old(~waterLevel~0)| 2))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= |old(~pumpRunning~0)| 1))) (.cse3 (<= 1 ~switchedOnBeforeTS~0)) (.cse4 (= ~pumpRunning~0 1)) (.cse10 (not (<= 1 |old(~switchedOnBeforeTS~0)|)))) (and (let ((.cse2 (= ~waterLevel~0 1))) (or .cse0 .cse1 (and .cse2 .cse3 .cse4) .cse5 (and .cse6 .cse2 .cse3))) (or .cse7 .cse8 (not (= 0 ~systemActive~0)) (not (< |old(~waterLevel~0)| 3))) (or (not (<= |old(~waterLevel~0)| 1)) .cse7 .cse8 .cse0) (or .cse0 .cse1 (and .cse6 .cse9 .cse3) (and .cse9 .cse3 .cse4) (not (<= |old(~waterLevel~0)| 0)) .cse10) (or .cse7 .cse8 .cse0 .cse5 (and .cse9 .cse4)) (let ((.cse11 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse12 (< 0 |old(~waterLevel~0)|))) (or (not (= |old(~waterLevel~0)| 1)) .cse0 .cse1 (and .cse6 .cse11 .cse12 .cse3) (and .cse11 .cse12 .cse3 .cse4) .cse10))))) [2022-11-03 02:43:50,118 INFO L899 garLoopResultBuilder]: For program point L567(lines 567 577) no Hoare annotation was computed. [2022-11-03 02:43:50,118 INFO L899 garLoopResultBuilder]: For program point L563(lines 563 580) no Hoare annotation was computed. [2022-11-03 02:43:50,118 INFO L895 garLoopResultBuilder]: At program point L274(line 274) the Hoare annotation is: (let ((.cse3 (not (= |old(~pumpRunning~0)| 1))) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse5 (= ~pumpRunning~0 1)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse1 (not (< |old(~waterLevel~0)| 3)))) (and (or .cse0 (not (= 0 ~systemActive~0)) .cse1) (or .cse2 .cse3 (and (= ~waterLevel~0 1) .cse4 .cse5) (not (= |old(~waterLevel~0)| 2))) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse3 (and (<= ~waterLevel~0 0) (or (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) (< 0 |old(~waterLevel~0)|)) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse4 .cse5) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 .cse2 .cse1))) [2022-11-03 02:43:50,119 INFO L895 garLoopResultBuilder]: At program point L563-1(lines 555 583) the Hoare annotation is: (let ((.cse7 (= ~pumpRunning~0 0)) (.cse10 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse2 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~6#1| ~waterLevel~0))) (let ((.cse11 (not (<= |old(~waterLevel~0)| 1))) (.cse4 (not (= 1 ~systemActive~0))) (.cse5 (not (= |old(~pumpRunning~0)| 1))) (.cse1 (<= 1 ~switchedOnBeforeTS~0)) (.cse3 (= ~pumpRunning~0 1)) (.cse8 (not (= |old(~pumpRunning~0)| 0))) (.cse9 (and .cse7 .cse10 .cse2)) (.cse6 (not (= |old(~waterLevel~0)| 2))) (.cse12 (not (= 0 ~systemActive~0)))) (and (let ((.cse0 (= ~waterLevel~0 1))) (or (and .cse0 .cse1 .cse2 .cse3) .cse4 .cse5 .cse6 (and .cse7 .cse0 .cse1 .cse2))) (or .cse8 .cse9 .cse4 (and (= |timeShift___utac_acc__Specification5_spec__3_~tmp~6#1| 2) .cse10 .cse2 .cse3) (not (< |old(~waterLevel~0)| 3))) (or .cse11 .cse8 .cse9 .cse12) (let ((.cse13 (< 0 |old(~waterLevel~0)|))) (let ((.cse14 (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) .cse13))) (or .cse11 .cse4 .cse5 (and .cse7 (or (and (not .cse13) .cse10) .cse14) .cse1 .cse2) (and (<= ~waterLevel~0 0) (or .cse14 .cse10) .cse1 .cse2 .cse3) (not (<= 1 |old(~switchedOnBeforeTS~0)|))))) (or .cse8 .cse9 .cse6 .cse12)))) [2022-11-03 02:43:50,119 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 173 199) the Hoare annotation is: (let ((.cse10 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse5 (<= 1 ~switchedOnBeforeTS~0)) (.cse4 (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (.cse6 (not (< |old(~waterLevel~0)| 3))) (.cse2 (not (= |old(~pumpRunning~0)| 1))) (.cse9 (not (= |old(~waterLevel~0)| 2))) (.cse3 (and .cse10 (= ~pumpRunning~0 1))) (.cse0 (not (<= |old(~waterLevel~0)| 1))) (.cse7 (not (= |old(~pumpRunning~0)| 0))) (.cse8 (and (= ~pumpRunning~0 0) .cse10)) (.cse1 (not (= 1 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse1 .cse2 .cse5 .cse4 .cse6) (or .cse7 .cse8 .cse1 .cse9) (or .cse7 .cse1 .cse5 .cse4 .cse6) (or .cse7 .cse8 (not (= 0 ~systemActive~0)) .cse6) (or .cse1 .cse2 .cse9 .cse3) (or .cse0 .cse7 .cse8 .cse1)))) [2022-11-03 02:43:50,119 INFO L895 garLoopResultBuilder]: At program point L270(line 270) the Hoare annotation is: (let ((.cse3 (not (= |old(~pumpRunning~0)| 1))) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse5 (= ~pumpRunning~0 1)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse1 (not (< |old(~waterLevel~0)| 3)))) (and (or .cse0 (not (= 0 ~systemActive~0)) .cse1) (or .cse2 .cse3 (and (= ~waterLevel~0 1) .cse4 .cse5) (not (= |old(~waterLevel~0)| 2))) (or (not (<= |old(~waterLevel~0)| 1)) .cse2 .cse3 (and (<= ~waterLevel~0 0) (or (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) (< 0 |old(~waterLevel~0)|)) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse4 .cse5) (not (<= 1 |old(~switchedOnBeforeTS~0)|))) (or .cse0 .cse2 .cse1))) [2022-11-03 02:43:50,120 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 173 199) no Hoare annotation was computed. [2022-11-03 02:43:50,120 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 531) no Hoare annotation was computed. [2022-11-03 02:43:50,120 INFO L895 garLoopResultBuilder]: At program point L477(lines 430 479) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse3 (< ~waterLevel~0 3)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (= ~pumpRunning~0 1))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse3 .cse4) (and .cse0 .cse2 (= 0 ~systemActive~0) .cse3) (and (= 2 ~waterLevel~0) .cse1 .cse2 .cse4))) [2022-11-03 02:43:50,120 INFO L899 garLoopResultBuilder]: For program point L440(lines 440 446) no Hoare annotation was computed. [2022-11-03 02:43:50,121 INFO L899 garLoopResultBuilder]: For program point L440-1(lines 440 446) no Hoare annotation was computed. [2022-11-03 02:43:50,121 INFO L899 garLoopResultBuilder]: For program point L399(lines 399 405) no Hoare annotation was computed. [2022-11-03 02:43:50,121 INFO L895 garLoopResultBuilder]: At program point L399-1(lines 399 405) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0) (< ~waterLevel~0 3)) [2022-11-03 02:43:50,121 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-03 02:43:50,121 INFO L902 garLoopResultBuilder]: At program point L483(lines 420 487) the Hoare annotation is: true [2022-11-03 02:43:50,121 INFO L899 garLoopResultBuilder]: For program point L450(lines 450 456) no Hoare annotation was computed. [2022-11-03 02:43:50,122 INFO L899 garLoopResultBuilder]: For program point L450-1(lines 450 456) no Hoare annotation was computed. [2022-11-03 02:43:50,122 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-03 02:43:50,122 INFO L895 garLoopResultBuilder]: At program point L442(line 442) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse3 (< ~waterLevel~0 3)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (= ~pumpRunning~0 1))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse3 .cse4) (and .cse0 .cse2 (= 0 ~systemActive~0) .cse3) (and (= 2 ~waterLevel~0) .cse1 .cse2 .cse4))) [2022-11-03 02:43:50,122 INFO L895 garLoopResultBuilder]: At program point L401(line 401) the Hoare annotation is: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (= ~pumpRunning~0 1))) (or (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) (< ~waterLevel~0 3) .cse2) (and (= 2 ~waterLevel~0) .cse0 .cse1 .cse2))) [2022-11-03 02:43:50,123 INFO L895 garLoopResultBuilder]: At program point L480(lines 429 481) the Hoare annotation is: false [2022-11-03 02:43:50,123 INFO L899 garLoopResultBuilder]: For program point L468(lines 468 474) no Hoare annotation was computed. [2022-11-03 02:43:50,123 INFO L895 garLoopResultBuilder]: At program point L468-2(lines 460 475) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse3 (< ~waterLevel~0 3)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (= ~pumpRunning~0 1))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse3 .cse4) (and .cse0 .cse2 (= 0 ~systemActive~0) .cse3) (and (= 2 ~waterLevel~0) .cse1 .cse2 .cse4))) [2022-11-03 02:43:50,123 INFO L899 garLoopResultBuilder]: For program point L431(lines 430 479) no Hoare annotation was computed. [2022-11-03 02:43:50,123 INFO L895 garLoopResultBuilder]: At program point L460(lines 460 475) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse3 (< ~waterLevel~0 3)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (= ~pumpRunning~0 1))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse3 .cse4) (and .cse0 .cse2 (= 0 ~systemActive~0) .cse3) (and (= 2 ~waterLevel~0) .cse1 .cse2 .cse4))) [2022-11-03 02:43:50,124 INFO L895 garLoopResultBuilder]: At program point L1034(lines 1034 1041) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-03 02:43:50,124 INFO L902 garLoopResultBuilder]: At program point L1034-2(lines 1034 1041) the Hoare annotation is: true [2022-11-03 02:43:50,124 INFO L895 garLoopResultBuilder]: At program point L452(line 452) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse3 (< ~waterLevel~0 3)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (= ~pumpRunning~0 1))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse1 .cse2 (<= 1 ~switchedOnBeforeTS~0) .cse3 .cse4) (and .cse0 .cse2 (= 0 ~systemActive~0) .cse3) (and (= 2 ~waterLevel~0) .cse1 .cse2 .cse4))) [2022-11-03 02:43:50,124 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 208 232) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= |old(~pumpRunning~0)| 1))) (.cse2 (not (<= 1 ~switchedOnBeforeTS~0))) (.cse3 (= ~pumpRunning~0 1))) (and (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) .cse0 (not (< ~waterLevel~0 3))) (or (not (<= ~waterLevel~0 0)) .cse0 .cse1 .cse2 .cse3) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2 .cse3))) [2022-11-03 02:43:50,125 INFO L895 garLoopResultBuilder]: At program point L222(line 222) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= |old(~pumpRunning~0)| 1))) (.cse2 (not (<= 1 ~switchedOnBeforeTS~0)))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and (= ~pumpRunning~0 0) (or (<= 2 ~waterLevel~0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~0#1| 0))) (not (< ~waterLevel~0 3))) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2) (or (not (<= ~waterLevel~0 0)) .cse0 .cse1 .cse2))) [2022-11-03 02:43:50,125 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 208 232) no Hoare annotation was computed. [2022-11-03 02:43:50,125 INFO L895 garLoopResultBuilder]: At program point L216(lines 216 224) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= |old(~pumpRunning~0)| 1))) (.cse2 (not (<= 1 ~switchedOnBeforeTS~0)))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and (= ~pumpRunning~0 0) (or (<= 2 ~waterLevel~0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~0#1| 0))) (not (< ~waterLevel~0 3))) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2) (or (not (<= ~waterLevel~0 0)) .cse0 .cse1 .cse2))) [2022-11-03 02:43:50,125 INFO L895 garLoopResultBuilder]: At program point L212(lines 212 229) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= |old(~pumpRunning~0)| 1))) (.cse2 (not (<= 1 ~switchedOnBeforeTS~0))) (.cse3 (= ~pumpRunning~0 1))) (and (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) .cse0 (not (< ~waterLevel~0 3))) (or (not (<= ~waterLevel~0 0)) .cse0 .cse1 .cse2 .cse3) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2 .cse3))) [2022-11-03 02:43:50,126 INFO L895 garLoopResultBuilder]: At program point L227(line 227) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= |old(~pumpRunning~0)| 1))) (.cse2 (not (<= 1 ~switchedOnBeforeTS~0))) (.cse3 (= ~pumpRunning~0 1))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (not (< ~waterLevel~0 3))) (or (not (<= ~waterLevel~0 0)) .cse0 .cse1 .cse2 .cse3) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2 .cse3))) [2022-11-03 02:43:50,126 INFO L899 garLoopResultBuilder]: For program point L227-1(lines 208 232) no Hoare annotation was computed. [2022-11-03 02:43:50,126 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 72 83) no Hoare annotation was computed. [2022-11-03 02:43:50,126 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 72 83) the Hoare annotation is: (let ((.cse0 (not (= ~pumpRunning~0 0))) (.cse6 (not (= |old(~waterLevel~0)| 2))) (.cse2 (not (= 0 ~systemActive~0))) (.cse3 (not (= 1 ~systemActive~0))) (.cse5 (not (= ~pumpRunning~0 1))) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (not (< |old(~waterLevel~0)| 3)))) (and (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse1 .cse2) (or .cse0 .cse3 .cse1 .cse4) (or .cse3 .cse5 .cse6 .cse1) (or .cse0 .cse6 .cse1 .cse2) (or .cse3 .cse5 .cse1 (not (<= 1 ~switchedOnBeforeTS~0)) .cse4))) [2022-11-03 02:43:50,127 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__lowWaterSensorENTRY(lines 234 258) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= |old(~pumpRunning~0)| 1))) (.cse2 (not (<= 1 ~switchedOnBeforeTS~0))) (.cse3 (= ~pumpRunning~0 1))) (and (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) .cse0 (not (< ~waterLevel~0 3))) (or (not (<= ~waterLevel~0 0)) .cse0 .cse1 .cse2 .cse3) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2 .cse3))) [2022-11-03 02:43:50,127 INFO L895 garLoopResultBuilder]: At program point L248(line 248) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= |old(~pumpRunning~0)| 1))) (.cse2 (not (<= 1 ~switchedOnBeforeTS~0))) (.cse3 (= ~pumpRunning~0 1))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (not (< ~waterLevel~0 3))) (or (not (<= ~waterLevel~0 0)) .cse0 .cse1 .cse2 .cse3) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2 .cse3))) [2022-11-03 02:43:50,127 INFO L895 garLoopResultBuilder]: At program point L244(line 244) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= |old(~pumpRunning~0)| 1))) (.cse2 (not (<= 1 ~switchedOnBeforeTS~0))) (.cse3 (= ~pumpRunning~0 1))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (not (< ~waterLevel~0 3))) (or (not (<= ~waterLevel~0 0)) .cse0 .cse1 .cse2 .cse3) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2 .cse3))) [2022-11-03 02:43:50,127 INFO L899 garLoopResultBuilder]: For program point L242(lines 242 250) no Hoare annotation was computed. [2022-11-03 02:43:50,128 INFO L895 garLoopResultBuilder]: At program point L238(lines 238 255) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= |old(~pumpRunning~0)| 1))) (.cse2 (not (<= 1 ~switchedOnBeforeTS~0))) (.cse3 (= ~pumpRunning~0 1))) (and (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) .cse0 (not (< ~waterLevel~0 3))) (or (not (<= ~waterLevel~0 0)) .cse0 .cse1 .cse2 .cse3) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2 .cse3))) [2022-11-03 02:43:50,128 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__lowWaterSensorEXIT(lines 234 258) no Hoare annotation was computed. [2022-11-03 02:43:50,128 INFO L895 garLoopResultBuilder]: At program point L253(line 253) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= |old(~pumpRunning~0)| 1))) (.cse2 (not (<= 1 ~switchedOnBeforeTS~0)))) (and (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) .cse0 (not (< ~waterLevel~0 3))) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2) (or (not (<= ~waterLevel~0 0)) .cse0 .cse1 .cse2))) [2022-11-03 02:43:50,128 INFO L899 garLoopResultBuilder]: For program point L253-1(lines 234 258) no Hoare annotation was computed. [2022-11-03 02:43:50,129 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 312 320) no Hoare annotation was computed. [2022-11-03 02:43:50,129 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 312 320) the Hoare annotation is: true [2022-11-03 02:43:50,131 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:43:50,134 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-03 02:43:50,170 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 03.11 02:43:50 BoogieIcfgContainer [2022-11-03 02:43:50,170 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-03 02:43:50,171 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-03 02:43:50,171 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-03 02:43:50,172 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-03 02:43:50,172 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 02:42:27" (3/4) ... [2022-11-03 02:43:50,175 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-03 02:43:50,181 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-11-03 02:43:50,181 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-03 02:43:50,181 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-03 02:43:50,181 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-03 02:43:50,181 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-03 02:43:50,182 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 02:43:50,182 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-03 02:43:50,182 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__lowWaterSensor [2022-11-03 02:43:50,182 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-11-03 02:43:50,190 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 78 nodes and edges [2022-11-03 02:43:50,191 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 30 nodes and edges [2022-11-03 02:43:50,191 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 12 nodes and edges [2022-11-03 02:43:50,192 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-03 02:43:50,192 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-11-03 02:43:50,193 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 02:43:50,193 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 02:43:50,219 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) == 2)) && (((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(0 == systemActive)) || !(\old(waterLevel) < 3))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive))) && ((((!(1 == systemActive) || ((1 <= aux-isPumpRunning()-aux && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(\old(pumpRunning) == 1)) || !(1 <= \old(switchedOnBeforeTS))) || !(\old(waterLevel) < 3))) && (((!(1 == systemActive) || ((1 <= aux-isPumpRunning()-aux && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) [2022-11-03 02:43:50,220 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || ((waterLevel == 1 && 1 <= switchedOnBeforeTS) && pumpRunning == 1)) || !(\old(waterLevel) == 2)) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(0 == systemActive)) || !(\old(waterLevel) < 3))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive))) && (((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((\old(waterLevel) == waterLevel && 1 <= switchedOnBeforeTS) && pumpRunning == 1)) || !(\old(waterLevel) <= 0)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) == 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || (((pumpRunning == 0 && \old(waterLevel) == waterLevel + 1) && 0 < \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || (((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) && 1 <= switchedOnBeforeTS) && pumpRunning == 1)) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-03 02:43:50,221 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((waterLevel == 1 && 1 <= switchedOnBeforeTS) && tmp == waterLevel) && pumpRunning == 1) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || (((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS) && tmp == waterLevel)) && ((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && tmp == waterLevel)) || !(1 == systemActive)) || (((tmp == 2 && \old(waterLevel) == waterLevel) && tmp == waterLevel) && pumpRunning == 1)) || !(\old(waterLevel) < 3))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && tmp == waterLevel)) || !(0 == systemActive))) && (((((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || (((pumpRunning == 0 && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && 1 <= switchedOnBeforeTS) && tmp == waterLevel)) || ((((waterLevel <= 0 && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && 1 <= switchedOnBeforeTS) && tmp == waterLevel) && pumpRunning == 1)) || !(1 <= \old(switchedOnBeforeTS)))) && (((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && tmp == waterLevel)) || !(\old(waterLevel) == 2)) || !(0 == systemActive)) [2022-11-03 02:43:50,221 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || !(\old(waterLevel) < 3)) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || ((waterLevel == 1 && 1 <= switchedOnBeforeTS) && pumpRunning == 1)) || !(\old(waterLevel) == 2))) && (((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) == 2))) && ((((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || (((waterLevel <= 0 && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && 1 <= switchedOnBeforeTS) && pumpRunning == 1)) || !(1 <= \old(switchedOnBeforeTS)))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) [2022-11-03 02:43:50,221 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || !(\old(waterLevel) < 3)) && ((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(1 <= \old(switchedOnBeforeTS))) || !(\old(waterLevel) < 3))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) < 3)) [2022-11-03 02:43:50,221 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || !(\old(waterLevel) < 3)) && ((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || ((waterLevel == 1 && 1 <= switchedOnBeforeTS) && pumpRunning == 1)) || !(\old(waterLevel) == 2)) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive))) && (((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((\old(waterLevel) == waterLevel && 1 <= switchedOnBeforeTS) && pumpRunning == 1)) || !(\old(waterLevel) <= 0)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) == 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || (((pumpRunning == 0 && \old(waterLevel) == waterLevel + 1) && 0 < \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || (((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) && 1 <= switchedOnBeforeTS) && pumpRunning == 1)) || !(1 <= \old(switchedOnBeforeTS))) [2022-11-03 02:43:50,222 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(waterLevel < 3)) && ((((!(waterLevel <= 0) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(1 <= switchedOnBeforeTS)) || pumpRunning == 1)) && ((((!(waterLevel == 1) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(1 <= switchedOnBeforeTS)) || pumpRunning == 1) [2022-11-03 02:43:50,222 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(waterLevel < 3)) && ((((!(waterLevel <= 0) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(1 <= switchedOnBeforeTS)) || pumpRunning == 1)) && ((((!(waterLevel == 1) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(1 <= switchedOnBeforeTS)) || pumpRunning == 1) [2022-11-03 02:43:50,223 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && (2 <= waterLevel || tmp == 0))) || !(waterLevel < 3)) && (((!(waterLevel == 1) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(1 <= switchedOnBeforeTS))) && (((!(waterLevel <= 0) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(1 <= switchedOnBeforeTS)) [2022-11-03 02:43:50,253 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/witness.graphml [2022-11-03 02:43:50,253 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-03 02:43:50,254 INFO L158 Benchmark]: Toolchain (without parser) took 84589.01ms. Allocated memory was 121.6MB in the beginning and 673.2MB in the end (delta: 551.6MB). Free memory was 85.5MB in the beginning and 542.9MB in the end (delta: -457.4MB). Peak memory consumption was 93.9MB. Max. memory is 16.1GB. [2022-11-03 02:43:50,254 INFO L158 Benchmark]: CDTParser took 0.87ms. Allocated memory is still 81.8MB. Free memory is still 35.3MB. There was no memory consumed. Max. memory is 16.1GB. [2022-11-03 02:43:50,255 INFO L158 Benchmark]: CACSL2BoogieTranslator took 725.93ms. Allocated memory is still 121.6MB. Free memory was 85.5MB in the beginning and 82.5MB in the end (delta: 3.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2022-11-03 02:43:50,255 INFO L158 Benchmark]: Boogie Procedure Inliner took 66.21ms. Allocated memory is still 121.6MB. Free memory was 82.5MB in the beginning and 79.9MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-03 02:43:50,255 INFO L158 Benchmark]: Boogie Preprocessor took 50.04ms. Allocated memory is still 121.6MB. Free memory was 79.9MB in the beginning and 78.3MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-03 02:43:50,256 INFO L158 Benchmark]: RCFGBuilder took 949.49ms. Allocated memory is still 121.6MB. Free memory was 78.3MB in the beginning and 42.2MB in the end (delta: 36.1MB). Peak memory consumption was 35.7MB. Max. memory is 16.1GB. [2022-11-03 02:43:50,256 INFO L158 Benchmark]: TraceAbstraction took 82706.54ms. Allocated memory was 121.6MB in the beginning and 673.2MB in the end (delta: 551.6MB). Free memory was 41.5MB in the beginning and 549.2MB in the end (delta: -507.7MB). Peak memory consumption was 363.1MB. Max. memory is 16.1GB. [2022-11-03 02:43:50,256 INFO L158 Benchmark]: Witness Printer took 82.17ms. Allocated memory is still 673.2MB. Free memory was 549.2MB in the beginning and 542.9MB in the end (delta: 6.3MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-11-03 02:43:50,258 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.87ms. Allocated memory is still 81.8MB. Free memory is still 35.3MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 725.93ms. Allocated memory is still 121.6MB. Free memory was 85.5MB in the beginning and 82.5MB in the end (delta: 3.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 66.21ms. Allocated memory is still 121.6MB. Free memory was 82.5MB in the beginning and 79.9MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 50.04ms. Allocated memory is still 121.6MB. Free memory was 79.9MB in the beginning and 78.3MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 949.49ms. Allocated memory is still 121.6MB. Free memory was 78.3MB in the beginning and 42.2MB in the end (delta: 36.1MB). Peak memory consumption was 35.7MB. Max. memory is 16.1GB. * TraceAbstraction took 82706.54ms. Allocated memory was 121.6MB in the beginning and 673.2MB in the end (delta: 551.6MB). Free memory was 41.5MB in the beginning and 549.2MB in the end (delta: -507.7MB). Peak memory consumption was 363.1MB. Max. memory is 16.1GB. * Witness Printer took 82.17ms. Allocated memory is still 673.2MB. Free memory was 549.2MB in the beginning and 542.9MB in the end (delta: 6.3MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 531]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 74 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 82.6s, OverallIterations: 11, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 11.6s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 9.9s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 4223 SdHoareTripleChecker+Valid, 5.6s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 4194 mSDsluCounter, 4184 SdHoareTripleChecker+Invalid, 4.6s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3774 mSDsCounter, 2633 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 5554 IncrementalHoareTripleChecker+Invalid, 8187 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 2633 mSolverCounterUnsat, 1112 mSDtfsCounter, 5554 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 1167 GetRequests, 821 SyntacticMatches, 37 SemanticMatches, 309 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 11479 ImplicationChecksByTransitivity, 30.0s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=560occurred in iteration=6, InterpolantAutomatonStates: 179, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.5s AutomataMinimizationTime, 11 MinimizatonAttempts, 558 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 44 LocationsWithAnnotation, 2191 PreInvPairs, 2534 NumberOfFragments, 2595 HoareAnnotationTreeSize, 2191 FomulaSimplifications, 18363 FormulaSimplificationTreeSizeReduction, 1.4s HoareSimplificationTime, 44 FomulaSimplificationsInter, 46270 FormulaSimplificationTreeSizeReductionInter, 8.3s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.6s SatisfiabilityAnalysisTime, 5.7s InterpolantComputationTime, 928 NumberOfCodeBlocks, 928 NumberOfCodeBlocksAsserted, 15 NumberOfCheckSat, 1183 ConstructedInterpolants, 0 QuantifiedInterpolants, 3355 SizeOfPredicates, 26 NumberOfNonLiveVariables, 2064 ConjunctsInSsa, 60 ConjunctsInUnsatCore, 18 InterpolantComputations, 8 PerfectInterpolantSequences, 555/660 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 1034]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 420]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 399]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && splverifierCounter == 0) && waterLevel < 3 - InvariantResult [Line: 238]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(waterLevel < 3)) && ((((!(waterLevel <= 0) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(1 <= switchedOnBeforeTS)) || pumpRunning == 1)) && ((((!(waterLevel == 1) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(1 <= switchedOnBeforeTS)) || pumpRunning == 1) - InvariantResult [Line: 260]: Loop Invariant Derived loop invariant: ((((((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || !(\old(waterLevel) < 3)) && ((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || ((waterLevel == 1 && 1 <= switchedOnBeforeTS) && pumpRunning == 1)) || !(\old(waterLevel) == 2)) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive))) && (((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((\old(waterLevel) == waterLevel && 1 <= switchedOnBeforeTS) && pumpRunning == 1)) || !(\old(waterLevel) <= 0)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) == 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || (((pumpRunning == 0 && \old(waterLevel) == waterLevel + 1) && 0 < \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || (((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) && 1 <= switchedOnBeforeTS) && pumpRunning == 1)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 264]: Loop Invariant Derived loop invariant: (((((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || !(\old(waterLevel) < 3)) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || ((waterLevel == 1 && 1 <= switchedOnBeforeTS) && pumpRunning == 1)) || !(\old(waterLevel) == 2))) && (((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) == 2))) && ((((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || (((waterLevel <= 0 && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && 1 <= switchedOnBeforeTS) && pumpRunning == 1)) || !(1 <= \old(switchedOnBeforeTS)))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) - InvariantResult [Line: 555]: Loop Invariant Derived loop invariant: ((((((((((waterLevel == 1 && 1 <= switchedOnBeforeTS) && tmp == waterLevel) && pumpRunning == 1) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || (((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS) && tmp == waterLevel)) && ((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && tmp == waterLevel)) || !(1 == systemActive)) || (((tmp == 2 && \old(waterLevel) == waterLevel) && tmp == waterLevel) && pumpRunning == 1)) || !(\old(waterLevel) < 3))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && tmp == waterLevel)) || !(0 == systemActive))) && (((((!(\old(waterLevel) <= 1) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || (((pumpRunning == 0 && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && 1 <= switchedOnBeforeTS) && tmp == waterLevel)) || ((((waterLevel <= 0 && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && 1 <= switchedOnBeforeTS) && tmp == waterLevel) && pumpRunning == 1)) || !(1 <= \old(switchedOnBeforeTS)))) && (((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && tmp == waterLevel)) || !(\old(waterLevel) == 2)) || !(0 == systemActive)) - InvariantResult [Line: 1034]: Loop Invariant Derived loop invariant: (pumpRunning == 0 && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 460]: Loop Invariant Derived loop invariant: (((((pumpRunning == 0 && 1 == systemActive) && splverifierCounter == 0) && waterLevel < 3) || ((((1 == systemActive && splverifierCounter == 0) && 1 <= switchedOnBeforeTS) && waterLevel < 3) && pumpRunning == 1)) || (((pumpRunning == 0 && splverifierCounter == 0) && 0 == systemActive) && waterLevel < 3)) || (((2 == waterLevel && 1 == systemActive) && splverifierCounter == 0) && pumpRunning == 1) - InvariantResult [Line: 952]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 187]: Loop Invariant Derived loop invariant: ((((((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || ((waterLevel == 1 && 1 <= switchedOnBeforeTS) && pumpRunning == 1)) || !(\old(waterLevel) == 2)) || ((pumpRunning == 0 && waterLevel == 1) && 1 <= switchedOnBeforeTS)) && (((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(0 == systemActive)) || !(\old(waterLevel) < 3))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive))) && (((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && 1 <= switchedOnBeforeTS)) || ((\old(waterLevel) == waterLevel && 1 <= switchedOnBeforeTS) && pumpRunning == 1)) || !(\old(waterLevel) <= 0)) || !(1 <= \old(switchedOnBeforeTS)))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) == 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1))) && (((((!(\old(waterLevel) == 1) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || (((pumpRunning == 0 && \old(waterLevel) == waterLevel + 1) && 0 < \old(waterLevel)) && 1 <= switchedOnBeforeTS)) || (((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) && 1 <= switchedOnBeforeTS) && pumpRunning == 1)) || !(1 <= \old(switchedOnBeforeTS))) - InvariantResult [Line: 430]: Loop Invariant Derived loop invariant: (((((pumpRunning == 0 && 1 == systemActive) && splverifierCounter == 0) && waterLevel < 3) || ((((1 == systemActive && splverifierCounter == 0) && 1 <= switchedOnBeforeTS) && waterLevel < 3) && pumpRunning == 1)) || (((pumpRunning == 0 && splverifierCounter == 0) && 0 == systemActive) && waterLevel < 3)) || (((2 == waterLevel && 1 == systemActive) && splverifierCounter == 0) && pumpRunning == 1) - InvariantResult [Line: 962]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 216]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && (2 <= waterLevel || tmp == 0))) || !(waterLevel < 3)) && (((!(waterLevel == 1) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(1 <= switchedOnBeforeTS))) && (((!(waterLevel <= 0) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(1 <= switchedOnBeforeTS)) - InvariantResult [Line: 531]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || !(\old(waterLevel) < 3)) && ((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(1 <= \old(switchedOnBeforeTS))) || !(\old(waterLevel) < 3))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) < 3)) - InvariantResult [Line: 429]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 550]: Loop Invariant Derived loop invariant: ((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) == 2)) && (((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(0 == systemActive)) || !(\old(waterLevel) < 3))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive))) && ((((!(1 == systemActive) || ((1 <= aux-isPumpRunning()-aux && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(\old(pumpRunning) == 1)) || !(1 <= \old(switchedOnBeforeTS))) || !(\old(waterLevel) < 3))) && (((!(1 == systemActive) || ((1 <= aux-isPumpRunning()-aux && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) - InvariantResult [Line: 212]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(waterLevel < 3)) && ((((!(waterLevel <= 0) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(1 <= switchedOnBeforeTS)) || pumpRunning == 1)) && ((((!(waterLevel == 1) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(1 <= switchedOnBeforeTS)) || pumpRunning == 1) RESULT: Ultimate proved your program to be correct! [2022-11-03 02:43:50,356 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_7a9d1d6e-548d-4b5d-bc65-d70788a15ed7/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE