./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product59.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 5e519f3a Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product59.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash bed571a327ae9eee0b2e62daa6070780d20555ec322abcda9e725c1fa87edc9c --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-5e519f3 [2022-11-03 02:36:22,987 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-03 02:36:22,989 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-03 02:36:23,040 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-03 02:36:23,040 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-03 02:36:23,045 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-03 02:36:23,047 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-03 02:36:23,051 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-03 02:36:23,053 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-03 02:36:23,059 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-03 02:36:23,060 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-03 02:36:23,062 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-03 02:36:23,063 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-03 02:36:23,065 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-03 02:36:23,067 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-03 02:36:23,068 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-03 02:36:23,070 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-03 02:36:23,071 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-03 02:36:23,072 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-03 02:36:23,081 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-03 02:36:23,083 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-03 02:36:23,084 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-03 02:36:23,087 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-03 02:36:23,088 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-03 02:36:23,094 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-03 02:36:23,094 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-03 02:36:23,095 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-03 02:36:23,096 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-03 02:36:23,097 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-03 02:36:23,098 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-03 02:36:23,098 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-03 02:36:23,099 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-03 02:36:23,101 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-03 02:36:23,102 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-03 02:36:23,104 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-03 02:36:23,104 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-03 02:36:23,104 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-03 02:36:23,105 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-03 02:36:23,105 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-03 02:36:23,106 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-03 02:36:23,106 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-03 02:36:23,107 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-03 02:36:23,145 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-03 02:36:23,146 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-03 02:36:23,146 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-03 02:36:23,147 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-03 02:36:23,148 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-03 02:36:23,148 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-03 02:36:23,148 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-03 02:36:23,148 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-03 02:36:23,149 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-03 02:36:23,149 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-03 02:36:23,150 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-03 02:36:23,150 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-03 02:36:23,150 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-03 02:36:23,150 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-03 02:36:23,151 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-03 02:36:23,151 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-03 02:36:23,151 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-03 02:36:23,151 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-03 02:36:23,152 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-03 02:36:23,152 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-03 02:36:23,153 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-03 02:36:23,153 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-03 02:36:23,153 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-03 02:36:23,153 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-03 02:36:23,154 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-03 02:36:23,154 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-03 02:36:23,154 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-03 02:36:23,154 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-03 02:36:23,154 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-03 02:36:23,155 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-03 02:36:23,155 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-03 02:36:23,155 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-03 02:36:23,156 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 02:36:23,156 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-03 02:36:23,156 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-03 02:36:23,156 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-03 02:36:23,157 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-03 02:36:23,157 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-03 02:36:23,157 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-03 02:36:23,157 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-03 02:36:23,157 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-03 02:36:23,158 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> bed571a327ae9eee0b2e62daa6070780d20555ec322abcda9e725c1fa87edc9c [2022-11-03 02:36:23,495 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-03 02:36:23,524 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-03 02:36:23,528 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-03 02:36:23,540 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-03 02:36:23,541 INFO L275 PluginConnector]: CDTParser initialized [2022-11-03 02:36:23,542 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/../../sv-benchmarks/c/product-lines/minepump_spec5_product59.cil.c [2022-11-03 02:36:23,612 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/data/9a98ab06e/b1ea7485e8634b298b31de3eeae7166a/FLAG9233184b5 [2022-11-03 02:36:24,232 INFO L306 CDTParser]: Found 1 translation units. [2022-11-03 02:36:24,233 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/sv-benchmarks/c/product-lines/minepump_spec5_product59.cil.c [2022-11-03 02:36:24,244 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/data/9a98ab06e/b1ea7485e8634b298b31de3eeae7166a/FLAG9233184b5 [2022-11-03 02:36:24,494 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/data/9a98ab06e/b1ea7485e8634b298b31de3eeae7166a [2022-11-03 02:36:24,497 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-03 02:36:24,499 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-03 02:36:24,511 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-03 02:36:24,511 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-03 02:36:24,516 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-03 02:36:24,516 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 02:36:24" (1/1) ... [2022-11-03 02:36:24,518 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6f714330 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:36:24, skipping insertion in model container [2022-11-03 02:36:24,518 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 02:36:24" (1/1) ... [2022-11-03 02:36:24,525 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-03 02:36:24,562 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-03 02:36:24,910 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/sv-benchmarks/c/product-lines/minepump_spec5_product59.cil.c[17002,17015] [2022-11-03 02:36:24,924 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 02:36:24,933 INFO L203 MainTranslator]: Completed pre-run [2022-11-03 02:36:24,993 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/sv-benchmarks/c/product-lines/minepump_spec5_product59.cil.c[17002,17015] [2022-11-03 02:36:24,999 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 02:36:25,016 INFO L208 MainTranslator]: Completed translation [2022-11-03 02:36:25,016 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:36:25 WrapperNode [2022-11-03 02:36:25,016 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-03 02:36:25,017 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-03 02:36:25,018 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-03 02:36:25,018 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-03 02:36:25,025 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:36:25" (1/1) ... [2022-11-03 02:36:25,038 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:36:25" (1/1) ... [2022-11-03 02:36:25,089 INFO L138 Inliner]: procedures = 59, calls = 161, calls flagged for inlining = 27, calls inlined = 24, statements flattened = 288 [2022-11-03 02:36:25,091 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-03 02:36:25,093 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-03 02:36:25,093 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-03 02:36:25,094 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-03 02:36:25,103 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:36:25" (1/1) ... [2022-11-03 02:36:25,104 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:36:25" (1/1) ... [2022-11-03 02:36:25,117 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:36:25" (1/1) ... [2022-11-03 02:36:25,117 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:36:25" (1/1) ... [2022-11-03 02:36:25,122 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:36:25" (1/1) ... [2022-11-03 02:36:25,126 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:36:25" (1/1) ... [2022-11-03 02:36:25,128 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:36:25" (1/1) ... [2022-11-03 02:36:25,129 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:36:25" (1/1) ... [2022-11-03 02:36:25,148 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-03 02:36:25,149 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-03 02:36:25,149 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-03 02:36:25,149 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-03 02:36:25,154 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:36:25" (1/1) ... [2022-11-03 02:36:25,160 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 02:36:25,172 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:36:25,187 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-03 02:36:25,198 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-03 02:36:25,230 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-03 02:36:25,230 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-03 02:36:25,230 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-03 02:36:25,231 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-03 02:36:25,231 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-03 02:36:25,231 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-03 02:36:25,231 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-03 02:36:25,231 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 02:36:25,231 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 02:36:25,232 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-03 02:36:25,232 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-03 02:36:25,232 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-11-03 02:36:25,232 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-11-03 02:36:25,232 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-11-03 02:36:25,233 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-11-03 02:36:25,233 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-03 02:36:25,233 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-03 02:36:25,233 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-03 02:36:25,233 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-03 02:36:25,234 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-03 02:36:25,347 INFO L235 CfgBuilder]: Building ICFG [2022-11-03 02:36:25,349 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-03 02:36:25,756 INFO L276 CfgBuilder]: Performing block encoding [2022-11-03 02:36:25,959 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-03 02:36:25,959 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-03 02:36:25,962 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 02:36:25 BoogieIcfgContainer [2022-11-03 02:36:25,962 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-03 02:36:25,965 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-03 02:36:25,965 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-03 02:36:25,969 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-03 02:36:25,969 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.11 02:36:24" (1/3) ... [2022-11-03 02:36:25,970 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@71893ef0 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 02:36:25, skipping insertion in model container [2022-11-03 02:36:25,970 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:36:25" (2/3) ... [2022-11-03 02:36:25,970 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@71893ef0 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 02:36:25, skipping insertion in model container [2022-11-03 02:36:25,970 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 02:36:25" (3/3) ... [2022-11-03 02:36:25,972 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product59.cil.c [2022-11-03 02:36:25,991 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-03 02:36:25,991 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-03 02:36:26,043 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-03 02:36:26,050 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@24b288fb, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-03 02:36:26,051 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-03 02:36:26,055 INFO L276 IsEmpty]: Start isEmpty. Operand has 66 states, 42 states have (on average 1.4523809523809523) internal successors, (61), 51 states have internal predecessors, (61), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) [2022-11-03 02:36:26,064 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2022-11-03 02:36:26,065 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:36:26,066 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:36:26,066 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:36:26,072 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:36:26,072 INFO L85 PathProgramCache]: Analyzing trace with hash 113400434, now seen corresponding path program 1 times [2022-11-03 02:36:26,082 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:36:26,083 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [901368277] [2022-11-03 02:36:26,083 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:36:26,084 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:36:26,196 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:36:26,332 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 02:36:26,332 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:36:26,334 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [901368277] [2022-11-03 02:36:26,334 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [901368277] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:36:26,335 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:36:26,335 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-03 02:36:26,336 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1313922571] [2022-11-03 02:36:26,338 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:36:26,344 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-03 02:36:26,345 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:36:26,372 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-03 02:36:26,373 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 02:36:26,375 INFO L87 Difference]: Start difference. First operand has 66 states, 42 states have (on average 1.4523809523809523) internal successors, (61), 51 states have internal predecessors, (61), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 02:36:26,446 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:36:26,447 INFO L93 Difference]: Finished difference Result 130 states and 179 transitions. [2022-11-03 02:36:26,448 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-03 02:36:26,450 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 21 [2022-11-03 02:36:26,450 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:36:26,466 INFO L225 Difference]: With dead ends: 130 [2022-11-03 02:36:26,466 INFO L226 Difference]: Without dead ends: 61 [2022-11-03 02:36:26,471 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 02:36:26,477 INFO L413 NwaCegarLoop]: 69 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 69 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-03 02:36:26,479 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 69 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-03 02:36:26,500 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 61 states. [2022-11-03 02:36:26,525 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 61 to 61. [2022-11-03 02:36:26,527 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 61 states, 39 states have (on average 1.358974358974359) internal successors, (53), 47 states have internal predecessors, (53), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2022-11-03 02:36:26,536 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 61 states to 61 states and 80 transitions. [2022-11-03 02:36:26,540 INFO L78 Accepts]: Start accepts. Automaton has 61 states and 80 transitions. Word has length 21 [2022-11-03 02:36:26,541 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:36:26,541 INFO L495 AbstractCegarLoop]: Abstraction has 61 states and 80 transitions. [2022-11-03 02:36:26,542 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 02:36:26,543 INFO L276 IsEmpty]: Start isEmpty. Operand 61 states and 80 transitions. [2022-11-03 02:36:26,546 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2022-11-03 02:36:26,548 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:36:26,549 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:36:26,549 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-03 02:36:26,550 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:36:26,551 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:36:26,552 INFO L85 PathProgramCache]: Analyzing trace with hash -1004986017, now seen corresponding path program 1 times [2022-11-03 02:36:26,552 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:36:26,552 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1522431292] [2022-11-03 02:36:26,553 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:36:26,553 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:36:26,597 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:36:26,754 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 02:36:26,755 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:36:26,755 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1522431292] [2022-11-03 02:36:26,756 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1522431292] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:36:26,756 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:36:26,756 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 02:36:26,756 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [585891747] [2022-11-03 02:36:26,757 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:36:26,758 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 02:36:26,758 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:36:26,759 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 02:36:26,759 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 02:36:26,760 INFO L87 Difference]: Start difference. First operand 61 states and 80 transitions. Second operand has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 02:36:26,844 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:36:26,844 INFO L93 Difference]: Finished difference Result 94 states and 122 transitions. [2022-11-03 02:36:26,844 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 02:36:26,845 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 22 [2022-11-03 02:36:26,845 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:36:26,846 INFO L225 Difference]: With dead ends: 94 [2022-11-03 02:36:26,846 INFO L226 Difference]: Without dead ends: 53 [2022-11-03 02:36:26,847 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 02:36:26,848 INFO L413 NwaCegarLoop]: 55 mSDtfsCounter, 14 mSDsluCounter, 49 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 18 SdHoareTripleChecker+Valid, 93 SdHoareTripleChecker+Invalid, 25 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:36:26,849 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [18 Valid, 93 Invalid, 25 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:36:26,850 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 53 states. [2022-11-03 02:36:26,856 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 53 to 53. [2022-11-03 02:36:26,857 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 53 states, 34 states have (on average 1.3823529411764706) internal successors, (47), 42 states have internal predecessors, (47), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 8 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-03 02:36:26,858 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 53 states to 53 states and 69 transitions. [2022-11-03 02:36:26,858 INFO L78 Accepts]: Start accepts. Automaton has 53 states and 69 transitions. Word has length 22 [2022-11-03 02:36:26,858 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:36:26,859 INFO L495 AbstractCegarLoop]: Abstraction has 53 states and 69 transitions. [2022-11-03 02:36:26,859 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 02:36:26,859 INFO L276 IsEmpty]: Start isEmpty. Operand 53 states and 69 transitions. [2022-11-03 02:36:26,860 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-11-03 02:36:26,860 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:36:26,860 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:36:26,861 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-03 02:36:26,861 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:36:26,862 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:36:26,862 INFO L85 PathProgramCache]: Analyzing trace with hash 724006105, now seen corresponding path program 1 times [2022-11-03 02:36:26,862 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:36:26,862 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [540443611] [2022-11-03 02:36:26,862 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:36:26,863 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:36:26,884 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:36:26,954 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 02:36:26,954 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:36:26,955 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [540443611] [2022-11-03 02:36:26,955 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [540443611] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:36:26,955 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:36:26,955 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 02:36:26,955 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [734505463] [2022-11-03 02:36:26,956 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:36:26,956 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 02:36:26,956 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:36:26,957 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 02:36:26,958 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 02:36:26,958 INFO L87 Difference]: Start difference. First operand 53 states and 69 transitions. Second operand has 3 states, 3 states have (on average 6.333333333333333) internal successors, (19), 3 states have internal predecessors, (19), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-03 02:36:27,049 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:36:27,049 INFO L93 Difference]: Finished difference Result 155 states and 204 transitions. [2022-11-03 02:36:27,049 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 02:36:27,050 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.333333333333333) internal successors, (19), 3 states have internal predecessors, (19), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 25 [2022-11-03 02:36:27,050 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:36:27,052 INFO L225 Difference]: With dead ends: 155 [2022-11-03 02:36:27,052 INFO L226 Difference]: Without dead ends: 104 [2022-11-03 02:36:27,053 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 02:36:27,054 INFO L413 NwaCegarLoop]: 74 mSDtfsCounter, 54 mSDsluCounter, 64 mSDsCounter, 0 mSdLazyCounter, 31 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 54 SdHoareTripleChecker+Valid, 127 SdHoareTripleChecker+Invalid, 31 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 31 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:36:27,054 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [54 Valid, 127 Invalid, 31 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 31 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:36:27,055 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 104 states. [2022-11-03 02:36:27,073 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 104 to 101. [2022-11-03 02:36:27,074 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 101 states, 64 states have (on average 1.390625) internal successors, (89), 79 states have internal predecessors, (89), 22 states have call successors, (22), 14 states have call predecessors, (22), 14 states have return successors, (22), 15 states have call predecessors, (22), 22 states have call successors, (22) [2022-11-03 02:36:27,075 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 101 states to 101 states and 133 transitions. [2022-11-03 02:36:27,075 INFO L78 Accepts]: Start accepts. Automaton has 101 states and 133 transitions. Word has length 25 [2022-11-03 02:36:27,076 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:36:27,076 INFO L495 AbstractCegarLoop]: Abstraction has 101 states and 133 transitions. [2022-11-03 02:36:27,076 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.333333333333333) internal successors, (19), 3 states have internal predecessors, (19), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-03 02:36:27,076 INFO L276 IsEmpty]: Start isEmpty. Operand 101 states and 133 transitions. [2022-11-03 02:36:27,078 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2022-11-03 02:36:27,078 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:36:27,078 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:36:27,078 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-03 02:36:27,079 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:36:27,079 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:36:27,079 INFO L85 PathProgramCache]: Analyzing trace with hash -2048165769, now seen corresponding path program 1 times [2022-11-03 02:36:27,079 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:36:27,080 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [45623908] [2022-11-03 02:36:27,080 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:36:27,080 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:36:27,100 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:36:27,319 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-03 02:36:27,320 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:36:27,320 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [45623908] [2022-11-03 02:36:27,320 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [45623908] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:36:27,321 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:36:27,321 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-03 02:36:27,321 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [81521176] [2022-11-03 02:36:27,321 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:36:27,322 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-03 02:36:27,322 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:36:27,322 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-03 02:36:27,323 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-03 02:36:27,323 INFO L87 Difference]: Start difference. First operand 101 states and 133 transitions. Second operand has 6 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 02:36:27,560 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:36:27,560 INFO L93 Difference]: Finished difference Result 282 states and 381 transitions. [2022-11-03 02:36:27,561 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-11-03 02:36:27,561 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 28 [2022-11-03 02:36:27,561 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:36:27,568 INFO L225 Difference]: With dead ends: 282 [2022-11-03 02:36:27,568 INFO L226 Difference]: Without dead ends: 183 [2022-11-03 02:36:27,570 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-11-03 02:36:27,571 INFO L413 NwaCegarLoop]: 67 mSDtfsCounter, 34 mSDsluCounter, 252 mSDsCounter, 0 mSdLazyCounter, 117 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 35 SdHoareTripleChecker+Valid, 284 SdHoareTripleChecker+Invalid, 126 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 117 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-03 02:36:27,571 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [35 Valid, 284 Invalid, 126 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 117 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-03 02:36:27,572 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 183 states. [2022-11-03 02:36:27,609 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 183 to 174. [2022-11-03 02:36:27,610 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 174 states, 115 states have (on average 1.3130434782608695) internal successors, (151), 130 states have internal predecessors, (151), 32 states have call successors, (32), 26 states have call predecessors, (32), 26 states have return successors, (40), 29 states have call predecessors, (40), 32 states have call successors, (40) [2022-11-03 02:36:27,612 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 174 states to 174 states and 223 transitions. [2022-11-03 02:36:27,612 INFO L78 Accepts]: Start accepts. Automaton has 174 states and 223 transitions. Word has length 28 [2022-11-03 02:36:27,612 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:36:27,612 INFO L495 AbstractCegarLoop]: Abstraction has 174 states and 223 transitions. [2022-11-03 02:36:27,613 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 02:36:27,613 INFO L276 IsEmpty]: Start isEmpty. Operand 174 states and 223 transitions. [2022-11-03 02:36:27,614 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-11-03 02:36:27,614 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:36:27,614 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:36:27,615 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-03 02:36:27,615 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:36:27,615 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:36:27,616 INFO L85 PathProgramCache]: Analyzing trace with hash 230522554, now seen corresponding path program 1 times [2022-11-03 02:36:27,616 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:36:27,616 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1321093516] [2022-11-03 02:36:27,616 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:36:27,616 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:36:27,660 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:36:28,036 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 02:36:28,036 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:36:28,036 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1321093516] [2022-11-03 02:36:28,038 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1321093516] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:36:28,038 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:36:28,039 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-03 02:36:28,041 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1452742991] [2022-11-03 02:36:28,044 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:36:28,045 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-03 02:36:28,045 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:36:28,045 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-03 02:36:28,046 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2022-11-03 02:36:28,047 INFO L87 Difference]: Start difference. First operand 174 states and 223 transitions. Second operand has 6 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-03 02:36:28,286 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:36:28,287 INFO L93 Difference]: Finished difference Result 528 states and 678 transitions. [2022-11-03 02:36:28,287 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-11-03 02:36:28,296 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 33 [2022-11-03 02:36:28,296 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:36:28,302 INFO L225 Difference]: With dead ends: 528 [2022-11-03 02:36:28,306 INFO L226 Difference]: Without dead ends: 356 [2022-11-03 02:36:28,308 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=16, Invalid=26, Unknown=0, NotChecked=0, Total=42 [2022-11-03 02:36:28,313 INFO L413 NwaCegarLoop]: 93 mSDtfsCounter, 116 mSDsluCounter, 166 mSDsCounter, 0 mSdLazyCounter, 124 mSolverCounterSat, 21 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 117 SdHoareTripleChecker+Valid, 239 SdHoareTripleChecker+Invalid, 145 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 21 IncrementalHoareTripleChecker+Valid, 124 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-03 02:36:28,317 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [117 Valid, 239 Invalid, 145 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [21 Valid, 124 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-03 02:36:28,318 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 356 states. [2022-11-03 02:36:28,368 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 356 to 346. [2022-11-03 02:36:28,369 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 346 states, 229 states have (on average 1.296943231441048) internal successors, (297), 255 states have internal predecessors, (297), 63 states have call successors, (63), 53 states have call predecessors, (63), 53 states have return successors, (81), 56 states have call predecessors, (81), 63 states have call successors, (81) [2022-11-03 02:36:28,372 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 346 states to 346 states and 441 transitions. [2022-11-03 02:36:28,375 INFO L78 Accepts]: Start accepts. Automaton has 346 states and 441 transitions. Word has length 33 [2022-11-03 02:36:28,375 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:36:28,376 INFO L495 AbstractCegarLoop]: Abstraction has 346 states and 441 transitions. [2022-11-03 02:36:28,376 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-03 02:36:28,377 INFO L276 IsEmpty]: Start isEmpty. Operand 346 states and 441 transitions. [2022-11-03 02:36:28,378 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 37 [2022-11-03 02:36:28,383 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:36:28,383 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:36:28,383 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-03 02:36:28,384 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:36:28,384 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:36:28,384 INFO L85 PathProgramCache]: Analyzing trace with hash 175155632, now seen corresponding path program 1 times [2022-11-03 02:36:28,384 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:36:28,385 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1052377032] [2022-11-03 02:36:28,385 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:36:28,385 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:36:28,409 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:36:28,772 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 02:36:28,772 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:36:28,772 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1052377032] [2022-11-03 02:36:28,773 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1052377032] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:36:28,773 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:36:28,773 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-11-03 02:36:28,773 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [81056872] [2022-11-03 02:36:28,773 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:36:28,774 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-03 02:36:28,774 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:36:28,774 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-03 02:36:28,775 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=39, Unknown=0, NotChecked=0, Total=56 [2022-11-03 02:36:28,775 INFO L87 Difference]: Start difference. First operand 346 states and 441 transitions. Second operand has 8 states, 7 states have (on average 3.7142857142857144) internal successors, (26), 7 states have internal predecessors, (26), 4 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-03 02:36:29,320 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:36:29,321 INFO L93 Difference]: Finished difference Result 820 states and 1071 transitions. [2022-11-03 02:36:29,321 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2022-11-03 02:36:29,321 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 3.7142857142857144) internal successors, (26), 7 states have internal predecessors, (26), 4 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) Word has length 36 [2022-11-03 02:36:29,322 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:36:29,333 INFO L225 Difference]: With dead ends: 820 [2022-11-03 02:36:29,334 INFO L226 Difference]: Without dead ends: 578 [2022-11-03 02:36:29,335 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 30 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=67, Invalid=143, Unknown=0, NotChecked=0, Total=210 [2022-11-03 02:36:29,336 INFO L413 NwaCegarLoop]: 87 mSDtfsCounter, 233 mSDsluCounter, 216 mSDsCounter, 0 mSdLazyCounter, 298 mSolverCounterSat, 99 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 239 SdHoareTripleChecker+Valid, 278 SdHoareTripleChecker+Invalid, 397 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 99 IncrementalHoareTripleChecker+Valid, 298 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-03 02:36:29,336 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [239 Valid, 278 Invalid, 397 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [99 Valid, 298 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-03 02:36:29,338 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 578 states. [2022-11-03 02:36:29,403 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 578 to 514. [2022-11-03 02:36:29,404 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 514 states, 346 states have (on average 1.2919075144508672) internal successors, (447), 384 states have internal predecessors, (447), 90 states have call successors, (90), 68 states have call predecessors, (90), 77 states have return successors, (121), 87 states have call predecessors, (121), 90 states have call successors, (121) [2022-11-03 02:36:29,407 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 514 states to 514 states and 658 transitions. [2022-11-03 02:36:29,408 INFO L78 Accepts]: Start accepts. Automaton has 514 states and 658 transitions. Word has length 36 [2022-11-03 02:36:29,408 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:36:29,408 INFO L495 AbstractCegarLoop]: Abstraction has 514 states and 658 transitions. [2022-11-03 02:36:29,409 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 3.7142857142857144) internal successors, (26), 7 states have internal predecessors, (26), 4 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-03 02:36:29,409 INFO L276 IsEmpty]: Start isEmpty. Operand 514 states and 658 transitions. [2022-11-03 02:36:29,419 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2022-11-03 02:36:29,420 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:36:29,420 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:36:29,420 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-03 02:36:29,421 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:36:29,421 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:36:29,421 INFO L85 PathProgramCache]: Analyzing trace with hash -1058496192, now seen corresponding path program 1 times [2022-11-03 02:36:29,423 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:36:29,423 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1084259240] [2022-11-03 02:36:29,423 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:36:29,424 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:36:29,449 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:36:29,505 INFO L134 CoverageAnalysis]: Checked inductivity of 20 backedges. 14 proven. 0 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2022-11-03 02:36:29,505 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:36:29,505 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1084259240] [2022-11-03 02:36:29,505 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1084259240] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:36:29,505 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:36:29,505 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-03 02:36:29,506 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1549017299] [2022-11-03 02:36:29,506 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:36:29,506 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-03 02:36:29,506 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:36:29,507 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-03 02:36:29,507 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-03 02:36:29,507 INFO L87 Difference]: Start difference. First operand 514 states and 658 transitions. Second operand has 4 states, 3 states have (on average 14.0) internal successors, (42), 4 states have internal predecessors, (42), 4 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2022-11-03 02:36:29,641 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:36:29,641 INFO L93 Difference]: Finished difference Result 620 states and 792 transitions. [2022-11-03 02:36:29,642 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-11-03 02:36:29,642 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 14.0) internal successors, (42), 4 states have internal predecessors, (42), 4 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) Word has length 57 [2022-11-03 02:36:29,642 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:36:29,644 INFO L225 Difference]: With dead ends: 620 [2022-11-03 02:36:29,644 INFO L226 Difference]: Without dead ends: 247 [2022-11-03 02:36:29,645 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-03 02:36:29,646 INFO L413 NwaCegarLoop]: 80 mSDtfsCounter, 94 mSDsluCounter, 67 mSDsCounter, 0 mSdLazyCounter, 80 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 94 SdHoareTripleChecker+Valid, 128 SdHoareTripleChecker+Invalid, 82 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 80 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:36:29,646 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [94 Valid, 128 Invalid, 82 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 80 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:36:29,647 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 247 states. [2022-11-03 02:36:29,691 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 247 to 247. [2022-11-03 02:36:29,692 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 247 states, 167 states have (on average 1.2395209580838322) internal successors, (207), 184 states have internal predecessors, (207), 42 states have call successors, (42), 32 states have call predecessors, (42), 37 states have return successors, (57), 42 states have call predecessors, (57), 42 states have call successors, (57) [2022-11-03 02:36:29,693 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 247 states to 247 states and 306 transitions. [2022-11-03 02:36:29,694 INFO L78 Accepts]: Start accepts. Automaton has 247 states and 306 transitions. Word has length 57 [2022-11-03 02:36:29,694 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:36:29,694 INFO L495 AbstractCegarLoop]: Abstraction has 247 states and 306 transitions. [2022-11-03 02:36:29,694 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 14.0) internal successors, (42), 4 states have internal predecessors, (42), 4 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2022-11-03 02:36:29,694 INFO L276 IsEmpty]: Start isEmpty. Operand 247 states and 306 transitions. [2022-11-03 02:36:29,695 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 63 [2022-11-03 02:36:29,695 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:36:29,696 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:36:29,696 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-03 02:36:29,696 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:36:29,696 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:36:29,697 INFO L85 PathProgramCache]: Analyzing trace with hash -1532462417, now seen corresponding path program 1 times [2022-11-03 02:36:29,697 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:36:29,697 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1545562351] [2022-11-03 02:36:29,697 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:36:29,697 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:36:29,718 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:36:30,311 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 0 proven. 17 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2022-11-03 02:36:30,311 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:36:30,311 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1545562351] [2022-11-03 02:36:30,312 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1545562351] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:36:30,312 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1487158084] [2022-11-03 02:36:30,312 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:36:30,312 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:36:30,313 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:36:30,315 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:36:30,338 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-03 02:36:30,458 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:36:30,483 INFO L263 TraceCheckSpWp]: Trace formula consists of 466 conjuncts, 22 conjunts are in the unsatisfiable core [2022-11-03 02:36:30,489 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:36:30,745 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 27 proven. 1 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:36:30,745 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 02:36:30,953 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 16 proven. 1 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2022-11-03 02:36:30,953 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1487158084] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 02:36:30,953 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1917994959] [2022-11-03 02:36:30,974 INFO L159 IcfgInterpreter]: Started Sifa with 37 locations of interest [2022-11-03 02:36:30,974 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 02:36:30,978 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 02:36:30,983 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 02:36:30,984 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 02:36:43,532 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 54 for LOIs [2022-11-03 02:36:43,543 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 32 for LOIs [2022-11-03 02:36:43,705 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 56 for LOIs [2022-11-03 02:36:43,719 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 26 for LOIs [2022-11-03 02:36:43,747 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 02:36:49,001 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '6786#(and (= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| |timeShift_getWaterLevel_#res#1|) (= ~methaneLevelCritical~0 0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| ~waterLevel~0) (= ~head~0.offset 0) (= 1 ~systemActive~0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| |timeShift_getWaterLevel_#res#1|) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| 2)) (= |old(~waterLevel~0)| ~waterLevel~0) (<= 2 |timeShift_getWaterLevel_#res#1|) (= ~head~0.base 0) (= |#NULL.offset| 0) (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1|) (<= |timeShift_getWaterLevel_~retValue_acc~1#1| 2147483647) (= ~pumpRunning~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0) (= |old(~switchedOnBeforeTS~0)| 0))' at error location [2022-11-03 02:36:49,001 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 02:36:49,001 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 02:36:49,002 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 14 [2022-11-03 02:36:49,002 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [387046892] [2022-11-03 02:36:49,002 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 02:36:49,003 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2022-11-03 02:36:49,003 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:36:49,003 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2022-11-03 02:36:49,004 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=202, Invalid=1358, Unknown=0, NotChecked=0, Total=1560 [2022-11-03 02:36:49,004 INFO L87 Difference]: Start difference. First operand 247 states and 306 transitions. Second operand has 14 states, 13 states have (on average 5.384615384615385) internal successors, (70), 13 states have internal predecessors, (70), 7 states have call successors, (15), 5 states have call predecessors, (15), 5 states have return successors, (14), 6 states have call predecessors, (14), 7 states have call successors, (14) [2022-11-03 02:36:50,598 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:36:50,599 INFO L93 Difference]: Finished difference Result 708 states and 906 transitions. [2022-11-03 02:36:50,599 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 34 states. [2022-11-03 02:36:50,600 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 13 states have (on average 5.384615384615385) internal successors, (70), 13 states have internal predecessors, (70), 7 states have call successors, (15), 5 states have call predecessors, (15), 5 states have return successors, (14), 6 states have call predecessors, (14), 7 states have call successors, (14) Word has length 62 [2022-11-03 02:36:50,601 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:36:50,604 INFO L225 Difference]: With dead ends: 708 [2022-11-03 02:36:50,604 INFO L226 Difference]: Without dead ends: 463 [2022-11-03 02:36:50,607 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 234 GetRequests, 166 SyntacticMatches, 6 SemanticMatches, 62 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1445 ImplicationChecksByTransitivity, 6.1s TimeCoverageRelationStatistics Valid=562, Invalid=3470, Unknown=0, NotChecked=0, Total=4032 [2022-11-03 02:36:50,609 INFO L413 NwaCegarLoop]: 74 mSDtfsCounter, 499 mSDsluCounter, 347 mSDsCounter, 0 mSdLazyCounter, 696 mSolverCounterSat, 331 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 505 SdHoareTripleChecker+Valid, 381 SdHoareTripleChecker+Invalid, 1027 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 331 IncrementalHoareTripleChecker+Valid, 696 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2022-11-03 02:36:50,611 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [505 Valid, 381 Invalid, 1027 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [331 Valid, 696 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2022-11-03 02:36:50,613 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 463 states. [2022-11-03 02:36:50,664 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 463 to 408. [2022-11-03 02:36:50,666 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 408 states, 276 states have (on average 1.2065217391304348) internal successors, (333), 307 states have internal predecessors, (333), 65 states have call successors, (65), 51 states have call predecessors, (65), 66 states have return successors, (108), 68 states have call predecessors, (108), 65 states have call successors, (108) [2022-11-03 02:36:50,670 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 408 states to 408 states and 506 transitions. [2022-11-03 02:36:50,670 INFO L78 Accepts]: Start accepts. Automaton has 408 states and 506 transitions. Word has length 62 [2022-11-03 02:36:50,671 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:36:50,671 INFO L495 AbstractCegarLoop]: Abstraction has 408 states and 506 transitions. [2022-11-03 02:36:50,671 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 13 states have (on average 5.384615384615385) internal successors, (70), 13 states have internal predecessors, (70), 7 states have call successors, (15), 5 states have call predecessors, (15), 5 states have return successors, (14), 6 states have call predecessors, (14), 7 states have call successors, (14) [2022-11-03 02:36:50,671 INFO L276 IsEmpty]: Start isEmpty. Operand 408 states and 506 transitions. [2022-11-03 02:36:50,673 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 66 [2022-11-03 02:36:50,673 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:36:50,673 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:36:50,714 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2022-11-03 02:36:50,894 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable7 [2022-11-03 02:36:50,894 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:36:50,894 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:36:50,894 INFO L85 PathProgramCache]: Analyzing trace with hash 2014836197, now seen corresponding path program 1 times [2022-11-03 02:36:50,895 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:36:50,895 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1243632726] [2022-11-03 02:36:50,895 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:36:50,895 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:36:50,934 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:36:51,271 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 1 proven. 21 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-11-03 02:36:51,271 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:36:51,272 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1243632726] [2022-11-03 02:36:51,272 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1243632726] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:36:51,272 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [875100391] [2022-11-03 02:36:51,272 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:36:51,272 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:36:51,273 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:36:51,274 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:36:51,283 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-03 02:36:51,383 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:36:51,385 INFO L263 TraceCheckSpWp]: Trace formula consists of 458 conjuncts, 13 conjunts are in the unsatisfiable core [2022-11-03 02:36:51,388 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:36:51,435 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 14 proven. 1 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2022-11-03 02:36:51,436 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 02:36:51,520 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 7 proven. 1 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2022-11-03 02:36:51,520 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [875100391] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 02:36:51,520 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1163403157] [2022-11-03 02:36:51,526 INFO L159 IcfgInterpreter]: Started Sifa with 42 locations of interest [2022-11-03 02:36:51,526 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 02:36:51,527 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 02:36:51,527 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 02:36:51,527 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 02:37:00,388 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 50 for LOIs [2022-11-03 02:37:00,397 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 34 for LOIs [2022-11-03 02:37:00,752 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 53 for LOIs [2022-11-03 02:37:00,770 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 72 for LOIs [2022-11-03 02:37:01,079 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 55 for LOIs [2022-11-03 02:37:01,088 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 02:37:07,656 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '8967#(and (= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| |timeShift_getWaterLevel_#res#1|) (<= ~cleanupTimeShifts~0 4) (<= ~head~0.offset 0) (<= 0 |#NULL.base|) (<= 0 ~head~0.offset) (= |timeShift_getWaterLevel_~retValue_acc~1#1| ~waterLevel~0) (<= 0 (+ 2147483648 |old(~pumpRunning~0)|)) (<= 1 ~systemActive~0) (<= |old(~switchedOnBeforeTS~0)| 2147483647) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 2147483647) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 0)) (<= |old(~pumpRunning~0)| 2147483647) (<= |#NULL.offset| 0) (<= 0 (+ |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 2147483648)) (= |timeShift_getWaterLevel_~retValue_acc~1#1| |timeShift_getWaterLevel_#res#1|) (<= 4 ~cleanupTimeShifts~0) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| 2)) (<= ~methaneLevelCritical~0 0) (<= 0 ~head~0.base) (<= 0 (+ |old(~switchedOnBeforeTS~0)| 2147483648)) (<= |#NULL.base| 0) (<= 0 ~methaneLevelCritical~0) (<= 0 (+ |timeShift_getWaterLevel_~retValue_acc~1#1| 2147483648)) (<= ~head~0.base 0) (<= 0 |#NULL.offset|) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1|) (<= |timeShift_getWaterLevel_~retValue_acc~1#1| 2147483647) (<= ~systemActive~0 1))' at error location [2022-11-03 02:37:07,657 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 02:37:07,657 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 02:37:07,657 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 14 [2022-11-03 02:37:07,657 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [958806269] [2022-11-03 02:37:07,657 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 02:37:07,658 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2022-11-03 02:37:07,658 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:37:07,658 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2022-11-03 02:37:07,659 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=265, Invalid=1805, Unknown=0, NotChecked=0, Total=2070 [2022-11-03 02:37:07,659 INFO L87 Difference]: Start difference. First operand 408 states and 506 transitions. Second operand has 14 states, 12 states have (on average 5.666666666666667) internal successors, (68), 12 states have internal predecessors, (68), 5 states have call successors, (14), 3 states have call predecessors, (14), 6 states have return successors, (17), 7 states have call predecessors, (17), 5 states have call successors, (17) [2022-11-03 02:37:08,645 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:37:08,646 INFO L93 Difference]: Finished difference Result 805 states and 1020 transitions. [2022-11-03 02:37:08,646 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 30 states. [2022-11-03 02:37:08,646 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 12 states have (on average 5.666666666666667) internal successors, (68), 12 states have internal predecessors, (68), 5 states have call successors, (14), 3 states have call predecessors, (14), 6 states have return successors, (17), 7 states have call predecessors, (17), 5 states have call successors, (17) Word has length 65 [2022-11-03 02:37:08,647 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:37:08,649 INFO L225 Difference]: With dead ends: 805 [2022-11-03 02:37:08,649 INFO L226 Difference]: Without dead ends: 497 [2022-11-03 02:37:08,652 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 242 GetRequests, 174 SyntacticMatches, 0 SemanticMatches, 68 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1627 ImplicationChecksByTransitivity, 7.1s TimeCoverageRelationStatistics Valid=594, Invalid=4236, Unknown=0, NotChecked=0, Total=4830 [2022-11-03 02:37:08,652 INFO L413 NwaCegarLoop]: 97 mSDtfsCounter, 337 mSDsluCounter, 444 mSDsCounter, 0 mSdLazyCounter, 526 mSolverCounterSat, 208 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 342 SdHoareTripleChecker+Valid, 476 SdHoareTripleChecker+Invalid, 734 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 208 IncrementalHoareTripleChecker+Valid, 526 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2022-11-03 02:37:08,653 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [342 Valid, 476 Invalid, 734 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [208 Valid, 526 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2022-11-03 02:37:08,654 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 497 states. [2022-11-03 02:37:08,703 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 497 to 462. [2022-11-03 02:37:08,704 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 462 states, 310 states have (on average 1.1838709677419355) internal successors, (367), 345 states have internal predecessors, (367), 74 states have call successors, (74), 63 states have call predecessors, (74), 77 states have return successors, (119), 77 states have call predecessors, (119), 74 states have call successors, (119) [2022-11-03 02:37:08,706 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 462 states to 462 states and 560 transitions. [2022-11-03 02:37:08,706 INFO L78 Accepts]: Start accepts. Automaton has 462 states and 560 transitions. Word has length 65 [2022-11-03 02:37:08,707 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:37:08,707 INFO L495 AbstractCegarLoop]: Abstraction has 462 states and 560 transitions. [2022-11-03 02:37:08,707 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 12 states have (on average 5.666666666666667) internal successors, (68), 12 states have internal predecessors, (68), 5 states have call successors, (14), 3 states have call predecessors, (14), 6 states have return successors, (17), 7 states have call predecessors, (17), 5 states have call successors, (17) [2022-11-03 02:37:08,707 INFO L276 IsEmpty]: Start isEmpty. Operand 462 states and 560 transitions. [2022-11-03 02:37:08,709 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 92 [2022-11-03 02:37:08,709 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:37:08,709 INFO L195 NwaCegarLoop]: trace histogram [5, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:37:08,749 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-03 02:37:08,926 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:37:08,926 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:37:08,926 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:37:08,926 INFO L85 PathProgramCache]: Analyzing trace with hash -748666130, now seen corresponding path program 1 times [2022-11-03 02:37:08,926 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:37:08,927 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [726025881] [2022-11-03 02:37:08,927 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:37:08,927 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:37:08,963 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:37:09,987 INFO L134 CoverageAnalysis]: Checked inductivity of 79 backedges. 12 proven. 45 refuted. 0 times theorem prover too weak. 22 trivial. 0 not checked. [2022-11-03 02:37:09,987 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:37:09,987 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [726025881] [2022-11-03 02:37:09,987 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [726025881] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:37:09,988 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1977974046] [2022-11-03 02:37:09,988 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:37:09,988 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:37:09,988 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:37:09,989 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:37:09,995 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-11-03 02:37:10,140 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:37:10,143 INFO L263 TraceCheckSpWp]: Trace formula consists of 568 conjuncts, 30 conjunts are in the unsatisfiable core [2022-11-03 02:37:10,155 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:37:10,503 INFO L134 CoverageAnalysis]: Checked inductivity of 79 backedges. 57 proven. 16 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2022-11-03 02:37:10,503 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 02:37:10,994 INFO L134 CoverageAnalysis]: Checked inductivity of 79 backedges. 52 proven. 5 refuted. 0 times theorem prover too weak. 22 trivial. 0 not checked. [2022-11-03 02:37:10,995 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1977974046] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 02:37:10,995 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1243774765] [2022-11-03 02:37:10,997 INFO L159 IcfgInterpreter]: Started Sifa with 41 locations of interest [2022-11-03 02:37:10,997 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 02:37:10,998 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 02:37:10,998 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 02:37:10,998 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 02:37:19,361 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 324 for LOIs [2022-11-03 02:37:19,433 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 36 for LOIs [2022-11-03 02:37:19,819 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 29 for LOIs [2022-11-03 02:37:19,821 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 28 for LOIs [2022-11-03 02:37:19,841 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 35 for LOIs [2022-11-03 02:37:19,844 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 02:37:30,055 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '11549#(and (= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| |timeShift_getWaterLevel_#res#1|) (= ~methaneLevelCritical~0 0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| ~waterLevel~0) (= ~head~0.offset 0) (<= |old(~switchedOnBeforeTS~0)| 2147483647) (= 1 ~systemActive~0) (= |old(~pumpRunning~0)| 0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| |timeShift_getWaterLevel_#res#1|) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| 2)) (<= 0 ~head~0.base) (<= 0 (+ |old(~switchedOnBeforeTS~0)| 2147483648)) (<= 0 (+ |timeShift_getWaterLevel_~retValue_acc~1#1| 2147483648)) (<= ~head~0.base 0) (= |#NULL.offset| 0) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1|) (<= |timeShift_getWaterLevel_~retValue_acc~1#1| 2147483647) (= ~pumpRunning~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 02:37:30,055 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 02:37:30,055 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 02:37:30,056 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [19, 11, 11] total 31 [2022-11-03 02:37:30,056 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [522284605] [2022-11-03 02:37:30,056 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 02:37:30,056 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 31 states [2022-11-03 02:37:30,056 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:37:30,057 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 31 interpolants. [2022-11-03 02:37:30,058 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=394, Invalid=3512, Unknown=0, NotChecked=0, Total=3906 [2022-11-03 02:37:30,058 INFO L87 Difference]: Start difference. First operand 462 states and 560 transitions. Second operand has 31 states, 29 states have (on average 4.827586206896552) internal successors, (140), 30 states have internal predecessors, (140), 17 states have call successors, (28), 8 states have call predecessors, (28), 12 states have return successors, (27), 15 states have call predecessors, (27), 16 states have call successors, (27) [2022-11-03 02:37:34,342 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:37:34,342 INFO L93 Difference]: Finished difference Result 1033 states and 1298 transitions. [2022-11-03 02:37:34,342 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 66 states. [2022-11-03 02:37:34,343 INFO L78 Accepts]: Start accepts. Automaton has has 31 states, 29 states have (on average 4.827586206896552) internal successors, (140), 30 states have internal predecessors, (140), 17 states have call successors, (28), 8 states have call predecessors, (28), 12 states have return successors, (27), 15 states have call predecessors, (27), 16 states have call successors, (27) Word has length 91 [2022-11-03 02:37:34,343 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:37:34,344 INFO L225 Difference]: With dead ends: 1033 [2022-11-03 02:37:34,344 INFO L226 Difference]: Without dead ends: 0 [2022-11-03 02:37:34,351 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 377 GetRequests, 255 SyntacticMatches, 4 SemanticMatches, 118 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5547 ImplicationChecksByTransitivity, 13.2s TimeCoverageRelationStatistics Valid=1723, Invalid=12557, Unknown=0, NotChecked=0, Total=14280 [2022-11-03 02:37:34,352 INFO L413 NwaCegarLoop]: 124 mSDtfsCounter, 1489 mSDsluCounter, 963 mSDsCounter, 0 mSdLazyCounter, 1871 mSolverCounterSat, 968 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1496 SdHoareTripleChecker+Valid, 948 SdHoareTripleChecker+Invalid, 2839 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 968 IncrementalHoareTripleChecker+Valid, 1871 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.6s IncrementalHoareTripleChecker+Time [2022-11-03 02:37:34,352 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1496 Valid, 948 Invalid, 2839 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [968 Valid, 1871 Invalid, 0 Unknown, 0 Unchecked, 1.6s Time] [2022-11-03 02:37:34,352 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-03 02:37:34,352 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-03 02:37:34,353 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 02:37:34,353 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-03 02:37:34,353 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 91 [2022-11-03 02:37:34,353 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:37:34,353 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-03 02:37:34,353 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 31 states, 29 states have (on average 4.827586206896552) internal successors, (140), 30 states have internal predecessors, (140), 17 states have call successors, (28), 8 states have call predecessors, (28), 12 states have return successors, (27), 15 states have call predecessors, (27), 16 states have call successors, (27) [2022-11-03 02:37:34,354 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-03 02:37:34,354 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-03 02:37:34,356 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-03 02:37:34,378 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2022-11-03 02:37:34,558 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-03 02:37:34,560 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-03 02:37:41,220 INFO L895 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 352 359) the Hoare annotation is: (or (not (= 1 ~systemActive~0)) (not (<= ~waterLevel~0 2)) (= ~pumpRunning~0 ~switchedOnBeforeTS~0) (= ~switchedOnBeforeTS~0 0) (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|))) [2022-11-03 02:37:41,221 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 352 359) no Hoare annotation was computed. [2022-11-03 02:37:41,221 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 267 273) no Hoare annotation was computed. [2022-11-03 02:37:41,221 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 267 273) the Hoare annotation is: true [2022-11-03 02:37:41,221 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 84 95) the Hoare annotation is: true [2022-11-03 02:37:41,221 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 84 95) no Hoare annotation was computed. [2022-11-03 02:37:41,221 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 895 924) no Hoare annotation was computed. [2022-11-03 02:37:41,221 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 895 924) the Hoare annotation is: true [2022-11-03 02:37:41,221 INFO L902 garLoopResultBuilder]: At program point L920(lines 895 924) the Hoare annotation is: true [2022-11-03 02:37:41,222 INFO L899 garLoopResultBuilder]: For program point L916(line 916) no Hoare annotation was computed. [2022-11-03 02:37:41,222 INFO L899 garLoopResultBuilder]: For program point L909(lines 909 913) no Hoare annotation was computed. [2022-11-03 02:37:41,222 INFO L902 garLoopResultBuilder]: At program point L909-1(lines 909 913) the Hoare annotation is: true [2022-11-03 02:37:41,222 INFO L902 garLoopResultBuilder]: At program point L905-2(lines 905 919) the Hoare annotation is: true [2022-11-03 02:37:41,222 INFO L902 garLoopResultBuilder]: At program point L901(line 901) the Hoare annotation is: true [2022-11-03 02:37:41,222 INFO L899 garLoopResultBuilder]: For program point L901-1(line 901) no Hoare annotation was computed. [2022-11-03 02:37:41,223 INFO L895 garLoopResultBuilder]: At program point L320(line 320) the Hoare annotation is: (let ((.cse2 (= ~pumpRunning~0 0)) (.cse1 (not (= 1 ~systemActive~0))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse0 (not (= |old(~pumpRunning~0)| 0)))) (and (or .cse0 .cse1 (and .cse2 (= |old(~waterLevel~0)| ~waterLevel~0) (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) .cse3) (or .cse1 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse2) .cse3 (not (<= 2 |old(~waterLevel~0)|))) (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) .cse1 .cse3 (= |old(~switchedOnBeforeTS~0)| 0)) (or .cse0 (not (= 0 ~systemActive~0))))) [2022-11-03 02:37:41,223 INFO L895 garLoopResultBuilder]: At program point L320-1(lines 301 325) the Hoare annotation is: (let ((.cse8 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse16 (= 1 ~systemActive~0)) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse13 (not (= ~switchedOnBeforeTS~0 0))) (.cse2 (= ~pumpRunning~0 0)) (.cse15 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)))) (let ((.cse6 (and .cse13 .cse2 .cse15)) (.cse7 (and .cse8 .cse15 .cse16 .cse4)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse9 (not (<= 2 |old(~waterLevel~0)|))) (.cse10 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse1 (not .cse16)) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse11 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse0 (not (= |old(~pumpRunning~0)| 0)))) (and (or .cse0 .cse1 (and .cse2 .cse3 .cse4) (and (<= 2 ~waterLevel~0) .cse3) .cse5) (or .cse6 .cse7 .cse1 (and .cse3 (or .cse8 (= ~pumpRunning~0 1))) .cse5 .cse9) (or .cse6 .cse10 .cse7 .cse1 .cse5 .cse9 .cse11) (let ((.cse14 (< 0 |old(~waterLevel~0)|))) (let ((.cse12 (and .cse15 .cse14))) (or .cse10 (not (<= |old(~waterLevel~0)| 1)) (and .cse8 (<= ~waterLevel~0 0) (or .cse12 .cse3) .cse4) .cse1 (and .cse13 .cse2 (or (and (not .cse14) .cse3) .cse12)) .cse11))) (or .cse0 (not (= 0 ~systemActive~0)))))) [2022-11-03 02:37:41,224 INFO L895 garLoopResultBuilder]: At program point L254-1(lines 254 260) the Hoare annotation is: (let ((.cse8 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse17 (= 1 ~systemActive~0)) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse14 (not (= ~switchedOnBeforeTS~0 0))) (.cse2 (= ~pumpRunning~0 0)) (.cse16 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)))) (let ((.cse6 (and .cse14 .cse2 .cse16)) (.cse7 (and .cse8 .cse16 .cse17 .cse4)) (.cse11 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse1 (not .cse17)) (.cse12 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse10 (not (= 0 ~systemActive~0))) (.cse9 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 .cse1 (and .cse2 .cse3 .cse4) (and (<= 2 ~waterLevel~0) .cse3) .cse5) (or .cse6 .cse7 .cse1 (and .cse3 (or .cse8 (= ~pumpRunning~0 1))) .cse5 .cse9) (or .cse0 .cse2 .cse10) (or .cse6 .cse11 .cse7 .cse1 .cse5 .cse9 .cse12) (or .cse0 (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1) .cse10) (let ((.cse15 (< 0 |old(~waterLevel~0)|))) (let ((.cse13 (and .cse16 .cse15))) (or .cse11 (not (<= |old(~waterLevel~0)| 1)) (and .cse8 (<= ~waterLevel~0 0) (or .cse13 .cse3) .cse4) .cse1 (and .cse14 .cse2 (or (and (not .cse15) .cse3) .cse13)) .cse12))) (or .cse0 .cse3 .cse5 .cse10 .cse9)))) [2022-11-03 02:37:41,224 INFO L895 garLoopResultBuilder]: At program point L874(line 874) the Hoare annotation is: (let ((.cse6 (not (= 0 ~systemActive~0))) (.cse8 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse9 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse5 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse1 (not (= 1 ~systemActive~0))) (.cse12 (not (= ~switchedOnBeforeTS~0 0))) (.cse2 (= ~pumpRunning~0 0)) (.cse3 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| ~waterLevel~0)) (.cse7 (not (<= |old(~waterLevel~0)| 2))) (.cse4 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse10 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)))) (and (or (not (<= |old(~waterLevel~0)| 1)) .cse0 .cse1 (and .cse2 .cse3 .cse4 .cse5)) (or .cse0 .cse2 .cse6) (or .cse0 (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1) .cse6) (or .cse0 .cse7 .cse6 .cse8) (let ((.cse11 (or .cse0 (<= |old(~waterLevel~0)| ~waterLevel~0)))) (or .cse1 (and .cse9 .cse10 .cse3 .cse5 .cse11) (and .cse12 .cse2 .cse10 .cse3 .cse11) .cse7 .cse8)) (let ((.cse13 (let ((.cse14 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse14) .cse4) (and .cse10 .cse14))))) (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) (and .cse9 .cse3 .cse13 .cse5) .cse1 (and .cse12 .cse2 .cse3 .cse13) .cse7 (= |old(~switchedOnBeforeTS~0)| 0))))) [2022-11-03 02:37:41,225 INFO L899 garLoopResultBuilder]: For program point L874-1(line 874) no Hoare annotation was computed. [2022-11-03 02:37:41,225 INFO L899 garLoopResultBuilder]: For program point L247-2(lines 243 265) no Hoare annotation was computed. [2022-11-03 02:37:41,225 INFO L899 garLoopResultBuilder]: For program point L309(lines 309 317) no Hoare annotation was computed. [2022-11-03 02:37:41,225 INFO L895 garLoopResultBuilder]: At program point L305(lines 305 322) the Hoare annotation is: (let ((.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse5 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= ~pumpRunning~0 0)) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse8 (not (<= |old(~waterLevel~0)| 2))) (.cse6 (not (= |old(~pumpRunning~0)| 0)))) (and (or .cse0 (not (<= |old(~waterLevel~0)| 1)) .cse1 (and .cse2 (or (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) .cse3) (<= ~waterLevel~0 0) .cse4) .cse5) (or .cse6 .cse1 (and .cse7 .cse3 .cse4) .cse8) (or .cse0 .cse1 .cse3 (not (<= |old(~waterLevel~0)| 0)) .cse5) (or .cse1 (and .cse2 (or .cse7 (and (<= ~waterLevel~0 1) (<= 1 ~waterLevel~0))) .cse4) .cse8 (not (<= 2 |old(~waterLevel~0)|))) (or .cse6 (not (= 0 ~systemActive~0))))) [2022-11-03 02:37:41,226 INFO L895 garLoopResultBuilder]: At program point L859(line 859) the Hoare annotation is: (let ((.cse2 (not (= 0 ~systemActive~0))) (.cse3 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse4 (= ~pumpRunning~0 0)) (.cse5 (not (= 1 ~systemActive~0))) (.cse6 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse7 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse2 (and .cse4 (or .cse1 (= ~waterLevel~0 1)))) (or .cse5 (and .cse6 .cse1) .cse7 .cse3) (or .cse0 .cse5 .cse7 (and (not (= ~switchedOnBeforeTS~0 0)) .cse4 .cse1) (= |old(~switchedOnBeforeTS~0)| 0)) (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) .cse5 (and .cse6 .cse1 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) .cse7))) [2022-11-03 02:37:41,226 INFO L895 garLoopResultBuilder]: At program point L859-1(line 859) the Hoare annotation is: (let ((.cse5 (= ~pumpRunning~0 0)) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse9 (not (<= |old(~waterLevel~0)| 2))) (.cse4 (not (= 0 ~systemActive~0))) (.cse10 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse7 (not (<= |old(~waterLevel~0)| 1))) (.cse1 (not (= 1 ~systemActive~0))) (.cse11 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse8 (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__2_#t~ret50#1|)) (.cse6 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse2 (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1 .cse2) (or .cse3 .cse4 (and .cse5 (or .cse6 (= ~waterLevel~0 1)))) (or .cse7 .cse3 .cse1 (and .cse5 .cse8 .cse6)) (or .cse0 .cse1 .cse9 .cse2 .cse10) (or .cse1 (and .cse11 .cse8 .cse6) .cse9 .cse10) (or .cse3 .cse6 .cse9 .cse4 .cse10) (or .cse0 .cse7 .cse1 (and .cse11 .cse8 .cse6 .cse2) (= |old(~switchedOnBeforeTS~0)| 0)))) [2022-11-03 02:37:41,226 INFO L899 garLoopResultBuilder]: For program point L876(lines 876 886) no Hoare annotation was computed. [2022-11-03 02:37:41,226 INFO L899 garLoopResultBuilder]: For program point L872(lines 872 889) no Hoare annotation was computed. [2022-11-03 02:37:41,227 INFO L895 garLoopResultBuilder]: At program point L872-1(lines 864 892) the Hoare annotation is: (let ((.cse9 (= 1 ~systemActive~0))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse13 (< 1 |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1|)) (.cse2 (not (= 0 ~systemActive~0))) (.cse12 (not (<= 2 |old(~waterLevel~0)|))) (.cse5 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse10 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse6 (not .cse9)) (.cse11 (not (<= |old(~waterLevel~0)| 2))) (.cse7 (not (= ~switchedOnBeforeTS~0 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse3 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| ~waterLevel~0)) (.cse4 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse8 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)))) (and (or .cse0 .cse1 .cse2) (or (and .cse3 .cse4 (or .cse5 (= ~pumpRunning~0 1))) .cse6 (and .cse7 .cse1 .cse8 .cse9 .cse3) (and .cse5 .cse8 .cse3 .cse10) .cse11 .cse12) (or .cse0 (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1) .cse2) (or .cse0 .cse6 (and .cse1 .cse9 .cse3 .cse4 .cse10) .cse11 (and .cse13 .cse3 .cse4)) (or .cse0 .cse11 (and .cse13 (<= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| 2) .cse4) .cse2 .cse12) (let ((.cse14 (let ((.cse15 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse15) .cse4) (and .cse8 .cse15))))) (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) (and .cse5 .cse3 .cse14 .cse10) .cse6 .cse11 (and .cse7 .cse1 .cse9 .cse3 .cse14) (= |old(~switchedOnBeforeTS~0)| 0)))))) [2022-11-03 02:37:41,227 INFO L895 garLoopResultBuilder]: At program point L315(line 315) the Hoare annotation is: (let ((.cse1 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse3 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse0 (not (= 1 ~systemActive~0))) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse6 (not (= |old(~pumpRunning~0)| 0)))) (and (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) .cse0 (and .cse1 (let ((.cse2 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse2) (= |old(~waterLevel~0)| ~waterLevel~0)) (and .cse3 .cse2))) .cse4) .cse5) (or (and .cse1 .cse3 .cse4) .cse0 .cse5 (not (<= 2 |old(~waterLevel~0)|))) (or .cse6 .cse0 .cse5) (or .cse6 (not (= 0 ~systemActive~0))))) [2022-11-03 02:37:41,228 INFO L895 garLoopResultBuilder]: At program point L311(line 311) the Hoare annotation is: (let ((.cse1 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse3 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse0 (not (= 1 ~systemActive~0))) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse6 (not (= |old(~pumpRunning~0)| 0)))) (and (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) .cse0 (and .cse1 (let ((.cse2 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse2) (= |old(~waterLevel~0)| ~waterLevel~0)) (and .cse3 .cse2))) .cse4) .cse5) (or (and .cse1 .cse3 .cse4) .cse0 .cse5 (not (<= 2 |old(~waterLevel~0)|))) (or .cse6 .cse0 .cse5) (or .cse6 (not (= 0 ~systemActive~0))))) [2022-11-03 02:37:41,228 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 240 266) the Hoare annotation is: (let ((.cse2 (not (= 0 ~systemActive~0))) (.cse3 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse4 (= ~pumpRunning~0 0)) (.cse5 (not (= 1 ~systemActive~0))) (.cse6 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse7 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse2 (and .cse4 (or .cse1 (= ~waterLevel~0 1)))) (or .cse5 (and .cse6 .cse1) .cse7 .cse3) (or .cse0 .cse5 .cse7 (and (not (= ~switchedOnBeforeTS~0 0)) .cse4 .cse1) (= |old(~switchedOnBeforeTS~0)| 0)) (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) .cse5 (and .cse6 .cse1 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) .cse7))) [2022-11-03 02:37:41,228 INFO L899 garLoopResultBuilder]: For program point L877(lines 877 883) no Hoare annotation was computed. [2022-11-03 02:37:41,228 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 240 266) no Hoare annotation was computed. [2022-11-03 02:37:41,229 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 840) no Hoare annotation was computed. [2022-11-03 02:37:41,229 INFO L895 garLoopResultBuilder]: At program point L840(line 840) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (not (= |old(~pumpRunning~0)| 0)))) (and (or .cse0 .cse1 (not (<= 2 |old(~waterLevel~0)|))) (or .cse2 .cse0 .cse1) (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) .cse0 .cse1) (or .cse2 (not (= 0 ~systemActive~0))))) [2022-11-03 02:37:41,229 INFO L902 garLoopResultBuilder]: At program point L225(lines 164 229) the Hoare annotation is: true [2022-11-03 02:37:41,229 INFO L899 garLoopResultBuilder]: For program point L184(lines 184 190) no Hoare annotation was computed. [2022-11-03 02:37:41,229 INFO L899 garLoopResultBuilder]: For program point L184-1(lines 184 190) no Hoare annotation was computed. [2022-11-03 02:37:41,230 INFO L895 garLoopResultBuilder]: At program point L222(lines 173 223) the Hoare annotation is: false [2022-11-03 02:37:41,230 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-03 02:37:41,230 INFO L899 garLoopResultBuilder]: For program point L210(lines 210 216) no Hoare annotation was computed. [2022-11-03 02:37:41,230 INFO L895 garLoopResultBuilder]: At program point L210-2(lines 204 217) the Hoare annotation is: (let ((.cse3 (= ~pumpRunning~0 0)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and (<= 2 ~waterLevel~0) .cse0 .cse1 .cse2) (and (<= ~waterLevel~0 1) .cse0 .cse1 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 (= 0 ~systemActive~0)) (and .cse3 .cse0 .cse1 .cse2))) [2022-11-03 02:37:41,230 INFO L899 garLoopResultBuilder]: For program point L458(lines 458 464) no Hoare annotation was computed. [2022-11-03 02:37:41,231 INFO L895 garLoopResultBuilder]: At program point L458-1(lines 458 464) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-11-03 02:37:41,231 INFO L899 garLoopResultBuilder]: For program point L194(lines 194 200) no Hoare annotation was computed. [2022-11-03 02:37:41,231 INFO L899 garLoopResultBuilder]: For program point L194-1(lines 194 200) no Hoare annotation was computed. [2022-11-03 02:37:41,231 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-03 02:37:41,231 INFO L895 garLoopResultBuilder]: At program point L219(lines 174 221) the Hoare annotation is: (let ((.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 1)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (<= 2 ~waterLevel~0) .cse0 .cse1 (<= ~waterLevel~0 2)) (and .cse2 .cse0 .cse1 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 (= 0 ~systemActive~0)) (and .cse3 .cse2 .cse0 .cse1))) [2022-11-03 02:37:41,231 INFO L895 garLoopResultBuilder]: At program point L186(line 186) the Hoare annotation is: (let ((.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 1)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (<= 2 ~waterLevel~0) .cse0 .cse1 (<= ~waterLevel~0 2)) (and .cse2 .cse0 .cse1 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 (= 0 ~systemActive~0)) (and .cse3 .cse2 .cse0 .cse1))) [2022-11-03 02:37:41,232 INFO L895 garLoopResultBuilder]: At program point L980(lines 980 987) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1) (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) [2022-11-03 02:37:41,232 INFO L902 garLoopResultBuilder]: At program point L980-2(lines 980 987) the Hoare annotation is: true [2022-11-03 02:37:41,232 INFO L899 garLoopResultBuilder]: For program point L175(lines 174 221) no Hoare annotation was computed. [2022-11-03 02:37:41,232 INFO L899 garLoopResultBuilder]: For program point L204(lines 204 217) no Hoare annotation was computed. [2022-11-03 02:37:41,232 INFO L895 garLoopResultBuilder]: At program point L460(line 460) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= 1 ~systemActive~0) .cse0) (and (<= 2 ~waterLevel~0) .cse0 (not (= 0 ~systemActive~0))))) [2022-11-03 02:37:41,233 INFO L895 garLoopResultBuilder]: At program point L196(line 196) the Hoare annotation is: (let ((.cse3 (= ~pumpRunning~0 0)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= ~waterLevel~0 2))) (or (and (<= 2 ~waterLevel~0) .cse0 .cse1 .cse2) (and (<= ~waterLevel~0 1) .cse0 .cse1 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 (= 0 ~systemActive~0)) (and .cse3 .cse0 .cse1 .cse2))) [2022-11-03 02:37:41,233 INFO L895 garLoopResultBuilder]: At program point L289(line 289) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2))) (.cse2 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 (= ~switchedOnBeforeTS~0 0) .cse2) (or .cse0 (and (or (<= 2 ~waterLevel~0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~1#1| 0)) (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) .cse1 .cse2))) [2022-11-03 02:37:41,233 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 275 299) the Hoare annotation is: (or (not (= 1 ~systemActive~0)) (not (<= ~waterLevel~0 2)) (= ~pumpRunning~0 ~switchedOnBeforeTS~0) (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|))) [2022-11-03 02:37:41,233 INFO L895 garLoopResultBuilder]: At program point L283(lines 283 291) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2))) (.cse2 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 (= ~switchedOnBeforeTS~0 0) .cse2) (or .cse0 (and (or (<= 2 ~waterLevel~0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~1#1| 0)) (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) .cse1 .cse2))) [2022-11-03 02:37:41,234 INFO L895 garLoopResultBuilder]: At program point L279(lines 279 296) the Hoare annotation is: (or (not (= 1 ~systemActive~0)) (not (<= ~waterLevel~0 2)) (= ~pumpRunning~0 ~switchedOnBeforeTS~0) (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|))) [2022-11-03 02:37:41,234 INFO L895 garLoopResultBuilder]: At program point L294(line 294) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2))) (.cse2 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 (= ~pumpRunning~0 ~switchedOnBeforeTS~0) .cse2) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1 .cse2))) [2022-11-03 02:37:41,234 INFO L899 garLoopResultBuilder]: For program point L294-1(lines 275 299) no Hoare annotation was computed. [2022-11-03 02:37:41,234 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 275 299) no Hoare annotation was computed. [2022-11-03 02:37:41,234 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 72 83) no Hoare annotation was computed. [2022-11-03 02:37:41,235 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 72 83) the Hoare annotation is: (let ((.cse2 (not (<= |old(~waterLevel~0)| 1))) (.cse0 (not (= 1 ~systemActive~0))) (.cse3 (not (= ~pumpRunning~0 0))) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 .cse1 (not (<= |old(~waterLevel~0)| 2)) (not (<= 2 |old(~waterLevel~0)|))) (or .cse2 .cse0 (not (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) .cse1) (or .cse2 .cse3 .cse0 .cse1) (or .cse3 .cse1 (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))))) [2022-11-03 02:37:41,235 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 371 379) no Hoare annotation was computed. [2022-11-03 02:37:41,235 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 371 379) the Hoare annotation is: true [2022-11-03 02:37:41,238 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:37:41,241 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-03 02:37:41,276 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 03.11 02:37:41 BoogieIcfgContainer [2022-11-03 02:37:41,277 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-03 02:37:41,277 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-03 02:37:41,277 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-03 02:37:41,278 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-03 02:37:41,278 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 02:36:25" (3/4) ... [2022-11-03 02:37:41,281 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-03 02:37:41,286 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-11-03 02:37:41,287 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-03 02:37:41,287 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-03 02:37:41,287 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-03 02:37:41,287 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-03 02:37:41,287 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 02:37:41,288 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-03 02:37:41,288 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-11-03 02:37:41,295 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 80 nodes and edges [2022-11-03 02:37:41,296 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 29 nodes and edges [2022-11-03 02:37:41,296 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 12 nodes and edges [2022-11-03 02:37:41,297 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-03 02:37:41,297 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-11-03 02:37:41,298 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 02:37:41,298 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 02:37:41,323 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || pumpRunning == switchedOnBeforeTS) && ((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || (pumpRunning == 0 && (\old(waterLevel) == waterLevel || waterLevel == 1)))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || ((pumpRunning == 0 && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || pumpRunning == switchedOnBeforeTS) || !(2 <= \old(waterLevel)))) && (((!(1 == systemActive) || ((pumpRunning == \old(pumpRunning) && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || (((pumpRunning == \old(pumpRunning) && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || \old(switchedOnBeforeTS) == 0) [2022-11-03 02:37:41,324 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || (2 <= waterLevel && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) && (((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && 1 == systemActive) && pumpRunning == switchedOnBeforeTS)) || !(1 == systemActive)) || (\old(waterLevel) == waterLevel && (pumpRunning == \old(pumpRunning) || pumpRunning == 1))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(0 == systemActive))) && ((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) || !(\old(switchedOnBeforeTS) == \old(pumpRunning))) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && 1 == systemActive) && pumpRunning == switchedOnBeforeTS)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || \old(switchedOnBeforeTS) == 0)) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || waterLevel == 1) || !(0 == systemActive))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS)) || !(1 == systemActive)) || ((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))))) || \old(switchedOnBeforeTS) == 0)) && ((((!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel))) [2022-11-03 02:37:41,325 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(0 == systemActive)) && (((((((tmp == waterLevel && \old(waterLevel) == waterLevel) && (pumpRunning == \old(pumpRunning) || pumpRunning == 1)) || !(1 == systemActive)) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && 1 == systemActive) && tmp == waterLevel)) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || waterLevel == 1) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((((pumpRunning == 0 && 1 == systemActive) && tmp == waterLevel) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((1 < tmp && tmp == waterLevel) && \old(waterLevel) == waterLevel))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || ((1 < tmp && tmp <= 2) && \old(waterLevel) == waterLevel)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || (((pumpRunning == \old(pumpRunning) && tmp == waterLevel) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && pumpRunning == switchedOnBeforeTS)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && 1 == systemActive) && tmp == waterLevel) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))))) || \old(switchedOnBeforeTS) == 0) [2022-11-03 02:37:41,325 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || (((pumpRunning == \old(pumpRunning) && (\old(waterLevel) == waterLevel + 1 || \old(waterLevel) == waterLevel)) && waterLevel <= 0) && pumpRunning == switchedOnBeforeTS)) || \old(switchedOnBeforeTS) == 0) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || \old(waterLevel) == waterLevel) || !(\old(waterLevel) <= 0)) || \old(switchedOnBeforeTS) == 0)) && (((!(1 == systemActive) || ((pumpRunning == \old(pumpRunning) && (pumpRunning == 0 || (waterLevel <= 1 && 1 <= waterLevel))) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) [2022-11-03 02:37:41,325 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(1 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) [2022-11-03 02:37:41,325 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || (2 <= waterLevel && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) && (((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && 1 == systemActive) && pumpRunning == switchedOnBeforeTS)) || !(1 == systemActive)) || (\old(waterLevel) == waterLevel && (pumpRunning == \old(pumpRunning) || pumpRunning == 1))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) || !(\old(switchedOnBeforeTS) == \old(pumpRunning))) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && 1 == systemActive) && pumpRunning == switchedOnBeforeTS)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || \old(switchedOnBeforeTS) == 0)) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS)) || !(1 == systemActive)) || ((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))))) || \old(switchedOnBeforeTS) == 0)) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) [2022-11-03 02:37:41,326 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(1 == systemActive) || !(waterLevel <= 2)) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning)) [2022-11-03 02:37:41,327 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(1 == systemActive) || !(waterLevel <= 2)) || switchedOnBeforeTS == 0) || !(switchedOnBeforeTS == \old(pumpRunning))) && (((!(1 == systemActive) || ((2 <= waterLevel || tmp == 0) && pumpRunning == switchedOnBeforeTS)) || !(waterLevel <= 2)) || !(switchedOnBeforeTS == \old(pumpRunning))) [2022-11-03 02:37:41,354 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/witness.graphml [2022-11-03 02:37:41,354 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-03 02:37:41,355 INFO L158 Benchmark]: Toolchain (without parser) took 76855.42ms. Allocated memory was 111.1MB in the beginning and 704.6MB in the end (delta: 593.5MB). Free memory was 72.5MB in the beginning and 374.6MB in the end (delta: -302.1MB). Peak memory consumption was 289.8MB. Max. memory is 16.1GB. [2022-11-03 02:37:41,355 INFO L158 Benchmark]: CDTParser took 0.22ms. Allocated memory is still 111.1MB. Free memory was 89.7MB in the beginning and 89.5MB in the end (delta: 114.5kB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-03 02:37:41,355 INFO L158 Benchmark]: CACSL2BoogieTranslator took 505.86ms. Allocated memory is still 111.1MB. Free memory was 72.3MB in the beginning and 75.9MB in the end (delta: -3.6MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2022-11-03 02:37:41,356 INFO L158 Benchmark]: Boogie Procedure Inliner took 74.89ms. Allocated memory is still 111.1MB. Free memory was 75.9MB in the beginning and 73.5MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-03 02:37:41,356 INFO L158 Benchmark]: Boogie Preprocessor took 54.85ms. Allocated memory is still 111.1MB. Free memory was 73.5MB in the beginning and 71.4MB in the end (delta: 2.0MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-03 02:37:41,356 INFO L158 Benchmark]: RCFGBuilder took 813.71ms. Allocated memory was 111.1MB in the beginning and 159.4MB in the end (delta: 48.2MB). Free memory was 71.4MB in the beginning and 130.2MB in the end (delta: -58.7MB). Peak memory consumption was 37.7MB. Max. memory is 16.1GB. [2022-11-03 02:37:41,357 INFO L158 Benchmark]: TraceAbstraction took 75312.17ms. Allocated memory was 159.4MB in the beginning and 704.6MB in the end (delta: 545.3MB). Free memory was 129.0MB in the beginning and 380.9MB in the end (delta: -251.9MB). Peak memory consumption was 431.2MB. Max. memory is 16.1GB. [2022-11-03 02:37:41,357 INFO L158 Benchmark]: Witness Printer took 77.05ms. Allocated memory is still 704.6MB. Free memory was 380.9MB in the beginning and 374.6MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-03 02:37:41,359 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.22ms. Allocated memory is still 111.1MB. Free memory was 89.7MB in the beginning and 89.5MB in the end (delta: 114.5kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 505.86ms. Allocated memory is still 111.1MB. Free memory was 72.3MB in the beginning and 75.9MB in the end (delta: -3.6MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 74.89ms. Allocated memory is still 111.1MB. Free memory was 75.9MB in the beginning and 73.5MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 54.85ms. Allocated memory is still 111.1MB. Free memory was 73.5MB in the beginning and 71.4MB in the end (delta: 2.0MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 813.71ms. Allocated memory was 111.1MB in the beginning and 159.4MB in the end (delta: 48.2MB). Free memory was 71.4MB in the beginning and 130.2MB in the end (delta: -58.7MB). Peak memory consumption was 37.7MB. Max. memory is 16.1GB. * TraceAbstraction took 75312.17ms. Allocated memory was 159.4MB in the beginning and 704.6MB in the end (delta: 545.3MB). Free memory was 129.0MB in the beginning and 380.9MB in the end (delta: -251.9MB). Peak memory consumption was 431.2MB. Max. memory is 16.1GB. * Witness Printer took 77.05ms. Allocated memory is still 704.6MB. Free memory was 380.9MB in the beginning and 374.6MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 840]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 66 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 75.2s, OverallIterations: 10, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 8.5s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 6.7s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2900 SdHoareTripleChecker+Valid, 3.7s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2870 mSDsluCounter, 3023 SdHoareTripleChecker+Invalid, 3.0s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2568 mSDsCounter, 1639 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 3785 IncrementalHoareTripleChecker+Invalid, 5424 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 1639 mSolverCounterUnsat, 820 mSDtfsCounter, 3785 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 903 GetRequests, 616 SyntacticMatches, 10 SemanticMatches, 277 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8654 ImplicationChecksByTransitivity, 26.7s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=514occurred in iteration=6, InterpolantAutomatonStates: 171, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 10 MinimizatonAttempts, 176 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 38 LocationsWithAnnotation, 1545 PreInvPairs, 1819 NumberOfFragments, 2142 HoareAnnotationTreeSize, 1545 FomulaSimplifications, 6128 FormulaSimplificationTreeSizeReduction, 0.6s HoareSimplificationTime, 38 FomulaSimplificationsInter, 27952 FormulaSimplificationTreeSizeReductionInter, 5.9s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.4s SatisfiabilityAnalysisTime, 4.8s InterpolantComputationTime, 658 NumberOfCodeBlocks, 658 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 860 ConstructedInterpolants, 0 QuantifiedInterpolants, 3203 SizeOfPredicates, 27 NumberOfNonLiveVariables, 1492 ConjunctsInSsa, 65 ConjunctsInUnsatCore, 16 InterpolantComputations, 7 PerfectInterpolantSequences, 323/431 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 895]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 283]: Loop Invariant Derived loop invariant: (((!(1 == systemActive) || !(waterLevel <= 2)) || switchedOnBeforeTS == 0) || !(switchedOnBeforeTS == \old(pumpRunning))) && (((!(1 == systemActive) || ((2 <= waterLevel || tmp == 0) && pumpRunning == switchedOnBeforeTS)) || !(waterLevel <= 2)) || !(switchedOnBeforeTS == \old(pumpRunning))) - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 980]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 301]: Loop Invariant Derived loop invariant: (((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || (2 <= waterLevel && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) && (((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && 1 == systemActive) && pumpRunning == switchedOnBeforeTS)) || !(1 == systemActive)) || (\old(waterLevel) == waterLevel && (pumpRunning == \old(pumpRunning) || pumpRunning == 1))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) || !(\old(switchedOnBeforeTS) == \old(pumpRunning))) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && 1 == systemActive) && pumpRunning == switchedOnBeforeTS)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || \old(switchedOnBeforeTS) == 0)) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS)) || !(1 == systemActive)) || ((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))))) || \old(switchedOnBeforeTS) == 0)) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) - InvariantResult [Line: 905]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 164]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 859]: Loop Invariant Derived loop invariant: ((((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || pumpRunning == switchedOnBeforeTS) && ((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || (pumpRunning == 0 && (\old(waterLevel) == waterLevel || waterLevel == 1)))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || ((pumpRunning == 0 && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || pumpRunning == switchedOnBeforeTS) || !(2 <= \old(waterLevel)))) && (((!(1 == systemActive) || ((pumpRunning == \old(pumpRunning) && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || (((pumpRunning == \old(pumpRunning) && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || \old(switchedOnBeforeTS) == 0) - InvariantResult [Line: 980]: Loop Invariant Derived loop invariant: ((pumpRunning == 0 && 1 == systemActive) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS - InvariantResult [Line: 305]: Loop Invariant Derived loop invariant: (((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || (((pumpRunning == \old(pumpRunning) && (\old(waterLevel) == waterLevel + 1 || \old(waterLevel) == waterLevel)) && waterLevel <= 0) && pumpRunning == switchedOnBeforeTS)) || \old(switchedOnBeforeTS) == 0) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 2))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || \old(waterLevel) == waterLevel) || !(\old(waterLevel) <= 0)) || \old(switchedOnBeforeTS) == 0)) && (((!(1 == systemActive) || ((pumpRunning == \old(pumpRunning) && (pumpRunning == 0 || (waterLevel <= 1 && 1 <= waterLevel))) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) - InvariantResult [Line: 254]: Loop Invariant Derived loop invariant: (((((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || (2 <= waterLevel && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) && (((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && 1 == systemActive) && pumpRunning == switchedOnBeforeTS)) || !(1 == systemActive)) || (\old(waterLevel) == waterLevel && (pumpRunning == \old(pumpRunning) || pumpRunning == 1))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(0 == systemActive))) && ((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) || !(\old(switchedOnBeforeTS) == \old(pumpRunning))) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && 1 == systemActive) && pumpRunning == switchedOnBeforeTS)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || \old(switchedOnBeforeTS) == 0)) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || waterLevel == 1) || !(0 == systemActive))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS)) || !(1 == systemActive)) || ((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))))) || \old(switchedOnBeforeTS) == 0)) && ((((!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 458]: Loop Invariant Derived loop invariant: pumpRunning == 0 && splverifierCounter == 0 - InvariantResult [Line: 840]: Loop Invariant Derived loop invariant: ((((!(1 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && ((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) - InvariantResult [Line: 864]: Loop Invariant Derived loop invariant: ((((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(0 == systemActive)) && (((((((tmp == waterLevel && \old(waterLevel) == waterLevel) && (pumpRunning == \old(pumpRunning) || pumpRunning == 1)) || !(1 == systemActive)) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && 1 == systemActive) && tmp == waterLevel)) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || waterLevel == 1) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((((pumpRunning == 0 && 1 == systemActive) && tmp == waterLevel) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((1 < tmp && tmp == waterLevel) && \old(waterLevel) == waterLevel))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || ((1 < tmp && tmp <= 2) && \old(waterLevel) == waterLevel)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || (((pumpRunning == \old(pumpRunning) && tmp == waterLevel) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && pumpRunning == switchedOnBeforeTS)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && 1 == systemActive) && tmp == waterLevel) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))))) || \old(switchedOnBeforeTS) == 0) - InvariantResult [Line: 174]: Loop Invariant Derived loop invariant: (((((2 <= waterLevel && 1 == systemActive) && splverifierCounter == 0) && waterLevel <= 2) || (((waterLevel <= 1 && 1 == systemActive) && splverifierCounter == 0) && pumpRunning == switchedOnBeforeTS)) || ((pumpRunning == 0 && splverifierCounter == 0) && 0 == systemActive)) || (((pumpRunning == 0 && waterLevel <= 1) && 1 == systemActive) && splverifierCounter == 0) - InvariantResult [Line: 279]: Loop Invariant Derived loop invariant: ((!(1 == systemActive) || !(waterLevel <= 2)) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning)) - InvariantResult [Line: 173]: Loop Invariant Derived loop invariant: 0 RESULT: Ultimate proved your program to be correct! [2022-11-03 02:37:41,418 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e360b725-e555-4e4e-8079-aef94880a7f3/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE