./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec2_product51.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 8393723b Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec2_product51.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 242c9b24ea8c293cca4af0028144a97f9048375edcd4379fb21e62564563d3d5 --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-8393723 [2022-11-19 07:25:16,561 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-19 07:25:16,563 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-19 07:25:16,589 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-19 07:25:16,590 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-19 07:25:16,591 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-19 07:25:16,593 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-19 07:25:16,595 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-19 07:25:16,597 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-19 07:25:16,598 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-19 07:25:16,599 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-19 07:25:16,600 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-19 07:25:16,600 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-19 07:25:16,602 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-19 07:25:16,603 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-19 07:25:16,604 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-19 07:25:16,605 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-19 07:25:16,606 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-19 07:25:16,608 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-19 07:25:16,610 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-19 07:25:16,612 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-19 07:25:16,613 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-19 07:25:16,615 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-19 07:25:16,616 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-19 07:25:16,620 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-19 07:25:16,620 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-19 07:25:16,621 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-19 07:25:16,622 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-19 07:25:16,622 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-19 07:25:16,623 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-19 07:25:16,624 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-19 07:25:16,625 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-19 07:25:16,626 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-19 07:25:16,627 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-19 07:25:16,628 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-19 07:25:16,628 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-19 07:25:16,629 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-19 07:25:16,630 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-19 07:25:16,630 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-19 07:25:16,631 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-19 07:25:16,632 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-19 07:25:16,633 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-19 07:25:16,656 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-19 07:25:16,656 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-19 07:25:16,656 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-19 07:25:16,657 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-19 07:25:16,657 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-19 07:25:16,658 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-19 07:25:16,658 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-19 07:25:16,658 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-19 07:25:16,659 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-19 07:25:16,659 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-19 07:25:16,659 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-19 07:25:16,659 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-19 07:25:16,660 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-19 07:25:16,660 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-19 07:25:16,660 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-19 07:25:16,660 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-19 07:25:16,661 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-19 07:25:16,661 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-19 07:25:16,662 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-19 07:25:16,662 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-19 07:25:16,662 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-19 07:25:16,662 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-19 07:25:16,663 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-19 07:25:16,663 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-19 07:25:16,663 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-19 07:25:16,663 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-19 07:25:16,664 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-19 07:25:16,664 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-19 07:25:16,664 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-19 07:25:16,664 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-19 07:25:16,664 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-19 07:25:16,665 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-19 07:25:16,665 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-19 07:25:16,665 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-19 07:25:16,665 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-19 07:25:16,666 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-19 07:25:16,666 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-19 07:25:16,666 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-19 07:25:16,666 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-19 07:25:16,667 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-19 07:25:16,667 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-19 07:25:16,667 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 242c9b24ea8c293cca4af0028144a97f9048375edcd4379fb21e62564563d3d5 [2022-11-19 07:25:16,944 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-19 07:25:16,969 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-19 07:25:16,972 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-19 07:25:16,973 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-19 07:25:16,974 INFO L275 PluginConnector]: CDTParser initialized [2022-11-19 07:25:16,976 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/../../sv-benchmarks/c/product-lines/minepump_spec2_product51.cil.c [2022-11-19 07:25:17,048 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/data/656cff30a/8b18d72eb38f4b7884df20bf35a80ddb/FLAG5d049f2de [2022-11-19 07:25:17,722 INFO L306 CDTParser]: Found 1 translation units. [2022-11-19 07:25:17,722 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/sv-benchmarks/c/product-lines/minepump_spec2_product51.cil.c [2022-11-19 07:25:17,734 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/data/656cff30a/8b18d72eb38f4b7884df20bf35a80ddb/FLAG5d049f2de [2022-11-19 07:25:18,005 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/data/656cff30a/8b18d72eb38f4b7884df20bf35a80ddb [2022-11-19 07:25:18,009 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-19 07:25:18,015 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-19 07:25:18,017 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-19 07:25:18,017 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-19 07:25:18,021 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-19 07:25:18,022 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 19.11 07:25:18" (1/1) ... [2022-11-19 07:25:18,024 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@4f6d4974 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:25:18, skipping insertion in model container [2022-11-19 07:25:18,025 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 19.11 07:25:18" (1/1) ... [2022-11-19 07:25:18,033 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-19 07:25:18,097 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-19 07:25:18,358 WARN L234 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/sv-benchmarks/c/product-lines/minepump_spec2_product51.cil.c[9329,9342] [2022-11-19 07:25:18,413 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-19 07:25:18,423 INFO L203 MainTranslator]: Completed pre-run [2022-11-19 07:25:18,459 WARN L234 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/sv-benchmarks/c/product-lines/minepump_spec2_product51.cil.c[9329,9342] [2022-11-19 07:25:18,503 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-19 07:25:18,535 INFO L208 MainTranslator]: Completed translation [2022-11-19 07:25:18,537 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:25:18 WrapperNode [2022-11-19 07:25:18,537 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-19 07:25:18,540 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-19 07:25:18,541 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-19 07:25:18,541 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-19 07:25:18,549 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:25:18" (1/1) ... [2022-11-19 07:25:18,573 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:25:18" (1/1) ... [2022-11-19 07:25:18,615 INFO L138 Inliner]: procedures = 57, calls = 101, calls flagged for inlining = 23, calls inlined = 20, statements flattened = 206 [2022-11-19 07:25:18,615 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-19 07:25:18,616 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-19 07:25:18,617 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-19 07:25:18,617 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-19 07:25:18,627 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:25:18" (1/1) ... [2022-11-19 07:25:18,627 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:25:18" (1/1) ... [2022-11-19 07:25:18,631 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:25:18" (1/1) ... [2022-11-19 07:25:18,631 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:25:18" (1/1) ... [2022-11-19 07:25:18,635 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:25:18" (1/1) ... [2022-11-19 07:25:18,640 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:25:18" (1/1) ... [2022-11-19 07:25:18,642 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:25:18" (1/1) ... [2022-11-19 07:25:18,643 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:25:18" (1/1) ... [2022-11-19 07:25:18,645 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-19 07:25:18,646 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-19 07:25:18,646 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-19 07:25:18,646 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-19 07:25:18,647 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:25:18" (1/1) ... [2022-11-19 07:25:18,654 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-19 07:25:18,676 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/z3 [2022-11-19 07:25:18,687 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-19 07:25:18,690 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-19 07:25:18,723 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-19 07:25:18,724 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-19 07:25:18,728 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-19 07:25:18,728 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-11-19 07:25:18,729 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-11-19 07:25:18,729 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-19 07:25:18,729 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-19 07:25:18,729 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-19 07:25:18,729 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-19 07:25:18,729 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-19 07:25:18,730 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-19 07:25:18,730 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-19 07:25:18,730 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-19 07:25:18,730 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-11-19 07:25:18,730 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-11-19 07:25:18,731 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-19 07:25:18,733 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-19 07:25:18,733 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-19 07:25:18,734 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-19 07:25:18,734 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-19 07:25:18,868 INFO L235 CfgBuilder]: Building ICFG [2022-11-19 07:25:18,888 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-19 07:25:19,296 INFO L276 CfgBuilder]: Performing block encoding [2022-11-19 07:25:19,440 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-19 07:25:19,440 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-19 07:25:19,448 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 19.11 07:25:19 BoogieIcfgContainer [2022-11-19 07:25:19,449 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-19 07:25:19,451 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-19 07:25:19,452 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-19 07:25:19,456 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-19 07:25:19,457 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 19.11 07:25:18" (1/3) ... [2022-11-19 07:25:19,457 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4841dd70 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 19.11 07:25:19, skipping insertion in model container [2022-11-19 07:25:19,458 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 07:25:18" (2/3) ... [2022-11-19 07:25:19,459 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@4841dd70 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 19.11 07:25:19, skipping insertion in model container [2022-11-19 07:25:19,459 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 19.11 07:25:19" (3/3) ... [2022-11-19 07:25:19,460 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec2_product51.cil.c [2022-11-19 07:25:19,482 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-19 07:25:19,482 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-19 07:25:19,566 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-19 07:25:19,581 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@459f30c2, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-19 07:25:19,581 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-19 07:25:19,588 INFO L276 IsEmpty]: Start isEmpty. Operand has 64 states, 41 states have (on average 1.4634146341463414) internal successors, (60), 50 states have internal predecessors, (60), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2022-11-19 07:25:19,600 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2022-11-19 07:25:19,601 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 07:25:19,601 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 07:25:19,602 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 07:25:19,610 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 07:25:19,611 INFO L85 PathProgramCache]: Analyzing trace with hash -582250377, now seen corresponding path program 1 times [2022-11-19 07:25:19,623 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 07:25:19,623 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2044400410] [2022-11-19 07:25:19,623 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:25:19,624 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 07:25:19,772 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:25:19,858 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-19 07:25:19,858 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 07:25:19,859 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2044400410] [2022-11-19 07:25:19,860 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2044400410] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 07:25:19,860 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-19 07:25:19,860 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-19 07:25:19,862 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1448348538] [2022-11-19 07:25:19,863 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 07:25:19,868 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-19 07:25:19,868 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 07:25:19,906 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-19 07:25:19,908 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-19 07:25:19,911 INFO L87 Difference]: Start difference. First operand has 64 states, 41 states have (on average 1.4634146341463414) internal successors, (60), 50 states have internal predecessors, (60), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) Second operand has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-19 07:25:20,008 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 07:25:20,008 INFO L93 Difference]: Finished difference Result 126 states and 173 transitions. [2022-11-19 07:25:20,010 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-19 07:25:20,012 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 17 [2022-11-19 07:25:20,013 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 07:25:20,034 INFO L225 Difference]: With dead ends: 126 [2022-11-19 07:25:20,034 INFO L226 Difference]: Without dead ends: 59 [2022-11-19 07:25:20,043 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-19 07:25:20,047 INFO L413 NwaCegarLoop]: 66 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 66 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-19 07:25:20,049 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 66 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-19 07:25:20,067 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 59 states. [2022-11-19 07:25:20,094 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 59 to 59. [2022-11-19 07:25:20,095 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 59 states, 38 states have (on average 1.368421052631579) internal successors, (52), 46 states have internal predecessors, (52), 13 states have call successors, (13), 8 states have call predecessors, (13), 7 states have return successors, (12), 9 states have call predecessors, (12), 12 states have call successors, (12) [2022-11-19 07:25:20,097 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 59 states to 59 states and 77 transitions. [2022-11-19 07:25:20,099 INFO L78 Accepts]: Start accepts. Automaton has 59 states and 77 transitions. Word has length 17 [2022-11-19 07:25:20,100 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 07:25:20,100 INFO L495 AbstractCegarLoop]: Abstraction has 59 states and 77 transitions. [2022-11-19 07:25:20,101 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-19 07:25:20,101 INFO L276 IsEmpty]: Start isEmpty. Operand 59 states and 77 transitions. [2022-11-19 07:25:20,103 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 19 [2022-11-19 07:25:20,103 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 07:25:20,104 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 07:25:20,104 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-19 07:25:20,104 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 07:25:20,105 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 07:25:20,105 INFO L85 PathProgramCache]: Analyzing trace with hash 133290525, now seen corresponding path program 1 times [2022-11-19 07:25:20,106 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 07:25:20,106 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [30498221] [2022-11-19 07:25:20,107 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:25:20,107 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 07:25:20,127 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:25:20,261 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-19 07:25:20,262 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 07:25:20,262 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [30498221] [2022-11-19 07:25:20,263 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [30498221] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 07:25:20,263 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-19 07:25:20,263 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-19 07:25:20,264 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1306960535] [2022-11-19 07:25:20,265 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 07:25:20,268 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-19 07:25:20,271 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 07:25:20,272 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-19 07:25:20,275 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-19 07:25:20,276 INFO L87 Difference]: Start difference. First operand 59 states and 77 transitions. Second operand has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-19 07:25:20,370 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 07:25:20,370 INFO L93 Difference]: Finished difference Result 90 states and 116 transitions. [2022-11-19 07:25:20,373 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-19 07:25:20,374 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 18 [2022-11-19 07:25:20,376 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 07:25:20,377 INFO L225 Difference]: With dead ends: 90 [2022-11-19 07:25:20,377 INFO L226 Difference]: Without dead ends: 51 [2022-11-19 07:25:20,379 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-19 07:25:20,382 INFO L413 NwaCegarLoop]: 52 mSDtfsCounter, 14 mSDsluCounter, 35 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 18 SdHoareTripleChecker+Valid, 87 SdHoareTripleChecker+Invalid, 25 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-19 07:25:20,384 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [18 Valid, 87 Invalid, 25 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-19 07:25:20,385 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 51 states. [2022-11-19 07:25:20,393 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 51 to 51. [2022-11-19 07:25:20,396 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 51 states, 33 states have (on average 1.393939393939394) internal successors, (46), 41 states have internal predecessors, (46), 10 states have call successors, (10), 7 states have call predecessors, (10), 7 states have return successors, (10), 7 states have call predecessors, (10), 10 states have call successors, (10) [2022-11-19 07:25:20,398 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 51 states to 51 states and 66 transitions. [2022-11-19 07:25:20,400 INFO L78 Accepts]: Start accepts. Automaton has 51 states and 66 transitions. Word has length 18 [2022-11-19 07:25:20,401 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 07:25:20,402 INFO L495 AbstractCegarLoop]: Abstraction has 51 states and 66 transitions. [2022-11-19 07:25:20,403 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-19 07:25:20,403 INFO L276 IsEmpty]: Start isEmpty. Operand 51 states and 66 transitions. [2022-11-19 07:25:20,405 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2022-11-19 07:25:20,406 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 07:25:20,407 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 07:25:20,407 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-19 07:25:20,407 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 07:25:20,408 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 07:25:20,413 INFO L85 PathProgramCache]: Analyzing trace with hash -1388733443, now seen corresponding path program 1 times [2022-11-19 07:25:20,413 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 07:25:20,414 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1064455714] [2022-11-19 07:25:20,414 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:25:20,414 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 07:25:20,438 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:25:20,582 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-19 07:25:20,582 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 07:25:20,583 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1064455714] [2022-11-19 07:25:20,583 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1064455714] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 07:25:20,583 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-19 07:25:20,583 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-19 07:25:20,583 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [796234534] [2022-11-19 07:25:20,584 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 07:25:20,584 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-19 07:25:20,584 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 07:25:20,585 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-19 07:25:20,585 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-19 07:25:20,585 INFO L87 Difference]: Start difference. First operand 51 states and 66 transitions. Second operand has 4 states, 4 states have (on average 4.5) internal successors, (18), 4 states have internal predecessors, (18), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-19 07:25:20,764 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 07:25:20,764 INFO L93 Difference]: Finished difference Result 148 states and 198 transitions. [2022-11-19 07:25:20,765 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-11-19 07:25:20,765 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 4.5) internal successors, (18), 4 states have internal predecessors, (18), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 21 [2022-11-19 07:25:20,766 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 07:25:20,767 INFO L225 Difference]: With dead ends: 148 [2022-11-19 07:25:20,767 INFO L226 Difference]: Without dead ends: 99 [2022-11-19 07:25:20,768 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-19 07:25:20,770 INFO L413 NwaCegarLoop]: 66 mSDtfsCounter, 80 mSDsluCounter, 88 mSDsCounter, 0 mSdLazyCounter, 71 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 80 SdHoareTripleChecker+Valid, 154 SdHoareTripleChecker+Invalid, 80 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 71 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-19 07:25:20,770 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [80 Valid, 154 Invalid, 80 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 71 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-19 07:25:20,771 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 99 states. [2022-11-19 07:25:20,785 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 99 to 82. [2022-11-19 07:25:20,786 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 82 states, 54 states have (on average 1.3888888888888888) internal successors, (75), 65 states have internal predecessors, (75), 15 states have call successors, (15), 12 states have call predecessors, (15), 12 states have return successors, (16), 11 states have call predecessors, (16), 15 states have call successors, (16) [2022-11-19 07:25:20,787 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 82 states to 82 states and 106 transitions. [2022-11-19 07:25:20,787 INFO L78 Accepts]: Start accepts. Automaton has 82 states and 106 transitions. Word has length 21 [2022-11-19 07:25:20,788 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 07:25:20,788 INFO L495 AbstractCegarLoop]: Abstraction has 82 states and 106 transitions. [2022-11-19 07:25:20,788 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 4.5) internal successors, (18), 4 states have internal predecessors, (18), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-19 07:25:20,788 INFO L276 IsEmpty]: Start isEmpty. Operand 82 states and 106 transitions. [2022-11-19 07:25:20,789 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2022-11-19 07:25:20,790 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 07:25:20,790 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 07:25:20,790 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-19 07:25:20,790 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 07:25:20,791 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 07:25:20,791 INFO L85 PathProgramCache]: Analyzing trace with hash 409171719, now seen corresponding path program 1 times [2022-11-19 07:25:20,791 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 07:25:20,792 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1609852506] [2022-11-19 07:25:20,792 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:25:20,792 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 07:25:20,807 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:25:20,929 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-19 07:25:20,931 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 07:25:20,931 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1609852506] [2022-11-19 07:25:20,931 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1609852506] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 07:25:20,931 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-19 07:25:20,932 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-19 07:25:20,932 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [387423398] [2022-11-19 07:25:20,932 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 07:25:20,932 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-19 07:25:20,933 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 07:25:20,934 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-19 07:25:20,934 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-19 07:25:20,934 INFO L87 Difference]: Start difference. First operand 82 states and 106 transitions. Second operand has 6 states, 5 states have (on average 4.2) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-19 07:25:21,131 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 07:25:21,132 INFO L93 Difference]: Finished difference Result 238 states and 313 transitions. [2022-11-19 07:25:21,132 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-11-19 07:25:21,133 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.2) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2022-11-19 07:25:21,133 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 07:25:21,140 INFO L225 Difference]: With dead ends: 238 [2022-11-19 07:25:21,140 INFO L226 Difference]: Without dead ends: 158 [2022-11-19 07:25:21,145 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-11-19 07:25:21,151 INFO L413 NwaCegarLoop]: 60 mSDtfsCounter, 43 mSDsluCounter, 208 mSDsCounter, 0 mSdLazyCounter, 98 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 45 SdHoareTripleChecker+Valid, 268 SdHoareTripleChecker+Invalid, 99 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 98 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-19 07:25:21,153 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [45 Valid, 268 Invalid, 99 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 98 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-19 07:25:21,155 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 158 states. [2022-11-19 07:25:21,200 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 158 to 150. [2022-11-19 07:25:21,201 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 150 states, 99 states have (on average 1.3636363636363635) internal successors, (135), 118 states have internal predecessors, (135), 28 states have call successors, (28), 22 states have call predecessors, (28), 22 states have return successors, (30), 20 states have call predecessors, (30), 28 states have call successors, (30) [2022-11-19 07:25:21,203 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 150 states to 150 states and 193 transitions. [2022-11-19 07:25:21,203 INFO L78 Accepts]: Start accepts. Automaton has 150 states and 193 transitions. Word has length 24 [2022-11-19 07:25:21,203 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 07:25:21,204 INFO L495 AbstractCegarLoop]: Abstraction has 150 states and 193 transitions. [2022-11-19 07:25:21,204 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 4.2) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-19 07:25:21,204 INFO L276 IsEmpty]: Start isEmpty. Operand 150 states and 193 transitions. [2022-11-19 07:25:21,206 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2022-11-19 07:25:21,206 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 07:25:21,206 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 07:25:21,206 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-19 07:25:21,207 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 07:25:21,207 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 07:25:21,207 INFO L85 PathProgramCache]: Analyzing trace with hash -1367692917, now seen corresponding path program 1 times [2022-11-19 07:25:21,208 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 07:25:21,208 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [264874238] [2022-11-19 07:25:21,208 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:25:21,208 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 07:25:21,222 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:25:21,279 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-19 07:25:21,279 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 07:25:21,279 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [264874238] [2022-11-19 07:25:21,280 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [264874238] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 07:25:21,280 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-19 07:25:21,280 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-19 07:25:21,280 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2017753016] [2022-11-19 07:25:21,280 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 07:25:21,281 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-19 07:25:21,281 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 07:25:21,282 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-19 07:25:21,282 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-19 07:25:21,282 INFO L87 Difference]: Start difference. First operand 150 states and 193 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-19 07:25:21,368 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 07:25:21,368 INFO L93 Difference]: Finished difference Result 230 states and 303 transitions. [2022-11-19 07:25:21,369 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-19 07:25:21,369 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 27 [2022-11-19 07:25:21,369 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 07:25:21,371 INFO L225 Difference]: With dead ends: 230 [2022-11-19 07:25:21,372 INFO L226 Difference]: Without dead ends: 228 [2022-11-19 07:25:21,372 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-19 07:25:21,373 INFO L413 NwaCegarLoop]: 61 mSDtfsCounter, 41 mSDsluCounter, 49 mSDsCounter, 0 mSdLazyCounter, 29 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 41 SdHoareTripleChecker+Valid, 110 SdHoareTripleChecker+Invalid, 34 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 29 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-19 07:25:21,374 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [41 Valid, 110 Invalid, 34 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 29 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-19 07:25:21,375 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 228 states. [2022-11-19 07:25:21,448 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 228 to 228. [2022-11-19 07:25:21,449 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 228 states, 150 states have (on average 1.3666666666666667) internal successors, (205), 179 states have internal predecessors, (205), 43 states have call successors, (43), 34 states have call predecessors, (43), 34 states have return successors, (52), 31 states have call predecessors, (52), 43 states have call successors, (52) [2022-11-19 07:25:21,452 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 228 states to 228 states and 300 transitions. [2022-11-19 07:25:21,452 INFO L78 Accepts]: Start accepts. Automaton has 228 states and 300 transitions. Word has length 27 [2022-11-19 07:25:21,453 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 07:25:21,453 INFO L495 AbstractCegarLoop]: Abstraction has 228 states and 300 transitions. [2022-11-19 07:25:21,453 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-19 07:25:21,454 INFO L276 IsEmpty]: Start isEmpty. Operand 228 states and 300 transitions. [2022-11-19 07:25:21,456 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2022-11-19 07:25:21,457 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 07:25:21,457 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 07:25:21,457 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-19 07:25:21,457 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 07:25:21,458 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 07:25:21,458 INFO L85 PathProgramCache]: Analyzing trace with hash 105517168, now seen corresponding path program 1 times [2022-11-19 07:25:21,459 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 07:25:21,460 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1233576678] [2022-11-19 07:25:21,460 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:25:21,460 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 07:25:21,499 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:25:21,789 INFO L134 CoverageAnalysis]: Checked inductivity of 18 backedges. 16 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-19 07:25:21,789 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 07:25:21,789 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1233576678] [2022-11-19 07:25:21,790 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1233576678] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 07:25:21,790 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-19 07:25:21,790 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-19 07:25:21,790 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [733519199] [2022-11-19 07:25:21,790 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 07:25:21,791 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-19 07:25:21,791 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 07:25:21,792 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-19 07:25:21,792 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-19 07:25:21,792 INFO L87 Difference]: Start difference. First operand 228 states and 300 transitions. Second operand has 6 states, 6 states have (on average 6.166666666666667) internal successors, (37), 6 states have internal predecessors, (37), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-19 07:25:22,291 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 07:25:22,291 INFO L93 Difference]: Finished difference Result 607 states and 823 transitions. [2022-11-19 07:25:22,292 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-11-19 07:25:22,292 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.166666666666667) internal successors, (37), 6 states have internal predecessors, (37), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) Word has length 47 [2022-11-19 07:25:22,293 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 07:25:22,299 INFO L225 Difference]: With dead ends: 607 [2022-11-19 07:25:22,299 INFO L226 Difference]: Without dead ends: 381 [2022-11-19 07:25:22,300 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 14 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 12 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=39, Invalid=93, Unknown=0, NotChecked=0, Total=132 [2022-11-19 07:25:22,301 INFO L413 NwaCegarLoop]: 66 mSDtfsCounter, 109 mSDsluCounter, 142 mSDsCounter, 0 mSdLazyCounter, 203 mSolverCounterSat, 49 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 110 SdHoareTripleChecker+Valid, 208 SdHoareTripleChecker+Invalid, 252 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 49 IncrementalHoareTripleChecker+Valid, 203 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-19 07:25:22,301 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [110 Valid, 208 Invalid, 252 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [49 Valid, 203 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-19 07:25:22,302 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 381 states. [2022-11-19 07:25:22,348 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 381 to 355. [2022-11-19 07:25:22,350 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 355 states, 242 states have (on average 1.2644628099173554) internal successors, (306), 265 states have internal predecessors, (306), 54 states have call successors, (54), 51 states have call predecessors, (54), 58 states have return successors, (85), 55 states have call predecessors, (85), 54 states have call successors, (85) [2022-11-19 07:25:22,352 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 355 states to 355 states and 445 transitions. [2022-11-19 07:25:22,352 INFO L78 Accepts]: Start accepts. Automaton has 355 states and 445 transitions. Word has length 47 [2022-11-19 07:25:22,353 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 07:25:22,353 INFO L495 AbstractCegarLoop]: Abstraction has 355 states and 445 transitions. [2022-11-19 07:25:22,353 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.166666666666667) internal successors, (37), 6 states have internal predecessors, (37), 3 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-19 07:25:22,353 INFO L276 IsEmpty]: Start isEmpty. Operand 355 states and 445 transitions. [2022-11-19 07:25:22,356 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 62 [2022-11-19 07:25:22,356 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 07:25:22,356 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 07:25:22,357 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-19 07:25:22,357 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 07:25:22,357 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 07:25:22,357 INFO L85 PathProgramCache]: Analyzing trace with hash 962647073, now seen corresponding path program 1 times [2022-11-19 07:25:22,358 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 07:25:22,358 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [701130459] [2022-11-19 07:25:22,358 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:25:22,358 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 07:25:22,379 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:25:22,456 INFO L134 CoverageAnalysis]: Checked inductivity of 20 backedges. 18 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-19 07:25:22,456 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 07:25:22,456 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [701130459] [2022-11-19 07:25:22,456 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [701130459] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 07:25:22,457 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-19 07:25:22,457 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-19 07:25:22,457 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1582112722] [2022-11-19 07:25:22,457 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 07:25:22,458 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-19 07:25:22,458 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 07:25:22,458 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-19 07:25:22,458 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-19 07:25:22,459 INFO L87 Difference]: Start difference. First operand 355 states and 445 transitions. Second operand has 4 states, 3 states have (on average 15.666666666666666) internal successors, (47), 4 states have internal predecessors, (47), 4 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2022-11-19 07:25:22,617 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 07:25:22,618 INFO L93 Difference]: Finished difference Result 712 states and 892 transitions. [2022-11-19 07:25:22,618 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-11-19 07:25:22,619 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 15.666666666666666) internal successors, (47), 4 states have internal predecessors, (47), 4 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) Word has length 61 [2022-11-19 07:25:22,620 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 07:25:22,623 INFO L225 Difference]: With dead ends: 712 [2022-11-19 07:25:22,623 INFO L226 Difference]: Without dead ends: 286 [2022-11-19 07:25:22,624 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-19 07:25:22,626 INFO L413 NwaCegarLoop]: 74 mSDtfsCounter, 84 mSDsluCounter, 46 mSDsCounter, 0 mSdLazyCounter, 76 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 84 SdHoareTripleChecker+Valid, 120 SdHoareTripleChecker+Invalid, 78 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 76 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-19 07:25:22,626 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [84 Valid, 120 Invalid, 78 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 76 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-19 07:25:22,627 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 286 states. [2022-11-19 07:25:22,668 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 286 to 286. [2022-11-19 07:25:22,669 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 286 states, 194 states have (on average 1.2216494845360826) internal successors, (237), 211 states have internal predecessors, (237), 43 states have call successors, (43), 40 states have call predecessors, (43), 48 states have return successors, (66), 45 states have call predecessors, (66), 43 states have call successors, (66) [2022-11-19 07:25:22,672 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 286 states to 286 states and 346 transitions. [2022-11-19 07:25:22,673 INFO L78 Accepts]: Start accepts. Automaton has 286 states and 346 transitions. Word has length 61 [2022-11-19 07:25:22,673 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 07:25:22,673 INFO L495 AbstractCegarLoop]: Abstraction has 286 states and 346 transitions. [2022-11-19 07:25:22,673 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 15.666666666666666) internal successors, (47), 4 states have internal predecessors, (47), 4 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2022-11-19 07:25:22,674 INFO L276 IsEmpty]: Start isEmpty. Operand 286 states and 346 transitions. [2022-11-19 07:25:22,676 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 59 [2022-11-19 07:25:22,676 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 07:25:22,677 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 07:25:22,677 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-19 07:25:22,677 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 07:25:22,678 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 07:25:22,678 INFO L85 PathProgramCache]: Analyzing trace with hash -959699185, now seen corresponding path program 1 times [2022-11-19 07:25:22,678 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 07:25:22,678 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2066899287] [2022-11-19 07:25:22,678 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:25:22,679 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 07:25:22,708 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:25:22,997 INFO L134 CoverageAnalysis]: Checked inductivity of 20 backedges. 18 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-19 07:25:22,997 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 07:25:22,997 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2066899287] [2022-11-19 07:25:22,998 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2066899287] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 07:25:22,998 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-19 07:25:22,998 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2022-11-19 07:25:22,998 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2012434081] [2022-11-19 07:25:22,998 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 07:25:22,999 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2022-11-19 07:25:22,999 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 07:25:22,999 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2022-11-19 07:25:22,999 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=24, Invalid=48, Unknown=0, NotChecked=0, Total=72 [2022-11-19 07:25:23,000 INFO L87 Difference]: Start difference. First operand 286 states and 346 transitions. Second operand has 9 states, 8 states have (on average 5.5) internal successors, (44), 8 states have internal predecessors, (44), 4 states have call successors, (7), 3 states have call predecessors, (7), 3 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2022-11-19 07:25:23,399 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 07:25:23,399 INFO L93 Difference]: Finished difference Result 766 states and 972 transitions. [2022-11-19 07:25:23,400 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2022-11-19 07:25:23,400 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 8 states have (on average 5.5) internal successors, (44), 8 states have internal predecessors, (44), 4 states have call successors, (7), 3 states have call predecessors, (7), 3 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) Word has length 58 [2022-11-19 07:25:23,400 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 07:25:23,403 INFO L225 Difference]: With dead ends: 766 [2022-11-19 07:25:23,403 INFO L226 Difference]: Without dead ends: 482 [2022-11-19 07:25:23,404 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 10 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=47, Invalid=85, Unknown=0, NotChecked=0, Total=132 [2022-11-19 07:25:23,405 INFO L413 NwaCegarLoop]: 56 mSDtfsCounter, 146 mSDsluCounter, 145 mSDsCounter, 0 mSdLazyCounter, 208 mSolverCounterSat, 60 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 157 SdHoareTripleChecker+Valid, 201 SdHoareTripleChecker+Invalid, 268 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 60 IncrementalHoareTripleChecker+Valid, 208 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-19 07:25:23,406 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [157 Valid, 201 Invalid, 268 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [60 Valid, 208 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-19 07:25:23,406 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 482 states. [2022-11-19 07:25:23,477 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 482 to 455. [2022-11-19 07:25:23,478 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 455 states, 314 states have (on average 1.2420382165605095) internal successors, (390), 343 states have internal predecessors, (390), 76 states have call successors, (76), 53 states have call predecessors, (76), 64 states have return successors, (120), 73 states have call predecessors, (120), 76 states have call successors, (120) [2022-11-19 07:25:23,481 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 455 states to 455 states and 586 transitions. [2022-11-19 07:25:23,481 INFO L78 Accepts]: Start accepts. Automaton has 455 states and 586 transitions. Word has length 58 [2022-11-19 07:25:23,482 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 07:25:23,482 INFO L495 AbstractCegarLoop]: Abstraction has 455 states and 586 transitions. [2022-11-19 07:25:23,482 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 8 states have (on average 5.5) internal successors, (44), 8 states have internal predecessors, (44), 4 states have call successors, (7), 3 states have call predecessors, (7), 3 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2022-11-19 07:25:23,482 INFO L276 IsEmpty]: Start isEmpty. Operand 455 states and 586 transitions. [2022-11-19 07:25:23,484 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 62 [2022-11-19 07:25:23,484 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 07:25:23,484 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 07:25:23,484 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-11-19 07:25:23,485 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 07:25:23,485 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 07:25:23,485 INFO L85 PathProgramCache]: Analyzing trace with hash 1400233666, now seen corresponding path program 1 times [2022-11-19 07:25:23,485 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 07:25:23,485 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [393027589] [2022-11-19 07:25:23,486 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:25:23,486 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 07:25:23,507 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:25:23,603 INFO L134 CoverageAnalysis]: Checked inductivity of 20 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2022-11-19 07:25:23,603 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 07:25:23,603 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [393027589] [2022-11-19 07:25:23,603 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [393027589] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 07:25:23,603 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-19 07:25:23,603 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-19 07:25:23,604 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [688123345] [2022-11-19 07:25:23,604 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 07:25:23,604 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-19 07:25:23,604 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 07:25:23,605 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-19 07:25:23,605 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-19 07:25:23,605 INFO L87 Difference]: Start difference. First operand 455 states and 586 transitions. Second operand has 4 states, 4 states have (on average 9.5) internal successors, (38), 4 states have internal predecessors, (38), 2 states have call successors, (7), 1 states have call predecessors, (7), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-11-19 07:25:23,745 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 07:25:23,745 INFO L93 Difference]: Finished difference Result 731 states and 962 transitions. [2022-11-19 07:25:23,746 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-19 07:25:23,746 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 9.5) internal successors, (38), 4 states have internal predecessors, (38), 2 states have call successors, (7), 1 states have call predecessors, (7), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 61 [2022-11-19 07:25:23,746 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 07:25:23,749 INFO L225 Difference]: With dead ends: 731 [2022-11-19 07:25:23,749 INFO L226 Difference]: Without dead ends: 443 [2022-11-19 07:25:23,750 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-19 07:25:23,751 INFO L413 NwaCegarLoop]: 60 mSDtfsCounter, 40 mSDsluCounter, 98 mSDsCounter, 0 mSdLazyCounter, 50 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 40 SdHoareTripleChecker+Valid, 158 SdHoareTripleChecker+Invalid, 53 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 50 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-19 07:25:23,751 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [40 Valid, 158 Invalid, 53 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 50 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-19 07:25:23,752 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 443 states. [2022-11-19 07:25:23,836 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 443 to 405. [2022-11-19 07:25:23,837 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 405 states, 279 states have (on average 1.2329749103942653) internal successors, (344), 305 states have internal predecessors, (344), 67 states have call successors, (67), 48 states have call predecessors, (67), 58 states have return successors, (105), 64 states have call predecessors, (105), 67 states have call successors, (105) [2022-11-19 07:25:23,840 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 405 states to 405 states and 516 transitions. [2022-11-19 07:25:23,840 INFO L78 Accepts]: Start accepts. Automaton has 405 states and 516 transitions. Word has length 61 [2022-11-19 07:25:23,840 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 07:25:23,840 INFO L495 AbstractCegarLoop]: Abstraction has 405 states and 516 transitions. [2022-11-19 07:25:23,841 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 9.5) internal successors, (38), 4 states have internal predecessors, (38), 2 states have call successors, (7), 1 states have call predecessors, (7), 2 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-11-19 07:25:23,841 INFO L276 IsEmpty]: Start isEmpty. Operand 405 states and 516 transitions. [2022-11-19 07:25:23,842 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 64 [2022-11-19 07:25:23,842 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 07:25:23,843 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 07:25:23,843 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2022-11-19 07:25:23,843 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 07:25:23,843 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 07:25:23,844 INFO L85 PathProgramCache]: Analyzing trace with hash -1982639529, now seen corresponding path program 1 times [2022-11-19 07:25:23,844 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 07:25:23,844 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1999319587] [2022-11-19 07:25:23,844 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:25:23,844 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 07:25:23,857 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:25:23,943 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 19 proven. 2 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2022-11-19 07:25:23,944 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 07:25:23,944 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1999319587] [2022-11-19 07:25:23,944 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1999319587] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-19 07:25:23,944 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [474785456] [2022-11-19 07:25:23,944 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:25:23,945 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-19 07:25:23,945 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/z3 [2022-11-19 07:25:23,950 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-19 07:25:23,970 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-19 07:25:24,052 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:25:24,055 INFO L263 TraceCheckSpWp]: Trace formula consists of 298 conjuncts, 4 conjunts are in the unsatisfiable core [2022-11-19 07:25:24,061 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-19 07:25:24,187 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 26 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-19 07:25:24,187 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-19 07:25:24,188 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [474785456] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 07:25:24,188 INFO L184 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2022-11-19 07:25:24,188 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2022-11-19 07:25:24,188 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2076701525] [2022-11-19 07:25:24,188 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 07:25:24,189 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-19 07:25:24,189 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 07:25:24,189 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-19 07:25:24,189 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=18, Unknown=0, NotChecked=0, Total=30 [2022-11-19 07:25:24,189 INFO L87 Difference]: Start difference. First operand 405 states and 516 transitions. Second operand has 3 states, 3 states have (on average 16.0) internal successors, (48), 3 states have internal predecessors, (48), 3 states have call successors, (8), 3 states have call predecessors, (8), 3 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) [2022-11-19 07:25:24,317 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 07:25:24,317 INFO L93 Difference]: Finished difference Result 749 states and 951 transitions. [2022-11-19 07:25:24,318 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-19 07:25:24,318 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 16.0) internal successors, (48), 3 states have internal predecessors, (48), 3 states have call successors, (8), 3 states have call predecessors, (8), 3 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) Word has length 63 [2022-11-19 07:25:24,318 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 07:25:24,320 INFO L225 Difference]: With dead ends: 749 [2022-11-19 07:25:24,321 INFO L226 Difference]: Without dead ends: 384 [2022-11-19 07:25:24,322 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 69 GetRequests, 65 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=12, Invalid=18, Unknown=0, NotChecked=0, Total=30 [2022-11-19 07:25:24,323 INFO L413 NwaCegarLoop]: 66 mSDtfsCounter, 25 mSDsluCounter, 34 mSDsCounter, 0 mSdLazyCounter, 30 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 25 SdHoareTripleChecker+Valid, 100 SdHoareTripleChecker+Invalid, 30 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 30 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-19 07:25:24,323 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [25 Valid, 100 Invalid, 30 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 30 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-19 07:25:24,324 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 384 states. [2022-11-19 07:25:24,365 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 384 to 285. [2022-11-19 07:25:24,366 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 285 states, 195 states have (on average 1.1897435897435897) internal successors, (232), 212 states have internal predecessors, (232), 45 states have call successors, (45), 37 states have call predecessors, (45), 44 states have return successors, (60), 43 states have call predecessors, (60), 45 states have call successors, (60) [2022-11-19 07:25:24,367 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 285 states to 285 states and 337 transitions. [2022-11-19 07:25:24,368 INFO L78 Accepts]: Start accepts. Automaton has 285 states and 337 transitions. Word has length 63 [2022-11-19 07:25:24,368 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 07:25:24,368 INFO L495 AbstractCegarLoop]: Abstraction has 285 states and 337 transitions. [2022-11-19 07:25:24,368 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 16.0) internal successors, (48), 3 states have internal predecessors, (48), 3 states have call successors, (8), 3 states have call predecessors, (8), 3 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) [2022-11-19 07:25:24,368 INFO L276 IsEmpty]: Start isEmpty. Operand 285 states and 337 transitions. [2022-11-19 07:25:24,369 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 67 [2022-11-19 07:25:24,370 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 07:25:24,370 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 07:25:24,384 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-19 07:25:24,576 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-19 07:25:24,577 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 07:25:24,577 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 07:25:24,577 INFO L85 PathProgramCache]: Analyzing trace with hash -1052650222, now seen corresponding path program 1 times [2022-11-19 07:25:24,577 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 07:25:24,578 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2048462032] [2022-11-19 07:25:24,578 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:25:24,578 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 07:25:24,622 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:25:25,458 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 12 proven. 8 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-11-19 07:25:25,458 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 07:25:25,458 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2048462032] [2022-11-19 07:25:25,458 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2048462032] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-19 07:25:25,459 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2127858392] [2022-11-19 07:25:25,459 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:25:25,459 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-19 07:25:25,459 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/z3 [2022-11-19 07:25:25,463 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-19 07:25:25,490 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-19 07:25:25,584 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:25:25,587 INFO L263 TraceCheckSpWp]: Trace formula consists of 303 conjuncts, 34 conjunts are in the unsatisfiable core [2022-11-19 07:25:25,594 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-19 07:25:26,219 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 13 proven. 11 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-19 07:25:26,219 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-19 07:25:26,952 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 15 proven. 3 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2022-11-19 07:25:26,952 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2127858392] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-19 07:25:26,952 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1715628037] [2022-11-19 07:25:26,978 INFO L159 IcfgInterpreter]: Started Sifa with 43 locations of interest [2022-11-19 07:25:26,978 INFO L166 IcfgInterpreter]: Building call graph [2022-11-19 07:25:26,982 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-19 07:25:26,993 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-19 07:25:26,994 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-19 07:25:30,500 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 50 for LOIs [2022-11-19 07:25:30,510 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 46 for LOIs [2022-11-19 07:25:30,872 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 22 for LOIs [2022-11-19 07:25:30,933 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 22 for LOIs [2022-11-19 07:25:30,935 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 24 for LOIs [2022-11-19 07:25:30,939 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 25 for LOIs [2022-11-19 07:25:30,941 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-19 07:25:36,533 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '10832#(and (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification2_spec__2_~tmp___0~3#1|) (= ~head~0.offset 0) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~1#1|) (<= |timeShift_isPumpRunning_#res#1| 2147483647) (<= |#NULL.offset| 0) (= 1 ~systemActive~0) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~1#1|) (<= 0 ~methAndRunningLastTime~0) (<= |timeShift___utac_acc__Specification2_spec__2_~tmp~5#1| 2147483647) (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp___0~3#1| 0)) (<= 0 |old(~methAndRunningLastTime~0)|) (<= 0 ~head~0.base) (<= ~head~0.base 0) (<= 0 |timeShift___utac_acc__Specification2_spec__2_~tmp~5#1|) (<= 0 (+ |timeShift_isPumpRunning_#res#1| 2147483648)) (= |timeShift___utac_acc__Specification2_spec__2_~tmp~5#1| ~methaneLevelCritical~0) (<= 0 |#NULL.offset|) (not (= ~methAndRunningLastTime~0 0)) (<= 0 |#StackHeapBarrier|) (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp~5#1| 0)) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-19 07:25:36,533 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-19 07:25:36,533 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-19 07:25:36,533 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [15, 11, 14] total 35 [2022-11-19 07:25:36,533 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [432761596] [2022-11-19 07:25:36,534 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-19 07:25:36,535 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 35 states [2022-11-19 07:25:36,535 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 07:25:36,536 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 35 interpolants. [2022-11-19 07:25:36,537 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=462, Invalid=3698, Unknown=0, NotChecked=0, Total=4160 [2022-11-19 07:25:36,538 INFO L87 Difference]: Start difference. First operand 285 states and 337 transitions. Second operand has 35 states, 31 states have (on average 3.5806451612903225) internal successors, (111), 29 states have internal predecessors, (111), 13 states have call successors, (24), 13 states have call predecessors, (24), 11 states have return successors, (21), 9 states have call predecessors, (21), 12 states have call successors, (21) [2022-11-19 07:25:39,680 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 07:25:39,680 INFO L93 Difference]: Finished difference Result 959 states and 1158 transitions. [2022-11-19 07:25:39,681 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 46 states. [2022-11-19 07:25:39,681 INFO L78 Accepts]: Start accepts. Automaton has has 35 states, 31 states have (on average 3.5806451612903225) internal successors, (111), 29 states have internal predecessors, (111), 13 states have call successors, (24), 13 states have call predecessors, (24), 11 states have return successors, (21), 9 states have call predecessors, (21), 12 states have call successors, (21) Word has length 66 [2022-11-19 07:25:39,681 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 07:25:39,685 INFO L225 Difference]: With dead ends: 959 [2022-11-19 07:25:39,685 INFO L226 Difference]: Without dead ends: 731 [2022-11-19 07:25:39,690 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 259 GetRequests, 155 SyntacticMatches, 3 SemanticMatches, 101 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3970 ImplicationChecksByTransitivity, 7.6s TimeCoverageRelationStatistics Valid=1362, Invalid=9144, Unknown=0, NotChecked=0, Total=10506 [2022-11-19 07:25:39,691 INFO L413 NwaCegarLoop]: 70 mSDtfsCounter, 1092 mSDsluCounter, 803 mSDsCounter, 0 mSdLazyCounter, 1459 mSolverCounterSat, 700 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1096 SdHoareTripleChecker+Valid, 873 SdHoareTripleChecker+Invalid, 2159 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 700 IncrementalHoareTripleChecker+Valid, 1459 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.5s IncrementalHoareTripleChecker+Time [2022-11-19 07:25:39,691 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1096 Valid, 873 Invalid, 2159 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [700 Valid, 1459 Invalid, 0 Unknown, 0 Unchecked, 1.5s Time] [2022-11-19 07:25:39,693 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 731 states. [2022-11-19 07:25:39,754 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 731 to 430. [2022-11-19 07:25:39,755 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 430 states, 300 states have (on average 1.2) internal successors, (360), 321 states have internal predecessors, (360), 62 states have call successors, (62), 56 states have call predecessors, (62), 67 states have return successors, (79), 67 states have call predecessors, (79), 62 states have call successors, (79) [2022-11-19 07:25:39,757 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 430 states to 430 states and 501 transitions. [2022-11-19 07:25:39,758 INFO L78 Accepts]: Start accepts. Automaton has 430 states and 501 transitions. Word has length 66 [2022-11-19 07:25:39,758 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 07:25:39,758 INFO L495 AbstractCegarLoop]: Abstraction has 430 states and 501 transitions. [2022-11-19 07:25:39,758 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 35 states, 31 states have (on average 3.5806451612903225) internal successors, (111), 29 states have internal predecessors, (111), 13 states have call successors, (24), 13 states have call predecessors, (24), 11 states have return successors, (21), 9 states have call predecessors, (21), 12 states have call successors, (21) [2022-11-19 07:25:39,758 INFO L276 IsEmpty]: Start isEmpty. Operand 430 states and 501 transitions. [2022-11-19 07:25:39,760 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 93 [2022-11-19 07:25:39,760 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 07:25:39,761 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 07:25:39,774 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-19 07:25:39,967 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2022-11-19 07:25:39,967 INFO L420 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 07:25:39,968 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 07:25:39,968 INFO L85 PathProgramCache]: Analyzing trace with hash 1003519210, now seen corresponding path program 1 times [2022-11-19 07:25:39,968 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 07:25:39,968 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1411688482] [2022-11-19 07:25:39,968 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:25:39,968 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 07:25:39,984 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:25:40,245 INFO L134 CoverageAnalysis]: Checked inductivity of 74 backedges. 34 proven. 6 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2022-11-19 07:25:40,245 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 07:25:40,245 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1411688482] [2022-11-19 07:25:40,246 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1411688482] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-19 07:25:40,246 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1383447817] [2022-11-19 07:25:40,246 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:25:40,246 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-19 07:25:40,247 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/z3 [2022-11-19 07:25:40,248 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-19 07:25:40,278 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-11-19 07:25:40,384 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:25:40,386 INFO L263 TraceCheckSpWp]: Trace formula consists of 385 conjuncts, 19 conjunts are in the unsatisfiable core [2022-11-19 07:25:40,390 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-19 07:25:40,489 INFO L134 CoverageAnalysis]: Checked inductivity of 74 backedges. 72 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-19 07:25:40,489 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-19 07:25:40,489 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1383447817] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 07:25:40,489 INFO L184 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2022-11-19 07:25:40,490 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [10] total 13 [2022-11-19 07:25:40,490 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1264332327] [2022-11-19 07:25:40,490 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 07:25:40,491 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2022-11-19 07:25:40,491 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 07:25:40,491 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2022-11-19 07:25:40,491 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=30, Invalid=126, Unknown=0, NotChecked=0, Total=156 [2022-11-19 07:25:40,492 INFO L87 Difference]: Start difference. First operand 430 states and 501 transitions. Second operand has 9 states, 7 states have (on average 9.714285714285714) internal successors, (68), 7 states have internal predecessors, (68), 3 states have call successors, (12), 3 states have call predecessors, (12), 5 states have return successors, (11), 5 states have call predecessors, (11), 3 states have call successors, (11) [2022-11-19 07:25:40,797 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 07:25:40,797 INFO L93 Difference]: Finished difference Result 852 states and 1024 transitions. [2022-11-19 07:25:40,798 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 9 states. [2022-11-19 07:25:40,798 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 7 states have (on average 9.714285714285714) internal successors, (68), 7 states have internal predecessors, (68), 3 states have call successors, (12), 3 states have call predecessors, (12), 5 states have return successors, (11), 5 states have call predecessors, (11), 3 states have call successors, (11) Word has length 92 [2022-11-19 07:25:40,799 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 07:25:40,802 INFO L225 Difference]: With dead ends: 852 [2022-11-19 07:25:40,802 INFO L226 Difference]: Without dead ends: 611 [2022-11-19 07:25:40,804 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 102 GetRequests, 91 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 12 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=30, Invalid=126, Unknown=0, NotChecked=0, Total=156 [2022-11-19 07:25:40,804 INFO L413 NwaCegarLoop]: 53 mSDtfsCounter, 35 mSDsluCounter, 225 mSDsCounter, 0 mSdLazyCounter, 225 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 36 SdHoareTripleChecker+Valid, 278 SdHoareTripleChecker+Invalid, 227 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 225 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-19 07:25:40,805 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [36 Valid, 278 Invalid, 227 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 225 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-19 07:25:40,806 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 611 states. [2022-11-19 07:25:40,899 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 611 to 601. [2022-11-19 07:25:40,901 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 601 states, 420 states have (on average 1.188095238095238) internal successors, (499), 447 states have internal predecessors, (499), 86 states have call successors, (86), 78 states have call predecessors, (86), 94 states have return successors, (121), 94 states have call predecessors, (121), 86 states have call successors, (121) [2022-11-19 07:25:40,904 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 601 states to 601 states and 706 transitions. [2022-11-19 07:25:40,904 INFO L78 Accepts]: Start accepts. Automaton has 601 states and 706 transitions. Word has length 92 [2022-11-19 07:25:40,904 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 07:25:40,905 INFO L495 AbstractCegarLoop]: Abstraction has 601 states and 706 transitions. [2022-11-19 07:25:40,905 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 7 states have (on average 9.714285714285714) internal successors, (68), 7 states have internal predecessors, (68), 3 states have call successors, (12), 3 states have call predecessors, (12), 5 states have return successors, (11), 5 states have call predecessors, (11), 3 states have call successors, (11) [2022-11-19 07:25:40,905 INFO L276 IsEmpty]: Start isEmpty. Operand 601 states and 706 transitions. [2022-11-19 07:25:40,907 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 93 [2022-11-19 07:25:40,907 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 07:25:40,907 INFO L195 NwaCegarLoop]: trace histogram [3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 07:25:40,920 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2022-11-19 07:25:41,120 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11,4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-19 07:25:41,123 INFO L420 AbstractCegarLoop]: === Iteration 13 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 07:25:41,123 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 07:25:41,124 INFO L85 PathProgramCache]: Analyzing trace with hash 431014712, now seen corresponding path program 2 times [2022-11-19 07:25:41,124 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 07:25:41,124 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1692962982] [2022-11-19 07:25:41,124 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 07:25:41,124 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 07:25:41,144 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 07:25:41,723 INFO L134 CoverageAnalysis]: Checked inductivity of 74 backedges. 35 proven. 29 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2022-11-19 07:25:41,723 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 07:25:41,723 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1692962982] [2022-11-19 07:25:41,723 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1692962982] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-19 07:25:41,723 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1096931425] [2022-11-19 07:25:41,724 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2022-11-19 07:25:41,724 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-19 07:25:41,724 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/z3 [2022-11-19 07:25:41,725 INFO L229 MonitoredProcess]: Starting monitored process 5 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-19 07:25:41,754 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2022-11-19 07:25:41,832 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) [2022-11-19 07:25:41,832 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2022-11-19 07:25:41,835 INFO L263 TraceCheckSpWp]: Trace formula consists of 297 conjuncts, 33 conjunts are in the unsatisfiable core [2022-11-19 07:25:41,838 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-19 07:25:42,248 INFO L134 CoverageAnalysis]: Checked inductivity of 74 backedges. 58 proven. 2 refuted. 0 times theorem prover too weak. 14 trivial. 0 not checked. [2022-11-19 07:25:42,249 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-19 07:25:42,791 INFO L134 CoverageAnalysis]: Checked inductivity of 74 backedges. 44 proven. 2 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2022-11-19 07:25:42,792 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1096931425] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-19 07:25:42,792 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1385996468] [2022-11-19 07:25:42,795 INFO L159 IcfgInterpreter]: Started Sifa with 41 locations of interest [2022-11-19 07:25:42,795 INFO L166 IcfgInterpreter]: Building call graph [2022-11-19 07:25:42,795 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-19 07:25:42,796 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-19 07:25:42,796 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-19 07:25:44,639 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 30 for LOIs [2022-11-19 07:25:44,893 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 59 for LOIs [2022-11-19 07:25:45,327 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 22 for LOIs [2022-11-19 07:25:45,329 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 45 for LOIs [2022-11-19 07:25:45,336 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 58 for LOIs [2022-11-19 07:25:45,346 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-19 07:25:50,155 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '15993#(and (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification2_spec__2_~tmp___0~3#1|) (= ~head~0.offset 0) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~1#1|) (<= |timeShift_isPumpRunning_#res#1| 2147483647) (= 1 ~systemActive~0) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~1#1|) (<= 0 ~methAndRunningLastTime~0) (<= |timeShift___utac_acc__Specification2_spec__2_~tmp~5#1| 2147483647) (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp___0~3#1| 0)) (<= 0 |old(~methAndRunningLastTime~0)|) (= ~head~0.base 0) (<= 0 |timeShift___utac_acc__Specification2_spec__2_~tmp~5#1|) (= |#NULL.offset| 0) (<= 0 (+ |timeShift_isPumpRunning_#res#1| 2147483648)) (= |timeShift___utac_acc__Specification2_spec__2_~tmp~5#1| ~methaneLevelCritical~0) (not (= ~methAndRunningLastTime~0 0)) (<= 0 |#StackHeapBarrier|) (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp~5#1| 0)) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-19 07:25:50,155 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-19 07:25:50,155 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-19 07:25:50,155 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [13, 7, 8] total 25 [2022-11-19 07:25:50,156 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [963756418] [2022-11-19 07:25:50,156 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-19 07:25:50,156 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 25 states [2022-11-19 07:25:50,157 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 07:25:50,157 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 25 interpolants. [2022-11-19 07:25:50,158 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=308, Invalid=2554, Unknown=0, NotChecked=0, Total=2862 [2022-11-19 07:25:50,159 INFO L87 Difference]: Start difference. First operand 601 states and 706 transitions. Second operand has 25 states, 25 states have (on average 6.32) internal successors, (158), 22 states have internal predecessors, (158), 11 states have call successors, (29), 8 states have call predecessors, (29), 9 states have return successors, (30), 9 states have call predecessors, (30), 11 states have call successors, (30) [2022-11-19 07:25:52,044 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 07:25:52,044 INFO L93 Difference]: Finished difference Result 1494 states and 1838 transitions. [2022-11-19 07:25:52,046 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 32 states. [2022-11-19 07:25:52,047 INFO L78 Accepts]: Start accepts. Automaton has has 25 states, 25 states have (on average 6.32) internal successors, (158), 22 states have internal predecessors, (158), 11 states have call successors, (29), 8 states have call predecessors, (29), 9 states have return successors, (30), 9 states have call predecessors, (30), 11 states have call successors, (30) Word has length 92 [2022-11-19 07:25:52,047 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 07:25:52,048 INFO L225 Difference]: With dead ends: 1494 [2022-11-19 07:25:52,048 INFO L226 Difference]: Without dead ends: 0 [2022-11-19 07:25:52,053 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 327 GetRequests, 241 SyntacticMatches, 6 SemanticMatches, 80 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2400 ImplicationChecksByTransitivity, 6.2s TimeCoverageRelationStatistics Valid=842, Invalid=5800, Unknown=0, NotChecked=0, Total=6642 [2022-11-19 07:25:52,053 INFO L413 NwaCegarLoop]: 52 mSDtfsCounter, 435 mSDsluCounter, 327 mSDsCounter, 0 mSdLazyCounter, 647 mSolverCounterSat, 223 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 436 SdHoareTripleChecker+Valid, 379 SdHoareTripleChecker+Invalid, 870 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 223 IncrementalHoareTripleChecker+Valid, 647 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2022-11-19 07:25:52,054 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [436 Valid, 379 Invalid, 870 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [223 Valid, 647 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2022-11-19 07:25:52,054 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-19 07:25:52,054 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-19 07:25:52,055 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-19 07:25:52,055 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-19 07:25:52,055 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 92 [2022-11-19 07:25:52,055 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 07:25:52,055 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-19 07:25:52,056 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 25 states, 25 states have (on average 6.32) internal successors, (158), 22 states have internal predecessors, (158), 11 states have call successors, (29), 8 states have call predecessors, (29), 9 states have return successors, (30), 9 states have call predecessors, (30), 11 states have call successors, (30) [2022-11-19 07:25:52,056 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-19 07:25:52,056 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-19 07:25:52,059 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-19 07:25:52,065 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2022-11-19 07:25:52,265 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable12 [2022-11-19 07:25:52,267 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-19 07:26:05,688 INFO L895 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 226 233) the Hoare annotation is: (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= 0 ~systemActive~0)) [2022-11-19 07:26:05,688 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 226 233) no Hoare annotation was computed. [2022-11-19 07:26:05,688 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 159 165) no Hoare annotation was computed. [2022-11-19 07:26:05,688 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 159 165) the Hoare annotation is: true [2022-11-19 07:26:05,689 INFO L895 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 449 460) the Hoare annotation is: (or (not (= ~waterLevel~0 1)) (not (= |old(~methaneLevelCritical~0)| 0)) (= ~methaneLevelCritical~0 0) (not (= 1 ~systemActive~0)) (not (<= 0 ~pumpRunning~0)) (not (= ~methAndRunningLastTime~0 0)) (not (<= ~pumpRunning~0 0))) [2022-11-19 07:26:05,689 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 449 460) no Hoare annotation was computed. [2022-11-19 07:26:05,689 INFO L902 garLoopResultBuilder]: At program point isMethaneLevelCriticalENTRY(lines 461 469) the Hoare annotation is: true [2022-11-19 07:26:05,689 INFO L899 garLoopResultBuilder]: For program point isMethaneLevelCriticalEXIT(lines 461 469) no Hoare annotation was computed. [2022-11-19 07:26:05,689 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 527 556) no Hoare annotation was computed. [2022-11-19 07:26:05,689 INFO L899 garLoopResultBuilder]: For program point L541(lines 541 545) no Hoare annotation was computed. [2022-11-19 07:26:05,690 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 527 556) the Hoare annotation is: true [2022-11-19 07:26:05,690 INFO L902 garLoopResultBuilder]: At program point L541-1(lines 541 545) the Hoare annotation is: true [2022-11-19 07:26:05,690 INFO L902 garLoopResultBuilder]: At program point L537-2(lines 537 551) the Hoare annotation is: true [2022-11-19 07:26:05,690 INFO L902 garLoopResultBuilder]: At program point L533(line 533) the Hoare annotation is: true [2022-11-19 07:26:05,690 INFO L899 garLoopResultBuilder]: For program point L533-1(line 533) no Hoare annotation was computed. [2022-11-19 07:26:05,691 INFO L902 garLoopResultBuilder]: At program point L552(lines 527 556) the Hoare annotation is: true [2022-11-19 07:26:05,691 INFO L899 garLoopResultBuilder]: For program point L548(line 548) no Hoare annotation was computed. [2022-11-19 07:26:05,691 INFO L899 garLoopResultBuilder]: For program point L366(lines 366 376) no Hoare annotation was computed. [2022-11-19 07:26:05,691 INFO L899 garLoopResultBuilder]: For program point L139-1(lines 138 157) no Hoare annotation was computed. [2022-11-19 07:26:05,691 INFO L895 garLoopResultBuilder]: At program point L362(lines 362 379) the Hoare annotation is: (let ((.cse3 (not (<= |old(~pumpRunning~0)| 0))) (.cse5 (not (<= 0 |old(~pumpRunning~0)|))) (.cse9 (not (= 0 ~systemActive~0))) (.cse0 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse4 (not (= ~methaneLevelCritical~0 0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse10 (not (= |old(~pumpRunning~0)| 1))) (.cse8 (= |timeShift___utac_acc__Specification2_spec__2_~tmp~5#1| ~methaneLevelCritical~0)) (.cse11 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (let ((.cse6 (<= ~waterLevel~0 |old(~waterLevel~0)|)) (.cse7 (<= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse0 .cse2 .cse3 (and (<= ~pumpRunning~0 0) (<= ~waterLevel~0 1) .cse6 (<= 0 ~pumpRunning~0) .cse7 .cse8) .cse5 (and .cse1 (<= 2 ~waterLevel~0) .cse6 .cse7 .cse8 (= ~pumpRunning~0 1)))) (or .cse0 .cse3 .cse4 (and .cse1 (= |timeShift___utac_acc__Specification2_spec__2_~tmp~5#1| 0)) .cse5 .cse9) (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse3 .cse5 .cse9) (or .cse0 .cse1 .cse2 .cse4 .cse10 .cse11) (or .cse2 .cse10 (and (= ~pumpRunning~0 0) (= |timeShift_processEnvironment_~tmp~2#1| 1) (<= 1 ~waterLevel~0) .cse8) .cse11))) [2022-11-19 07:26:05,692 INFO L899 garLoopResultBuilder]: For program point L201(lines 201 209) no Hoare annotation was computed. [2022-11-19 07:26:05,692 INFO L895 garLoopResultBuilder]: At program point L362-1(lines 354 382) the Hoare annotation is: (let ((.cse4 (not (= ~methaneLevelCritical~0 0))) (.cse0 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse3 (not (<= |old(~pumpRunning~0)| 0))) (.cse5 (not (<= 0 |old(~pumpRunning~0)|))) (.cse6 (not (= 0 ~systemActive~0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse7 (<= ~pumpRunning~0 0)) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse9 (<= 0 ~pumpRunning~0)) (.cse11 (= |timeShift___utac_acc__Specification2_spec__2_~tmp~5#1| ~methaneLevelCritical~0))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse0 .cse3 .cse4 (= |timeShift___utac_acc__Specification2_spec__2_~tmp~5#1| 0) .cse5 .cse6) (let ((.cse8 (<= ~waterLevel~0 |old(~waterLevel~0)|)) (.cse10 (<= |old(~waterLevel~0)| ~waterLevel~0))) (or .cse0 .cse2 .cse3 (and .cse7 .cse1 (<= ~waterLevel~0 1) .cse8 .cse9 .cse10 .cse11) (and (<= 2 ~waterLevel~0) .cse8 .cse10 .cse11 (= ~pumpRunning~0 1)) .cse5)) (or .cse3 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse1) .cse5 .cse6) (or .cse2 (not (= |old(~pumpRunning~0)| 1)) (and .cse7 .cse1 (= |timeShift_processEnvironment_~tmp~2#1| 1) (<= 1 ~waterLevel~0) .cse9 .cse11) (not (<= 2 |old(~waterLevel~0)|))))) [2022-11-19 07:26:05,692 INFO L895 garLoopResultBuilder]: At program point L197(lines 197 214) the Hoare annotation is: (let ((.cse3 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse4 (= ~methAndRunningLastTime~0 0)) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= |old(~pumpRunning~0)| 1))) (.cse2 (not (<= 2 |old(~waterLevel~0)|))) (.cse5 (not (<= |old(~pumpRunning~0)| 0))) (.cse6 (not (<= 0 |old(~pumpRunning~0)|)))) (and (or (and (<= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) (= ~pumpRunning~0 1)) .cse0 .cse1 .cse2) (or .cse3 .cse0 (and (= ~pumpRunning~0 0) .cse4 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse5 .cse6) (or .cse3 .cse4 .cse0 .cse1 .cse2) (or .cse5 .cse6 (not (= 0 ~systemActive~0))))) [2022-11-19 07:26:05,693 INFO L895 garLoopResultBuilder]: At program point L627(line 627) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= |old(~pumpRunning~0)| 0))) (.cse2 (not (<= 0 |old(~pumpRunning~0)|)))) (and (or .cse0 (not (= |old(~pumpRunning~0)| 1)) (not (<= 2 |old(~waterLevel~0)|))) (or (not (= |old(~methAndRunningLastTime~0)| 0)) .cse0 .cse1 .cse2) (or .cse1 .cse2 (not (= 0 ~systemActive~0))))) [2022-11-19 07:26:05,693 INFO L899 garLoopResultBuilder]: For program point L367(lines 367 373) no Hoare annotation was computed. [2022-11-19 07:26:05,693 INFO L895 garLoopResultBuilder]: At program point L207(line 207) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= |old(~pumpRunning~0)| 0))) (.cse2 (not (<= 0 |old(~pumpRunning~0)|)))) (and (or .cse0 (not (= |old(~pumpRunning~0)| 1)) (not (<= 2 |old(~waterLevel~0)|))) (or (not (= |old(~methAndRunningLastTime~0)| 0)) .cse0 .cse1 .cse2) (or .cse1 .cse2 (not (= 0 ~systemActive~0))))) [2022-11-19 07:26:05,694 INFO L895 garLoopResultBuilder]: At program point L203(line 203) the Hoare annotation is: (let ((.cse3 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= |old(~pumpRunning~0)| 1))) (.cse2 (not (<= 2 |old(~waterLevel~0)|))) (.cse4 (not (<= |old(~pumpRunning~0)| 0))) (.cse5 (not (<= 0 |old(~pumpRunning~0)|)))) (and (or .cse0 (and (= |timeShift_processEnvironment_~tmp~2#1| 1) (<= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) (= ~pumpRunning~0 1)) .cse1 .cse2) (or .cse3 .cse0 .cse4 .cse5) (or .cse3 (= ~methAndRunningLastTime~0 0) .cse0 (not (= ~methaneLevelCritical~0 0)) .cse1 .cse2) (or .cse4 .cse5 (not (= 0 ~systemActive~0))))) [2022-11-19 07:26:05,694 INFO L895 garLoopResultBuilder]: At program point L360(line 360) the Hoare annotation is: (let ((.cse9 (= 0 ~systemActive~0))) (let ((.cse10 (= ~pumpRunning~0 0)) (.cse2 (not (<= |old(~pumpRunning~0)| 0))) (.cse4 (not (<= 0 |old(~pumpRunning~0)|))) (.cse5 (not .cse9)) (.cse0 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse6 (not (= 1 ~systemActive~0))) (.cse3 (not (= ~methaneLevelCritical~0 0))) (.cse7 (not (= |old(~pumpRunning~0)| 1))) (.cse8 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse6 .cse7 (<= 1 ~waterLevel~0) .cse8) (or .cse0 .cse6 .cse2 (< |old(~waterLevel~0)| 2) (and .cse1 (<= ~waterLevel~0 |old(~waterLevel~0)|) (<= |old(~waterLevel~0)| ~waterLevel~0) (= ~pumpRunning~0 1)) .cse9 .cse4) (or .cse0 .cse1 .cse6 .cse2 .cse3 .cse4) (or .cse6 .cse7 (and .cse10 (= |timeShift_processEnvironment_~tmp~2#1| 1)) .cse8) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 (and .cse10 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse6 .cse2 .cse9 .cse4) (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse2 .cse4 .cse5) (or .cse0 .cse1 .cse6 .cse3 .cse7 .cse8)))) [2022-11-19 07:26:05,694 INFO L899 garLoopResultBuilder]: For program point L360-1(line 360) no Hoare annotation was computed. [2022-11-19 07:26:05,694 INFO L895 garLoopResultBuilder]: At program point L212(line 212) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= |old(~pumpRunning~0)| 0))) (.cse2 (not (<= 0 |old(~pumpRunning~0)|)))) (and (or .cse0 (not (= |old(~pumpRunning~0)| 1)) (not (<= 2 |old(~waterLevel~0)|))) (or (not (= |old(~methAndRunningLastTime~0)| 0)) (and (= ~pumpRunning~0 0) (= ~methAndRunningLastTime~0 0) (<= ~waterLevel~0 |old(~waterLevel~0)|) (<= |old(~waterLevel~0)| ~waterLevel~0)) .cse0 .cse1 .cse2) (or .cse1 .cse2 (not (= 0 ~systemActive~0))))) [2022-11-19 07:26:05,695 INFO L895 garLoopResultBuilder]: At program point L212-1(lines 193 217) the Hoare annotation is: (let ((.cse1 (= ~pumpRunning~0 0)) (.cse0 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse7 (= ~methAndRunningLastTime~0 0)) (.cse2 (not (= 1 ~systemActive~0))) (.cse8 (not (= ~methaneLevelCritical~0 0))) (.cse5 (not (= |old(~pumpRunning~0)| 1))) (.cse6 (not (<= 2 |old(~waterLevel~0)|))) (.cse3 (not (<= |old(~pumpRunning~0)| 0))) (.cse4 (not (<= 0 |old(~pumpRunning~0)|)))) (and (or (not (<= |old(~waterLevel~0)| 1)) .cse0 (and .cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse2 .cse3 .cse4) (or .cse2 .cse5 (<= 1 ~waterLevel~0) .cse6) (or .cse0 .cse7 .cse2 .cse3 .cse8 .cse4) (or .cse2 .cse5 (and .cse1 (= |timeShift_processEnvironment_~tmp~2#1| 1)) .cse6) (or .cse0 .cse2 .cse3 (< |old(~waterLevel~0)| 2) (and .cse7 (<= ~waterLevel~0 |old(~waterLevel~0)|) (<= |old(~waterLevel~0)| ~waterLevel~0) (= ~pumpRunning~0 1)) .cse4) (or .cse0 .cse7 .cse2 .cse8 .cse5 .cse6) (or .cse3 .cse4 (not (= 0 ~systemActive~0))))) [2022-11-19 07:26:05,695 INFO L899 garLoopResultBuilder]: For program point L146-1(lines 146 152) no Hoare annotation was computed. [2022-11-19 07:26:05,695 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 135 158) the Hoare annotation is: (let ((.cse4 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse2 (<= ~pumpRunning~0 0)) (.cse5 (<= 0 ~pumpRunning~0)) (.cse1 (not (= 1 ~systemActive~0))) (.cse8 (not (= |old(~pumpRunning~0)| 1))) (.cse9 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse3 (= ~methAndRunningLastTime~0 0)) (.cse6 (not (<= |old(~pumpRunning~0)| 0))) (.cse7 (not (<= 0 |old(~pumpRunning~0)|))) (.cse10 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 (and .cse2 .cse3 .cse4 .cse5) .cse6 .cse7) (or .cse1 .cse8 (and .cse4 (= ~pumpRunning~0 1)) .cse9) (or (and .cse2 .cse5) .cse6 .cse7 .cse10) (or .cse0 .cse3 .cse1 .cse8 .cse9) (or .cse0 .cse3 .cse6 .cse7 .cse10))) [2022-11-19 07:26:05,696 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 135 158) no Hoare annotation was computed. [2022-11-19 07:26:05,696 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 627) no Hoare annotation was computed. [2022-11-19 07:26:05,696 INFO L895 garLoopResultBuilder]: At program point L609(lines 609 616) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methAndRunningLastTime~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1) (= |ULTIMATE.start_main_~tmp~6#1| ~systemActive~0)) [2022-11-19 07:26:05,696 INFO L902 garLoopResultBuilder]: At program point L609-2(lines 609 616) the Hoare annotation is: true [2022-11-19 07:26:05,696 INFO L899 garLoopResultBuilder]: For program point L85(lines 85 91) no Hoare annotation was computed. [2022-11-19 07:26:05,697 INFO L899 garLoopResultBuilder]: For program point L85-1(lines 85 91) no Hoare annotation was computed. [2022-11-19 07:26:05,697 INFO L895 garLoopResultBuilder]: At program point L110(lines 65 112) the Hoare annotation is: (let ((.cse6 (= 0 ~systemActive~0))) (let ((.cse2 (= 1 ~systemActive~0)) (.cse5 (not .cse6)) (.cse0 (<= ~pumpRunning~0 0)) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (<= 0 ~pumpRunning~0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and (<= 2 ~waterLevel~0) .cse2 .cse3 .cse5 (= ~pumpRunning~0 1)) (and .cse0 .cse1 .cse3 .cse4 .cse6)))) [2022-11-19 07:26:05,697 INFO L895 garLoopResultBuilder]: At program point L77(line 77) the Hoare annotation is: (let ((.cse0 (= 1 ~systemActive~0)) (.cse2 (<= ~pumpRunning~0 0)) (.cse3 (= ~methAndRunningLastTime~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (<= 0 ~pumpRunning~0))) (or (and (<= 2 ~waterLevel~0) .cse0 .cse1 (= ~pumpRunning~0 1)) (and .cse2 .cse3 .cse0 .cse1 .cse4) (and .cse2 .cse3 .cse1 .cse4 (= 0 ~systemActive~0)))) [2022-11-19 07:26:05,697 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-19 07:26:05,697 INFO L895 garLoopResultBuilder]: At program point L334(line 334) the Hoare annotation is: (and (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0) (not (= 0 ~systemActive~0))) [2022-11-19 07:26:05,698 INFO L899 garLoopResultBuilder]: For program point L66(lines 65 112) no Hoare annotation was computed. [2022-11-19 07:26:05,698 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-19 07:26:05,698 INFO L899 garLoopResultBuilder]: For program point L95(lines 95 108) no Hoare annotation was computed. [2022-11-19 07:26:05,698 INFO L895 garLoopResultBuilder]: At program point L87(line 87) the Hoare annotation is: (let ((.cse0 (= 1 ~systemActive~0)) (.cse2 (<= ~pumpRunning~0 0)) (.cse3 (= ~methAndRunningLastTime~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (<= 0 ~pumpRunning~0))) (or (and (<= 2 ~waterLevel~0) .cse0 .cse1 (= ~pumpRunning~0 1)) (and .cse2 .cse3 .cse0 .cse1 .cse4) (and .cse2 .cse3 .cse1 .cse4 (= 0 ~systemActive~0)))) [2022-11-19 07:26:05,698 INFO L902 garLoopResultBuilder]: At program point L116(lines 55 120) the Hoare annotation is: true [2022-11-19 07:26:05,699 INFO L899 garLoopResultBuilder]: For program point L75(lines 75 81) no Hoare annotation was computed. [2022-11-19 07:26:05,699 INFO L899 garLoopResultBuilder]: For program point L75-1(lines 75 81) no Hoare annotation was computed. [2022-11-19 07:26:05,699 INFO L895 garLoopResultBuilder]: At program point L113(lines 64 114) the Hoare annotation is: false [2022-11-19 07:26:05,699 INFO L899 garLoopResultBuilder]: For program point L332(lines 332 338) no Hoare annotation was computed. [2022-11-19 07:26:05,699 INFO L895 garLoopResultBuilder]: At program point L332-1(lines 332 338) the Hoare annotation is: (let ((.cse0 (<= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (<= 0 ~pumpRunning~0))) (or (and .cse0 (= ~methAndRunningLastTime~0 0) .cse1 .cse2) (and .cse0 .cse1 .cse2 (not (= 0 ~systemActive~0))))) [2022-11-19 07:26:05,700 INFO L899 garLoopResultBuilder]: For program point L101(lines 101 107) no Hoare annotation was computed. [2022-11-19 07:26:05,700 INFO L895 garLoopResultBuilder]: At program point L101-2(lines 95 108) the Hoare annotation is: (let ((.cse0 (= 1 ~systemActive~0)) (.cse2 (<= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (<= 0 ~pumpRunning~0))) (or (and (<= 2 ~waterLevel~0) .cse0 .cse1 (= ~pumpRunning~0 1)) (and .cse2 (= ~methAndRunningLastTime~0 0) .cse0 .cse1 .cse3) (and .cse2 .cse1 .cse3 (= 0 ~systemActive~0)))) [2022-11-19 07:26:05,700 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 167 191) the Hoare annotation is: (or (= ~pumpRunning~0 0) (not (= 1 ~systemActive~0)) (not (<= |old(~pumpRunning~0)| 0)) (not (<= 0 |old(~pumpRunning~0)|)) (not (= ~methAndRunningLastTime~0 0))) [2022-11-19 07:26:05,700 INFO L895 garLoopResultBuilder]: At program point L186(line 186) the Hoare annotation is: (or (not (= 1 ~systemActive~0)) (not (<= |old(~pumpRunning~0)| 0)) (not (<= 0 |old(~pumpRunning~0)|)) (not (= ~methAndRunningLastTime~0 0))) [2022-11-19 07:26:05,700 INFO L899 garLoopResultBuilder]: For program point L186-1(lines 167 191) no Hoare annotation was computed. [2022-11-19 07:26:05,701 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 167 191) no Hoare annotation was computed. [2022-11-19 07:26:05,701 INFO L895 garLoopResultBuilder]: At program point L181(line 181) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= |old(~pumpRunning~0)| 0))) (.cse2 (not (<= 0 |old(~pumpRunning~0)|))) (.cse3 (not (= ~methAndRunningLastTime~0 0)))) (and (or .cse0 .cse1 (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~1#1| 0)) .cse2 .cse3) (or .cse0 .cse1 (< ~waterLevel~0 2) .cse2 .cse3))) [2022-11-19 07:26:05,701 INFO L895 garLoopResultBuilder]: At program point L175(lines 175 183) the Hoare annotation is: (or (not (= 1 ~systemActive~0)) (not (<= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) (let ((.cse0 (< ~waterLevel~0 2))) (or (and .cse0 (= |processEnvironment__wrappee__highWaterSensor_~tmp~1#1| 0)) (and (not .cse0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~1#1| 1))))) (not (<= 0 |old(~pumpRunning~0)|)) (not (= ~methAndRunningLastTime~0 0))) [2022-11-19 07:26:05,701 INFO L895 garLoopResultBuilder]: At program point L171(lines 171 188) the Hoare annotation is: (or (= ~pumpRunning~0 0) (not (= 1 ~systemActive~0)) (not (<= |old(~pumpRunning~0)| 0)) (not (<= 0 |old(~pumpRunning~0)|)) (not (= ~methAndRunningLastTime~0 0))) [2022-11-19 07:26:05,702 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 437 448) no Hoare annotation was computed. [2022-11-19 07:26:05,702 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 437 448) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 (not (<= 0 ~pumpRunning~0)) .cse1 (not (= ~methAndRunningLastTime~0 0)) (not (<= ~pumpRunning~0 0))) (or .cse0 (not (= ~pumpRunning~0 1)) .cse1 (not (<= 2 |old(~waterLevel~0)|))))) [2022-11-19 07:26:05,705 INFO L444 BasicCegarLoop]: Path program histogram: [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 07:26:05,708 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-19 07:26:05,737 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 19.11 07:26:05 BoogieIcfgContainer [2022-11-19 07:26:05,738 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-19 07:26:05,738 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-19 07:26:05,739 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-19 07:26:05,739 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-19 07:26:05,740 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 19.11 07:25:19" (3/4) ... [2022-11-19 07:26:05,743 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-19 07:26:05,749 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-11-19 07:26:05,749 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-19 07:26:05,749 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-19 07:26:05,750 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2022-11-19 07:26:05,750 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-19 07:26:05,750 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-19 07:26:05,750 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-19 07:26:05,751 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-19 07:26:05,758 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 46 nodes and edges [2022-11-19 07:26:05,759 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 13 nodes and edges [2022-11-19 07:26:05,760 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-19 07:26:05,760 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-19 07:26:05,761 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-19 07:26:05,790 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || (((pumpRunning <= 0 && methAndRunningLastTime == 0) && \old(waterLevel) == waterLevel) && 0 <= pumpRunning)) || !(\old(pumpRunning) <= 0)) || !(0 <= \old(pumpRunning))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || (\old(waterLevel) == waterLevel && pumpRunning == 1)) || !(2 <= \old(waterLevel)))) && ((((pumpRunning <= 0 && 0 <= pumpRunning) || !(\old(pumpRunning) <= 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(2 <= \old(waterLevel)))) && ((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(\old(pumpRunning) <= 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) [2022-11-19 07:26:05,791 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((\old(waterLevel) <= waterLevel + 1 && pumpRunning == 1) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(2 <= \old(waterLevel))) && ((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && \old(waterLevel) == waterLevel)) || !(\old(pumpRunning) <= 0)) || !(0 <= \old(pumpRunning)))) && ((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(2 <= \old(waterLevel)))) && ((!(\old(pumpRunning) <= 0) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) [2022-11-19 07:26:05,791 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((!(\old(waterLevel) <= 1) || !(\old(methAndRunningLastTime) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(0 <= \old(pumpRunning))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || 1 <= waterLevel) || !(2 <= \old(waterLevel)))) && (((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning)))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || (pumpRunning == 0 && tmp == 1)) || !(2 <= \old(waterLevel)))) && (((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || \old(waterLevel) < 2) || (((methAndRunningLastTime == 0 && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && pumpRunning == 1)) || !(0 <= \old(pumpRunning)))) && (((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(2 <= \old(waterLevel)))) && ((!(\old(pumpRunning) <= 0) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) [2022-11-19 07:26:05,792 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((pumpRunning == 0 || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(0 <= \old(pumpRunning))) || !(methAndRunningLastTime == 0) [2022-11-19 07:26:05,792 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) && (((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || (((((pumpRunning <= 0 && waterLevel <= 1) && waterLevel <= \old(waterLevel)) && 0 <= pumpRunning) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical)) || !(0 <= \old(pumpRunning))) || (((((methAndRunningLastTime == 0 && 2 <= waterLevel) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical) && pumpRunning == 1))) && (((((!(\old(methAndRunningLastTime) == 0) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || (methAndRunningLastTime == 0 && tmp == 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (((pumpRunning == \old(pumpRunning) || !(\old(pumpRunning) <= 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(2 <= \old(waterLevel)))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || (((pumpRunning == 0 && tmp == 1) && 1 <= waterLevel) && tmp == methaneLevelCritical)) || !(2 <= \old(waterLevel))) [2022-11-19 07:26:05,793 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) && (((((!(\old(methAndRunningLastTime) == 0) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || tmp == 0) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || ((((((pumpRunning <= 0 && methAndRunningLastTime == 0) && waterLevel <= 1) && waterLevel <= \old(waterLevel)) && 0 <= pumpRunning) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical)) || ((((2 <= waterLevel && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical) && pumpRunning == 1)) || !(0 <= \old(pumpRunning)))) && (((!(\old(pumpRunning) <= 0) || (pumpRunning == \old(pumpRunning) && methAndRunningLastTime == 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || (((((pumpRunning <= 0 && methAndRunningLastTime == 0) && tmp == 1) && 1 <= waterLevel) && 0 <= pumpRunning) && tmp == methaneLevelCritical)) || !(2 <= \old(waterLevel))) [2022-11-19 07:26:05,794 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(2 <= \old(waterLevel))) && (((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(0 <= \old(pumpRunning)))) && ((!(\old(pumpRunning) <= 0) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) [2022-11-19 07:26:05,794 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(1 == systemActive) || !(\old(pumpRunning) <= 0)) || (pumpRunning == 0 && ((waterLevel < 2 && tmp == 0) || (!(waterLevel < 2) && tmp == 1)))) || !(0 <= \old(pumpRunning))) || !(methAndRunningLastTime == 0) [2022-11-19 07:26:05,829 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/witness.graphml [2022-11-19 07:26:05,830 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-19 07:26:05,830 INFO L158 Benchmark]: Toolchain (without parser) took 47819.79ms. Allocated memory was 146.8MB in the beginning and 541.1MB in the end (delta: 394.3MB). Free memory was 105.2MB in the beginning and 212.0MB in the end (delta: -106.7MB). Peak memory consumption was 287.5MB. Max. memory is 16.1GB. [2022-11-19 07:26:05,831 INFO L158 Benchmark]: CDTParser took 0.31ms. Allocated memory is still 146.8MB. Free memory is still 122.6MB. There was no memory consumed. Max. memory is 16.1GB. [2022-11-19 07:26:05,831 INFO L158 Benchmark]: CACSL2BoogieTranslator took 521.12ms. Allocated memory is still 146.8MB. Free memory was 105.1MB in the beginning and 112.5MB in the end (delta: -7.5MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2022-11-19 07:26:05,832 INFO L158 Benchmark]: Boogie Procedure Inliner took 75.52ms. Allocated memory is still 146.8MB. Free memory was 112.5MB in the beginning and 110.4MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-19 07:26:05,832 INFO L158 Benchmark]: Boogie Preprocessor took 29.06ms. Allocated memory is still 146.8MB. Free memory was 110.4MB in the beginning and 108.3MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-19 07:26:05,832 INFO L158 Benchmark]: RCFGBuilder took 802.59ms. Allocated memory is still 146.8MB. Free memory was 108.3MB in the beginning and 83.9MB in the end (delta: 24.5MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. [2022-11-19 07:26:05,833 INFO L158 Benchmark]: TraceAbstraction took 46286.51ms. Allocated memory was 146.8MB in the beginning and 541.1MB in the end (delta: 394.3MB). Free memory was 83.2MB in the beginning and 217.2MB in the end (delta: -134.0MB). Peak memory consumption was 291.7MB. Max. memory is 16.1GB. [2022-11-19 07:26:05,833 INFO L158 Benchmark]: Witness Printer took 91.23ms. Allocated memory is still 541.1MB. Free memory was 217.2MB in the beginning and 212.0MB in the end (delta: 5.2MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-19 07:26:05,835 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.31ms. Allocated memory is still 146.8MB. Free memory is still 122.6MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 521.12ms. Allocated memory is still 146.8MB. Free memory was 105.1MB in the beginning and 112.5MB in the end (delta: -7.5MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 75.52ms. Allocated memory is still 146.8MB. Free memory was 112.5MB in the beginning and 110.4MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 29.06ms. Allocated memory is still 146.8MB. Free memory was 110.4MB in the beginning and 108.3MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 802.59ms. Allocated memory is still 146.8MB. Free memory was 108.3MB in the beginning and 83.9MB in the end (delta: 24.5MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. * TraceAbstraction took 46286.51ms. Allocated memory was 146.8MB in the beginning and 541.1MB in the end (delta: 394.3MB). Free memory was 83.2MB in the beginning and 217.2MB in the end (delta: -134.0MB). Peak memory consumption was 291.7MB. Max. memory is 16.1GB. * Witness Printer took 91.23ms. Allocated memory is still 541.1MB. Free memory was 217.2MB in the beginning and 212.0MB in the end (delta: 5.2MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 627]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 64 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 46.2s, OverallIterations: 13, TraceHistogramMax: 3, PathProgramHistogramMax: 2, EmptinessCheckTime: 0.0s, AutomataDifference: 7.5s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 13.4s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2168 SdHoareTripleChecker+Valid, 3.4s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2144 mSDsluCounter, 3002 SdHoareTripleChecker+Invalid, 2.8s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2200 mSDsCounter, 1055 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 3138 IncrementalHoareTripleChecker+Invalid, 4193 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 1055 mSolverCounterUnsat, 802 mSDtfsCounter, 3138 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 817 GetRequests, 575 SyntacticMatches, 9 SemanticMatches, 233 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 6412 ImplicationChecksByTransitivity, 14.3s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=601occurred in iteration=12, InterpolantAutomatonStates: 140, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.7s AutomataMinimizationTime, 13 MinimizatonAttempts, 526 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 36 LocationsWithAnnotation, 1952 PreInvPairs, 2357 NumberOfFragments, 1566 HoareAnnotationTreeSize, 1952 FomulaSimplifications, 22171 FormulaSimplificationTreeSizeReduction, 2.4s HoareSimplificationTime, 36 FomulaSimplificationsInter, 130038 FormulaSimplificationTreeSizeReductionInter, 10.8s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.4s SatisfiabilityAnalysisTime, 5.6s InterpolantComputationTime, 960 NumberOfCodeBlocks, 931 NumberOfCodeBlocksAsserted, 18 NumberOfCheckSat, 1099 ConstructedInterpolants, 0 QuantifiedInterpolants, 3166 SizeOfPredicates, 36 NumberOfNonLiveVariables, 1283 ConjunctsInSsa, 90 ConjunctsInUnsatCore, 19 InterpolantComputations, 11 PerfectInterpolantSequences, 509/572 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 362]: Loop Invariant Derived loop invariant: (((((((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) && (((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || (((((pumpRunning <= 0 && waterLevel <= 1) && waterLevel <= \old(waterLevel)) && 0 <= pumpRunning) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical)) || !(0 <= \old(pumpRunning))) || (((((methAndRunningLastTime == 0 && 2 <= waterLevel) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical) && pumpRunning == 1))) && (((((!(\old(methAndRunningLastTime) == 0) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || (methAndRunningLastTime == 0 && tmp == 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (((pumpRunning == \old(pumpRunning) || !(\old(pumpRunning) <= 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(2 <= \old(waterLevel)))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || (((pumpRunning == 0 && tmp == 1) && 1 <= waterLevel) && tmp == methaneLevelCritical)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 65]: Loop Invariant Derived loop invariant: ((((((pumpRunning <= 0 && methAndRunningLastTime == 0) && 1 == systemActive) && splverifierCounter == 0) && 0 <= pumpRunning) && !(0 == systemActive)) || ((((2 <= waterLevel && 1 == systemActive) && splverifierCounter == 0) && !(0 == systemActive)) && pumpRunning == 1)) || ((((pumpRunning <= 0 && methAndRunningLastTime == 0) && splverifierCounter == 0) && 0 <= pumpRunning) && 0 == systemActive) - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 171]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(0 <= \old(pumpRunning))) || !(methAndRunningLastTime == 0) - InvariantResult [Line: 193]: Loop Invariant Derived loop invariant: ((((((((((!(\old(waterLevel) <= 1) || !(\old(methAndRunningLastTime) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(0 <= \old(pumpRunning))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || 1 <= waterLevel) || !(2 <= \old(waterLevel)))) && (((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning)))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || (pumpRunning == 0 && tmp == 1)) || !(2 <= \old(waterLevel)))) && (((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || \old(waterLevel) < 2) || (((methAndRunningLastTime == 0 && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && pumpRunning == 1)) || !(0 <= \old(pumpRunning)))) && (((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(2 <= \old(waterLevel)))) && ((!(\old(pumpRunning) <= 0) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) - InvariantResult [Line: 354]: Loop Invariant Derived loop invariant: ((((((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || !(0 <= \old(pumpRunning))) && (((((!(\old(methAndRunningLastTime) == 0) || !(\old(pumpRunning) <= 0)) || !(methaneLevelCritical == 0)) || tmp == 0) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || ((((((pumpRunning <= 0 && methAndRunningLastTime == 0) && waterLevel <= 1) && waterLevel <= \old(waterLevel)) && 0 <= pumpRunning) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical)) || ((((2 <= waterLevel && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical) && pumpRunning == 1)) || !(0 <= \old(pumpRunning)))) && (((!(\old(pumpRunning) <= 0) || (pumpRunning == \old(pumpRunning) && methAndRunningLastTime == 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || (((((pumpRunning <= 0 && methAndRunningLastTime == 0) && tmp == 1) && 1 <= waterLevel) && 0 <= pumpRunning) && tmp == methaneLevelCritical)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 197]: Loop Invariant Derived loop invariant: ((((((\old(waterLevel) <= waterLevel + 1 && pumpRunning == 1) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(2 <= \old(waterLevel))) && ((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && \old(waterLevel) == waterLevel)) || !(\old(pumpRunning) <= 0)) || !(0 <= \old(pumpRunning)))) && ((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(2 <= \old(waterLevel)))) && ((!(\old(pumpRunning) <= 0) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) - InvariantResult [Line: 332]: Loop Invariant Derived loop invariant: (((pumpRunning <= 0 && methAndRunningLastTime == 0) && splverifierCounter == 0) && 0 <= pumpRunning) || (((pumpRunning <= 0 && splverifierCounter == 0) && 0 <= pumpRunning) && !(0 == systemActive)) - InvariantResult [Line: 135]: Loop Invariant Derived loop invariant: (((((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || (((pumpRunning <= 0 && methAndRunningLastTime == 0) && \old(waterLevel) == waterLevel) && 0 <= pumpRunning)) || !(\old(pumpRunning) <= 0)) || !(0 <= \old(pumpRunning))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || (\old(waterLevel) == waterLevel && pumpRunning == 1)) || !(2 <= \old(waterLevel)))) && ((((pumpRunning <= 0 && 0 <= pumpRunning) || !(\old(pumpRunning) <= 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive))) && ((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(2 <= \old(waterLevel)))) && ((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(\old(pumpRunning) <= 0)) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) - InvariantResult [Line: 537]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 627]: Loop Invariant Derived loop invariant: (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(2 <= \old(waterLevel))) && (((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || !(\old(pumpRunning) <= 0)) || !(0 <= \old(pumpRunning)))) && ((!(\old(pumpRunning) <= 0) || !(0 <= \old(pumpRunning))) || !(0 == systemActive)) - InvariantResult [Line: 64]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 609]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0 && methAndRunningLastTime == 0) && methaneLevelCritical == 0) && 1 == systemActive) && waterLevel == 1) && tmp == systemActive - InvariantResult [Line: 55]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 609]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 527]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 175]: Loop Invariant Derived loop invariant: (((!(1 == systemActive) || !(\old(pumpRunning) <= 0)) || (pumpRunning == 0 && ((waterLevel < 2 && tmp == 0) || (!(waterLevel < 2) && tmp == 1)))) || !(0 <= \old(pumpRunning))) || !(methAndRunningLastTime == 0) RESULT: Ultimate proved your program to be correct! [2022-11-19 07:26:05,871 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_4acac0ec-87f9-4ae2-943c-9b58986fbea5/bin/utaipan-I9t0OCRTmS/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE