./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec3_product57.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 8393723b Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec3_product57.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 3cfb2febd3006e73b0e8309478193e665e2e7ddd381dfad7d5652117e74962c4 --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-8393723 [2022-11-19 06:49:11,255 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-19 06:49:11,256 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-19 06:49:11,274 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-19 06:49:11,275 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-19 06:49:11,276 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-19 06:49:11,277 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-19 06:49:11,279 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-19 06:49:11,280 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-19 06:49:11,281 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-19 06:49:11,282 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-19 06:49:11,283 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-19 06:49:11,284 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-19 06:49:11,285 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-19 06:49:11,286 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-19 06:49:11,287 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-19 06:49:11,288 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-19 06:49:11,289 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-19 06:49:11,291 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-19 06:49:11,293 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-19 06:49:11,294 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-19 06:49:11,296 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-19 06:49:11,297 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-19 06:49:11,298 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-19 06:49:11,301 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-19 06:49:11,302 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-19 06:49:11,302 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-19 06:49:11,303 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-19 06:49:11,304 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-19 06:49:11,305 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-19 06:49:11,305 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-19 06:49:11,306 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-19 06:49:11,307 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-19 06:49:11,308 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-19 06:49:11,309 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-19 06:49:11,310 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-19 06:49:11,310 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-19 06:49:11,311 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-19 06:49:11,311 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-19 06:49:11,312 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-19 06:49:11,313 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-19 06:49:11,314 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-19 06:49:11,335 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-19 06:49:11,336 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-19 06:49:11,336 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-19 06:49:11,336 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-19 06:49:11,337 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-19 06:49:11,337 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-19 06:49:11,337 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-19 06:49:11,338 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-19 06:49:11,338 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-19 06:49:11,338 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-19 06:49:11,338 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-19 06:49:11,339 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-19 06:49:11,339 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-19 06:49:11,339 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-19 06:49:11,339 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-19 06:49:11,340 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-19 06:49:11,340 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-19 06:49:11,340 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-19 06:49:11,341 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-19 06:49:11,341 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-19 06:49:11,341 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-19 06:49:11,342 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-19 06:49:11,342 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-19 06:49:11,342 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-19 06:49:11,342 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-19 06:49:11,342 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-19 06:49:11,343 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-19 06:49:11,343 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-19 06:49:11,343 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-19 06:49:11,343 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-19 06:49:11,344 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-19 06:49:11,344 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-19 06:49:11,344 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-19 06:49:11,344 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-19 06:49:11,345 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-19 06:49:11,345 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-19 06:49:11,345 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-19 06:49:11,345 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-19 06:49:11,346 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-19 06:49:11,346 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-19 06:49:11,346 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-19 06:49:11,346 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 3cfb2febd3006e73b0e8309478193e665e2e7ddd381dfad7d5652117e74962c4 [2022-11-19 06:49:11,586 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-19 06:49:11,618 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-19 06:49:11,621 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-19 06:49:11,622 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-19 06:49:11,623 INFO L275 PluginConnector]: CDTParser initialized [2022-11-19 06:49:11,624 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/../../sv-benchmarks/c/product-lines/minepump_spec3_product57.cil.c [2022-11-19 06:49:11,700 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/data/ec30d0956/7261aeea7f46495ea79249f077ba507f/FLAG23a4bf31c [2022-11-19 06:49:12,186 INFO L306 CDTParser]: Found 1 translation units. [2022-11-19 06:49:12,190 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/sv-benchmarks/c/product-lines/minepump_spec3_product57.cil.c [2022-11-19 06:49:12,200 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/data/ec30d0956/7261aeea7f46495ea79249f077ba507f/FLAG23a4bf31c [2022-11-19 06:49:12,532 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/data/ec30d0956/7261aeea7f46495ea79249f077ba507f [2022-11-19 06:49:12,534 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-19 06:49:12,537 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-19 06:49:12,540 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-19 06:49:12,540 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-19 06:49:12,543 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-19 06:49:12,544 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 19.11 06:49:12" (1/1) ... [2022-11-19 06:49:12,546 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@58f71f94 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 06:49:12, skipping insertion in model container [2022-11-19 06:49:12,546 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 19.11 06:49:12" (1/1) ... [2022-11-19 06:49:12,556 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-19 06:49:12,611 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-19 06:49:12,874 WARN L234 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/sv-benchmarks/c/product-lines/minepump_spec3_product57.cil.c[13989,14002] [2022-11-19 06:49:12,900 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-19 06:49:12,909 INFO L203 MainTranslator]: Completed pre-run [2022-11-19 06:49:12,989 WARN L234 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/sv-benchmarks/c/product-lines/minepump_spec3_product57.cil.c[13989,14002] [2022-11-19 06:49:13,012 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-19 06:49:13,033 INFO L208 MainTranslator]: Completed translation [2022-11-19 06:49:13,034 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 06:49:13 WrapperNode [2022-11-19 06:49:13,034 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-19 06:49:13,037 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-19 06:49:13,037 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-19 06:49:13,037 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-19 06:49:13,045 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 06:49:13" (1/1) ... [2022-11-19 06:49:13,066 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 06:49:13" (1/1) ... [2022-11-19 06:49:13,108 INFO L138 Inliner]: procedures = 56, calls = 101, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 224 [2022-11-19 06:49:13,109 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-19 06:49:13,110 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-19 06:49:13,111 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-19 06:49:13,111 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-19 06:49:13,120 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 06:49:13" (1/1) ... [2022-11-19 06:49:13,121 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 06:49:13" (1/1) ... [2022-11-19 06:49:13,136 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 06:49:13" (1/1) ... [2022-11-19 06:49:13,136 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 06:49:13" (1/1) ... [2022-11-19 06:49:13,145 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 06:49:13" (1/1) ... [2022-11-19 06:49:13,150 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 06:49:13" (1/1) ... [2022-11-19 06:49:13,157 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 06:49:13" (1/1) ... [2022-11-19 06:49:13,172 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 06:49:13" (1/1) ... [2022-11-19 06:49:13,174 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-19 06:49:13,175 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-19 06:49:13,175 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-19 06:49:13,175 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-19 06:49:13,176 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 06:49:13" (1/1) ... [2022-11-19 06:49:13,185 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-19 06:49:13,197 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 [2022-11-19 06:49:13,215 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-19 06:49:13,217 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-19 06:49:13,254 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-19 06:49:13,254 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-19 06:49:13,254 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-19 06:49:13,254 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-19 06:49:13,254 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-19 06:49:13,254 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-19 06:49:13,254 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-19 06:49:13,255 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-11-19 06:49:13,255 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-11-19 06:49:13,255 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-19 06:49:13,255 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-19 06:49:13,255 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-19 06:49:13,255 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-19 06:49:13,255 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-19 06:49:13,256 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-19 06:49:13,256 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-19 06:49:13,256 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-19 06:49:13,256 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-19 06:49:13,332 INFO L235 CfgBuilder]: Building ICFG [2022-11-19 06:49:13,334 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-19 06:49:13,647 INFO L276 CfgBuilder]: Performing block encoding [2022-11-19 06:49:13,852 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-19 06:49:13,854 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-19 06:49:13,857 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 19.11 06:49:13 BoogieIcfgContainer [2022-11-19 06:49:13,858 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-19 06:49:13,861 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-19 06:49:13,861 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-19 06:49:13,868 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-19 06:49:13,868 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 19.11 06:49:12" (1/3) ... [2022-11-19 06:49:13,869 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5c2b6de8 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 19.11 06:49:13, skipping insertion in model container [2022-11-19 06:49:13,869 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 19.11 06:49:13" (2/3) ... [2022-11-19 06:49:13,870 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@5c2b6de8 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 19.11 06:49:13, skipping insertion in model container [2022-11-19 06:49:13,870 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 19.11 06:49:13" (3/3) ... [2022-11-19 06:49:13,872 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product57.cil.c [2022-11-19 06:49:13,892 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-19 06:49:13,893 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-19 06:49:13,972 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-19 06:49:13,985 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@6aa8d10, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-19 06:49:13,985 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-19 06:49:13,989 INFO L276 IsEmpty]: Start isEmpty. Operand has 58 states, 37 states have (on average 1.4324324324324325) internal successors, (53), 45 states have internal predecessors, (53), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-11-19 06:49:13,998 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2022-11-19 06:49:13,999 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 06:49:14,000 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 06:49:14,000 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 06:49:14,005 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 06:49:14,006 INFO L85 PathProgramCache]: Analyzing trace with hash -686051818, now seen corresponding path program 1 times [2022-11-19 06:49:14,014 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 06:49:14,014 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [340991169] [2022-11-19 06:49:14,014 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 06:49:14,015 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 06:49:14,137 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 06:49:14,245 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-19 06:49:14,246 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 06:49:14,247 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [340991169] [2022-11-19 06:49:14,247 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [340991169] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 06:49:14,248 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-19 06:49:14,248 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-19 06:49:14,249 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2075211769] [2022-11-19 06:49:14,250 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 06:49:14,256 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-19 06:49:14,257 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 06:49:14,295 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-19 06:49:14,296 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-19 06:49:14,298 INFO L87 Difference]: Start difference. First operand has 58 states, 37 states have (on average 1.4324324324324325) internal successors, (53), 45 states have internal predecessors, (53), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-19 06:49:14,417 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 06:49:14,418 INFO L93 Difference]: Finished difference Result 114 states and 155 transitions. [2022-11-19 06:49:14,420 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-19 06:49:14,422 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 17 [2022-11-19 06:49:14,423 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 06:49:14,441 INFO L225 Difference]: With dead ends: 114 [2022-11-19 06:49:14,442 INFO L226 Difference]: Without dead ends: 53 [2022-11-19 06:49:14,445 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-19 06:49:14,452 INFO L413 NwaCegarLoop]: 56 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 56 SdHoareTripleChecker+Invalid, 19 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-19 06:49:14,453 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 56 Invalid, 19 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-19 06:49:14,470 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 53 states. [2022-11-19 06:49:14,502 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 53 to 53. [2022-11-19 06:49:14,504 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 53 states, 34 states have (on average 1.3235294117647058) internal successors, (45), 41 states have internal predecessors, (45), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-19 06:49:14,512 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 53 states to 53 states and 68 transitions. [2022-11-19 06:49:14,513 INFO L78 Accepts]: Start accepts. Automaton has 53 states and 68 transitions. Word has length 17 [2022-11-19 06:49:14,514 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 06:49:14,514 INFO L495 AbstractCegarLoop]: Abstraction has 53 states and 68 transitions. [2022-11-19 06:49:14,515 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-19 06:49:14,515 INFO L276 IsEmpty]: Start isEmpty. Operand 53 states and 68 transitions. [2022-11-19 06:49:14,519 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 19 [2022-11-19 06:49:14,519 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 06:49:14,520 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 06:49:14,520 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-19 06:49:14,521 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 06:49:14,522 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 06:49:14,523 INFO L85 PathProgramCache]: Analyzing trace with hash 2119433633, now seen corresponding path program 1 times [2022-11-19 06:49:14,523 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 06:49:14,523 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1690345802] [2022-11-19 06:49:14,524 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 06:49:14,524 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 06:49:14,559 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 06:49:14,736 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-19 06:49:14,736 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 06:49:14,739 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1690345802] [2022-11-19 06:49:14,739 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1690345802] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 06:49:14,739 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-19 06:49:14,739 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-19 06:49:14,740 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [729586690] [2022-11-19 06:49:14,740 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 06:49:14,741 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-19 06:49:14,742 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 06:49:14,743 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-19 06:49:14,744 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-19 06:49:14,745 INFO L87 Difference]: Start difference. First operand 53 states and 68 transitions. Second operand has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-19 06:49:14,819 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 06:49:14,820 INFO L93 Difference]: Finished difference Result 83 states and 107 transitions. [2022-11-19 06:49:14,821 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-19 06:49:14,821 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 18 [2022-11-19 06:49:14,822 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 06:49:14,824 INFO L225 Difference]: With dead ends: 83 [2022-11-19 06:49:14,825 INFO L226 Difference]: Without dead ends: 45 [2022-11-19 06:49:14,826 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-19 06:49:14,828 INFO L413 NwaCegarLoop]: 42 mSDtfsCounter, 7 mSDsluCounter, 33 mSDsCounter, 0 mSdLazyCounter, 27 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 10 SdHoareTripleChecker+Valid, 75 SdHoareTripleChecker+Invalid, 27 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 27 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-19 06:49:14,829 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [10 Valid, 75 Invalid, 27 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 27 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-19 06:49:14,831 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 45 states. [2022-11-19 06:49:14,836 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 45 to 45. [2022-11-19 06:49:14,837 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 45 states, 29 states have (on average 1.3448275862068966) internal successors, (39), 36 states have internal predecessors, (39), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-19 06:49:14,838 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 45 states to 45 states and 57 transitions. [2022-11-19 06:49:14,838 INFO L78 Accepts]: Start accepts. Automaton has 45 states and 57 transitions. Word has length 18 [2022-11-19 06:49:14,838 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 06:49:14,839 INFO L495 AbstractCegarLoop]: Abstraction has 45 states and 57 transitions. [2022-11-19 06:49:14,839 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-19 06:49:14,839 INFO L276 IsEmpty]: Start isEmpty. Operand 45 states and 57 transitions. [2022-11-19 06:49:14,840 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2022-11-19 06:49:14,840 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 06:49:14,841 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 06:49:14,841 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-19 06:49:14,841 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 06:49:14,842 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 06:49:14,842 INFO L85 PathProgramCache]: Analyzing trace with hash -978044382, now seen corresponding path program 1 times [2022-11-19 06:49:14,842 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 06:49:14,842 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1093930460] [2022-11-19 06:49:14,843 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 06:49:14,843 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 06:49:14,859 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 06:49:15,017 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-19 06:49:15,018 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 06:49:15,018 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1093930460] [2022-11-19 06:49:15,018 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1093930460] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 06:49:15,020 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-19 06:49:15,020 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-19 06:49:15,020 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [662988575] [2022-11-19 06:49:15,021 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 06:49:15,021 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-19 06:49:15,022 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 06:49:15,022 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-19 06:49:15,023 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-19 06:49:15,024 INFO L87 Difference]: Start difference. First operand 45 states and 57 transitions. Second operand has 4 states, 4 states have (on average 4.25) internal successors, (17), 4 states have internal predecessors, (17), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-19 06:49:15,113 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 06:49:15,113 INFO L93 Difference]: Finished difference Result 88 states and 113 transitions. [2022-11-19 06:49:15,114 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-11-19 06:49:15,114 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 4.25) internal successors, (17), 4 states have internal predecessors, (17), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 20 [2022-11-19 06:49:15,114 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 06:49:15,115 INFO L225 Difference]: With dead ends: 88 [2022-11-19 06:49:15,115 INFO L226 Difference]: Without dead ends: 45 [2022-11-19 06:49:15,116 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 5 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-19 06:49:15,117 INFO L413 NwaCegarLoop]: 37 mSDtfsCounter, 53 mSDsluCounter, 16 mSDsCounter, 0 mSdLazyCounter, 46 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 53 SdHoareTripleChecker+Valid, 53 SdHoareTripleChecker+Invalid, 52 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 46 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-19 06:49:15,118 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [53 Valid, 53 Invalid, 52 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 46 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-19 06:49:15,119 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 45 states. [2022-11-19 06:49:15,126 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 45 to 45. [2022-11-19 06:49:15,126 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 45 states, 29 states have (on average 1.3103448275862069) internal successors, (38), 36 states have internal predecessors, (38), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-19 06:49:15,127 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 45 states to 45 states and 56 transitions. [2022-11-19 06:49:15,127 INFO L78 Accepts]: Start accepts. Automaton has 45 states and 56 transitions. Word has length 20 [2022-11-19 06:49:15,128 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 06:49:15,128 INFO L495 AbstractCegarLoop]: Abstraction has 45 states and 56 transitions. [2022-11-19 06:49:15,128 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 4.25) internal successors, (17), 4 states have internal predecessors, (17), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-19 06:49:15,128 INFO L276 IsEmpty]: Start isEmpty. Operand 45 states and 56 transitions. [2022-11-19 06:49:15,129 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2022-11-19 06:49:15,129 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 06:49:15,129 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 06:49:15,130 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-19 06:49:15,130 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 06:49:15,130 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 06:49:15,131 INFO L85 PathProgramCache]: Analyzing trace with hash -1983763135, now seen corresponding path program 1 times [2022-11-19 06:49:15,131 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 06:49:15,131 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1832600829] [2022-11-19 06:49:15,131 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 06:49:15,132 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 06:49:15,156 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 06:49:15,441 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-19 06:49:15,441 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 06:49:15,441 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1832600829] [2022-11-19 06:49:15,441 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1832600829] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 06:49:15,442 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-19 06:49:15,442 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-19 06:49:15,442 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1916547223] [2022-11-19 06:49:15,442 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 06:49:15,443 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-19 06:49:15,443 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 06:49:15,443 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-19 06:49:15,443 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=10, Invalid=20, Unknown=0, NotChecked=0, Total=30 [2022-11-19 06:49:15,444 INFO L87 Difference]: Start difference. First operand 45 states and 56 transitions. Second operand has 6 states, 6 states have (on average 3.3333333333333335) internal successors, (20), 6 states have internal predecessors, (20), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-19 06:49:15,873 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 06:49:15,873 INFO L93 Difference]: Finished difference Result 232 states and 302 transitions. [2022-11-19 06:49:15,874 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-19 06:49:15,874 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 3.3333333333333335) internal successors, (20), 6 states have internal predecessors, (20), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2022-11-19 06:49:15,874 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 06:49:15,885 INFO L225 Difference]: With dead ends: 232 [2022-11-19 06:49:15,885 INFO L226 Difference]: Without dead ends: 189 [2022-11-19 06:49:15,890 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=19, Invalid=37, Unknown=0, NotChecked=0, Total=56 [2022-11-19 06:49:15,892 INFO L413 NwaCegarLoop]: 100 mSDtfsCounter, 178 mSDsluCounter, 185 mSDsCounter, 0 mSdLazyCounter, 192 mSolverCounterSat, 51 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 178 SdHoareTripleChecker+Valid, 285 SdHoareTripleChecker+Invalid, 243 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 51 IncrementalHoareTripleChecker+Valid, 192 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-19 06:49:15,895 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [178 Valid, 285 Invalid, 243 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [51 Valid, 192 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-19 06:49:15,899 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 189 states. [2022-11-19 06:49:15,956 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 189 to 163. [2022-11-19 06:49:15,958 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 163 states, 109 states have (on average 1.2935779816513762) internal successors, (141), 123 states have internal predecessors, (141), 28 states have call successors, (28), 23 states have call predecessors, (28), 25 states have return successors, (37), 27 states have call predecessors, (37), 28 states have call successors, (37) [2022-11-19 06:49:15,963 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 163 states to 163 states and 206 transitions. [2022-11-19 06:49:15,963 INFO L78 Accepts]: Start accepts. Automaton has 163 states and 206 transitions. Word has length 23 [2022-11-19 06:49:15,963 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 06:49:15,963 INFO L495 AbstractCegarLoop]: Abstraction has 163 states and 206 transitions. [2022-11-19 06:49:15,964 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 3.3333333333333335) internal successors, (20), 6 states have internal predecessors, (20), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-19 06:49:15,964 INFO L276 IsEmpty]: Start isEmpty. Operand 163 states and 206 transitions. [2022-11-19 06:49:15,971 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2022-11-19 06:49:15,971 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 06:49:15,971 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 06:49:15,972 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-19 06:49:15,972 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 06:49:15,972 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 06:49:15,972 INFO L85 PathProgramCache]: Analyzing trace with hash -1561343924, now seen corresponding path program 1 times [2022-11-19 06:49:15,973 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 06:49:15,973 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2002732559] [2022-11-19 06:49:15,973 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 06:49:15,973 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 06:49:15,999 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 06:49:16,131 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-19 06:49:16,132 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 06:49:16,132 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2002732559] [2022-11-19 06:49:16,132 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2002732559] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 06:49:16,133 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-19 06:49:16,133 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-19 06:49:16,134 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [619537149] [2022-11-19 06:49:16,135 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 06:49:16,136 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-19 06:49:16,139 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 06:49:16,140 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-19 06:49:16,140 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=18, Unknown=0, NotChecked=0, Total=30 [2022-11-19 06:49:16,141 INFO L87 Difference]: Start difference. First operand 163 states and 206 transitions. Second operand has 6 states, 6 states have (on average 4.0) internal successors, (24), 6 states have internal predecessors, (24), 3 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-19 06:49:16,385 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 06:49:16,385 INFO L93 Difference]: Finished difference Result 513 states and 687 transitions. [2022-11-19 06:49:16,386 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-11-19 06:49:16,387 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.0) internal successors, (24), 6 states have internal predecessors, (24), 3 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 31 [2022-11-19 06:49:16,387 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 06:49:16,400 INFO L225 Difference]: With dead ends: 513 [2022-11-19 06:49:16,400 INFO L226 Difference]: Without dead ends: 352 [2022-11-19 06:49:16,402 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=17, Invalid=25, Unknown=0, NotChecked=0, Total=42 [2022-11-19 06:49:16,407 INFO L413 NwaCegarLoop]: 77 mSDtfsCounter, 106 mSDsluCounter, 186 mSDsCounter, 0 mSdLazyCounter, 136 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 106 SdHoareTripleChecker+Valid, 263 SdHoareTripleChecker+Invalid, 149 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 136 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-19 06:49:16,408 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [106 Valid, 263 Invalid, 149 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 136 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-19 06:49:16,409 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 352 states. [2022-11-19 06:49:16,496 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 352 to 319. [2022-11-19 06:49:16,498 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 319 states, 216 states have (on average 1.2685185185185186) internal successors, (274), 238 states have internal predecessors, (274), 53 states have call successors, (53), 46 states have call predecessors, (53), 49 states have return successors, (85), 53 states have call predecessors, (85), 53 states have call successors, (85) [2022-11-19 06:49:16,503 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 319 states to 319 states and 412 transitions. [2022-11-19 06:49:16,504 INFO L78 Accepts]: Start accepts. Automaton has 319 states and 412 transitions. Word has length 31 [2022-11-19 06:49:16,504 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 06:49:16,505 INFO L495 AbstractCegarLoop]: Abstraction has 319 states and 412 transitions. [2022-11-19 06:49:16,505 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.0) internal successors, (24), 6 states have internal predecessors, (24), 3 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-19 06:49:16,505 INFO L276 IsEmpty]: Start isEmpty. Operand 319 states and 412 transitions. [2022-11-19 06:49:16,508 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-11-19 06:49:16,508 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 06:49:16,509 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 06:49:16,509 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-19 06:49:16,509 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 06:49:16,510 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 06:49:16,510 INFO L85 PathProgramCache]: Analyzing trace with hash -831134401, now seen corresponding path program 1 times [2022-11-19 06:49:16,510 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 06:49:16,510 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [977801746] [2022-11-19 06:49:16,511 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 06:49:16,511 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 06:49:16,534 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 06:49:16,843 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-19 06:49:16,844 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 06:49:16,844 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [977801746] [2022-11-19 06:49:16,844 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [977801746] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 06:49:16,844 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-19 06:49:16,844 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2022-11-19 06:49:16,845 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [552611261] [2022-11-19 06:49:16,845 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 06:49:16,845 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2022-11-19 06:49:16,846 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 06:49:16,846 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2022-11-19 06:49:16,846 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-11-19 06:49:16,846 INFO L87 Difference]: Start difference. First operand 319 states and 412 transitions. Second operand has 9 states, 8 states have (on average 3.125) internal successors, (25), 8 states have internal predecessors, (25), 4 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-19 06:49:17,661 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 06:49:17,662 INFO L93 Difference]: Finished difference Result 1226 states and 1656 transitions. [2022-11-19 06:49:17,662 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 16 states. [2022-11-19 06:49:17,662 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 8 states have (on average 3.125) internal successors, (25), 8 states have internal predecessors, (25), 4 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) Word has length 34 [2022-11-19 06:49:17,663 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 06:49:17,672 INFO L225 Difference]: With dead ends: 1226 [2022-11-19 06:49:17,672 INFO L226 Difference]: Without dead ends: 955 [2022-11-19 06:49:17,674 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 23 GetRequests, 8 SyntacticMatches, 0 SemanticMatches, 15 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 40 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=76, Invalid=196, Unknown=0, NotChecked=0, Total=272 [2022-11-19 06:49:17,679 INFO L413 NwaCegarLoop]: 88 mSDtfsCounter, 233 mSDsluCounter, 272 mSDsCounter, 0 mSdLazyCounter, 627 mSolverCounterSat, 104 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 242 SdHoareTripleChecker+Valid, 360 SdHoareTripleChecker+Invalid, 731 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 104 IncrementalHoareTripleChecker+Valid, 627 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2022-11-19 06:49:17,681 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [242 Valid, 360 Invalid, 731 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [104 Valid, 627 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2022-11-19 06:49:17,683 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 955 states. [2022-11-19 06:49:17,842 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 955 to 924. [2022-11-19 06:49:17,845 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 924 states, 640 states have (on average 1.2578125) internal successors, (805), 689 states have internal predecessors, (805), 147 states have call successors, (147), 125 states have call predecessors, (147), 136 states have return successors, (249), 148 states have call predecessors, (249), 147 states have call successors, (249) [2022-11-19 06:49:17,851 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 924 states to 924 states and 1201 transitions. [2022-11-19 06:49:17,852 INFO L78 Accepts]: Start accepts. Automaton has 924 states and 1201 transitions. Word has length 34 [2022-11-19 06:49:17,852 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 06:49:17,853 INFO L495 AbstractCegarLoop]: Abstraction has 924 states and 1201 transitions. [2022-11-19 06:49:17,853 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 8 states have (on average 3.125) internal successors, (25), 8 states have internal predecessors, (25), 4 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-19 06:49:17,853 INFO L276 IsEmpty]: Start isEmpty. Operand 924 states and 1201 transitions. [2022-11-19 06:49:17,855 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2022-11-19 06:49:17,855 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 06:49:17,856 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 06:49:17,856 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-19 06:49:17,856 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 06:49:17,856 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 06:49:17,858 INFO L85 PathProgramCache]: Analyzing trace with hash -1720978991, now seen corresponding path program 1 times [2022-11-19 06:49:17,858 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 06:49:17,858 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1485620963] [2022-11-19 06:49:17,858 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 06:49:17,859 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 06:49:17,881 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 06:49:18,083 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-19 06:49:18,083 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 06:49:18,083 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1485620963] [2022-11-19 06:49:18,083 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1485620963] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-19 06:49:18,083 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [271980582] [2022-11-19 06:49:18,085 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 06:49:18,085 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-19 06:49:18,085 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 [2022-11-19 06:49:18,091 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-19 06:49:18,120 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-19 06:49:18,193 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 06:49:18,212 INFO L263 TraceCheckSpWp]: Trace formula consists of 219 conjuncts, 31 conjunts are in the unsatisfiable core [2022-11-19 06:49:18,217 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-19 06:49:18,537 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-19 06:49:18,537 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-19 06:49:19,030 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-19 06:49:19,031 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [271980582] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-19 06:49:19,031 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [751301882] [2022-11-19 06:49:19,049 INFO L159 IcfgInterpreter]: Started Sifa with 34 locations of interest [2022-11-19 06:49:19,050 INFO L166 IcfgInterpreter]: Building call graph [2022-11-19 06:49:19,054 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-19 06:49:19,059 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-19 06:49:19,060 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-19 06:49:19,510 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 114 for LOIs [2022-11-19 06:49:19,527 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 115 for LOIs [2022-11-19 06:49:20,993 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 112 for LOIs [2022-11-19 06:49:21,366 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 44 for LOIs [2022-11-19 06:49:21,373 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-19 06:49:32,674 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '6280#(and (= (select |#length| 15) 25) (= 9 (select |#length| 5)) (= (select |#length| 9) 21) (<= ~cleanupTimeShifts~0 4) (<= ~head~0.offset 0) (= 30 (select |#length| 7)) (= 1 (select |#valid| 5)) (= |timeShift_getWaterLevel_~retValue_acc~4#1| |timeShift_getWaterLevel_#res#1|) (= (select |#length| 3) 12) (= (select |#valid| 15) 1) (<= 0 |#NULL.base|) (= |timeShift_getWaterLevel_~retValue_acc~4#1| ~waterLevel~0) (= (select |#valid| 9) 1) (<= 0 |old(~pumpRunning~0)|) (= (select |#length| 12) 25) (<= 0 ~head~0.offset) (= (select |#valid| 11) 1) (= 30 (select |#length| 4)) (= 31 (select |#length| 2)) (<= 1 ~systemActive~0) (= 2 (select |#length| 1)) (= (select |#length| 8) 9) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~10#1|) (= (select |#valid| 3) 1) (= (select |#valid| 7) 1) (= |timeShift_getWaterLevel_#res#1| |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1|) (<= |#NULL.offset| 0) (= 0 |timeShift___utac_acc__Specification3_spec__1_~tmp___1~0#1|) (= 30 (select |#length| 13)) (= 30 (select |#length| 10)) (= (select |#valid| 12) 1) (<= 4 ~cleanupTimeShifts~0) (<= |old(~pumpRunning~0)| 0) (<= ~methaneLevelCritical~0 0) (= (select |#valid| 4) 1) (<= 0 ~head~0.base) (= (select |#valid| 1) 1) (= (select |#length| 6) 21) (<= |#NULL.base| 0) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~10#1|) (<= 0 ~methaneLevelCritical~0) (= (select |#valid| 14) 1) (= |old(~waterLevel~0)| ~waterLevel~0) (= 9 (select |#length| 14)) (= (select |#valid| 0) 0) (<= ~head~0.base 0) (= (select |#valid| 2) 1) (= 9 (select |#length| 11)) (= |timeShift___utac_acc__Specification3_spec__1_~tmp~3#1| 0) (= (select (select |#memory_int| 1) 0) 48) (<= 0 |#NULL.offset|) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification3_spec__1_~tmp___1~0#1|) (= (select |#valid| 6) 1) (= (select (select |#memory_int| 1) 1) 0) (= (select |#valid| 10) 1) (= (select |#valid| 8) 1) (= (select |#valid| 13) 1) (< 0 |#StackHeapBarrier|) (<= ~systemActive~0 1) (= 2 |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1|))' at error location [2022-11-19 06:49:32,674 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-19 06:49:32,674 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-19 06:49:32,674 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 8, 10] total 20 [2022-11-19 06:49:32,675 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1949933709] [2022-11-19 06:49:32,675 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-19 06:49:32,675 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 20 states [2022-11-19 06:49:32,675 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 06:49:32,676 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 20 interpolants. [2022-11-19 06:49:32,676 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=259, Invalid=1633, Unknown=0, NotChecked=0, Total=1892 [2022-11-19 06:49:32,677 INFO L87 Difference]: Start difference. First operand 924 states and 1201 transitions. Second operand has 20 states, 17 states have (on average 3.823529411764706) internal successors, (65), 17 states have internal predecessors, (65), 6 states have call successors, (13), 5 states have call predecessors, (13), 9 states have return successors, (12), 8 states have call predecessors, (12), 6 states have call successors, (12) [2022-11-19 06:49:35,405 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 06:49:35,405 INFO L93 Difference]: Finished difference Result 4618 states and 6350 transitions. [2022-11-19 06:49:35,406 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 53 states. [2022-11-19 06:49:35,406 INFO L78 Accepts]: Start accepts. Automaton has has 20 states, 17 states have (on average 3.823529411764706) internal successors, (65), 17 states have internal predecessors, (65), 6 states have call successors, (13), 5 states have call predecessors, (13), 9 states have return successors, (12), 8 states have call predecessors, (12), 6 states have call successors, (12) Word has length 35 [2022-11-19 06:49:35,406 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 06:49:35,452 INFO L225 Difference]: With dead ends: 4618 [2022-11-19 06:49:35,452 INFO L226 Difference]: Without dead ends: 3745 [2022-11-19 06:49:35,459 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 162 GetRequests, 71 SyntacticMatches, 5 SemanticMatches, 86 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2815 ImplicationChecksByTransitivity, 12.5s TimeCoverageRelationStatistics Valid=827, Invalid=6829, Unknown=0, NotChecked=0, Total=7656 [2022-11-19 06:49:35,460 INFO L413 NwaCegarLoop]: 152 mSDtfsCounter, 659 mSDsluCounter, 963 mSDsCounter, 0 mSdLazyCounter, 1337 mSolverCounterSat, 437 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 663 SdHoareTripleChecker+Valid, 1115 SdHoareTripleChecker+Invalid, 1774 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 437 IncrementalHoareTripleChecker+Valid, 1337 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.2s IncrementalHoareTripleChecker+Time [2022-11-19 06:49:35,463 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [663 Valid, 1115 Invalid, 1774 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [437 Valid, 1337 Invalid, 0 Unknown, 0 Unchecked, 1.2s Time] [2022-11-19 06:49:35,468 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 3745 states. [2022-11-19 06:49:35,811 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 3745 to 3223. [2022-11-19 06:49:35,817 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3223 states, 2258 states have (on average 1.241364038972542) internal successors, (2803), 2373 states have internal predecessors, (2803), 507 states have call successors, (507), 418 states have call predecessors, (507), 457 states have return successors, (885), 499 states have call predecessors, (885), 507 states have call successors, (885) [2022-11-19 06:49:35,835 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3223 states to 3223 states and 4195 transitions. [2022-11-19 06:49:35,836 INFO L78 Accepts]: Start accepts. Automaton has 3223 states and 4195 transitions. Word has length 35 [2022-11-19 06:49:35,836 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 06:49:35,836 INFO L495 AbstractCegarLoop]: Abstraction has 3223 states and 4195 transitions. [2022-11-19 06:49:35,837 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 20 states, 17 states have (on average 3.823529411764706) internal successors, (65), 17 states have internal predecessors, (65), 6 states have call successors, (13), 5 states have call predecessors, (13), 9 states have return successors, (12), 8 states have call predecessors, (12), 6 states have call successors, (12) [2022-11-19 06:49:35,837 INFO L276 IsEmpty]: Start isEmpty. Operand 3223 states and 4195 transitions. [2022-11-19 06:49:35,838 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-11-19 06:49:35,838 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 06:49:35,839 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 06:49:35,850 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2022-11-19 06:49:36,045 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-19 06:49:36,045 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 06:49:36,046 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 06:49:36,046 INFO L85 PathProgramCache]: Analyzing trace with hash -215949219, now seen corresponding path program 1 times [2022-11-19 06:49:36,046 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 06:49:36,046 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1104104525] [2022-11-19 06:49:36,046 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 06:49:36,046 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 06:49:36,059 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 06:49:36,208 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-19 06:49:36,208 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 06:49:36,209 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1104104525] [2022-11-19 06:49:36,209 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1104104525] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 06:49:36,209 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-19 06:49:36,209 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [] total 10 [2022-11-19 06:49:36,209 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1817608599] [2022-11-19 06:49:36,209 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 06:49:36,211 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-11-19 06:49:36,211 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 06:49:36,211 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-11-19 06:49:36,212 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=18, Invalid=72, Unknown=0, NotChecked=0, Total=90 [2022-11-19 06:49:36,212 INFO L87 Difference]: Start difference. First operand 3223 states and 4195 transitions. Second operand has 10 states, 8 states have (on average 3.375) internal successors, (27), 8 states have internal predecessors, (27), 3 states have call successors, (6), 3 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) [2022-11-19 06:49:37,376 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 06:49:37,378 INFO L93 Difference]: Finished difference Result 7437 states and 10242 transitions. [2022-11-19 06:49:37,378 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2022-11-19 06:49:37,378 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 8 states have (on average 3.375) internal successors, (27), 8 states have internal predecessors, (27), 3 states have call successors, (6), 3 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) Word has length 38 [2022-11-19 06:49:37,379 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 06:49:37,412 INFO L225 Difference]: With dead ends: 7437 [2022-11-19 06:49:37,412 INFO L226 Difference]: Without dead ends: 5386 [2022-11-19 06:49:37,421 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 21 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 17 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 33 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=72, Invalid=270, Unknown=0, NotChecked=0, Total=342 [2022-11-19 06:49:37,422 INFO L413 NwaCegarLoop]: 18 mSDtfsCounter, 150 mSDsluCounter, 84 mSDsCounter, 0 mSdLazyCounter, 566 mSolverCounterSat, 87 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 155 SdHoareTripleChecker+Valid, 102 SdHoareTripleChecker+Invalid, 653 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 87 IncrementalHoareTripleChecker+Valid, 566 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2022-11-19 06:49:37,422 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [155 Valid, 102 Invalid, 653 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [87 Valid, 566 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2022-11-19 06:49:37,428 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 5386 states. [2022-11-19 06:49:38,036 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 5386 to 5124. [2022-11-19 06:49:38,044 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5124 states, 3562 states have (on average 1.2198203256597417) internal successors, (4345), 3744 states have internal predecessors, (4345), 824 states have call successors, (824), 680 states have call predecessors, (824), 737 states have return successors, (1467), 808 states have call predecessors, (1467), 824 states have call successors, (1467) [2022-11-19 06:49:38,077 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5124 states to 5124 states and 6636 transitions. [2022-11-19 06:49:38,078 INFO L78 Accepts]: Start accepts. Automaton has 5124 states and 6636 transitions. Word has length 38 [2022-11-19 06:49:38,079 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 06:49:38,079 INFO L495 AbstractCegarLoop]: Abstraction has 5124 states and 6636 transitions. [2022-11-19 06:49:38,079 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 8 states have (on average 3.375) internal successors, (27), 8 states have internal predecessors, (27), 3 states have call successors, (6), 3 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) [2022-11-19 06:49:38,079 INFO L276 IsEmpty]: Start isEmpty. Operand 5124 states and 6636 transitions. [2022-11-19 06:49:38,085 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2022-11-19 06:49:38,085 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 06:49:38,085 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 06:49:38,085 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-11-19 06:49:38,086 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 06:49:38,086 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 06:49:38,086 INFO L85 PathProgramCache]: Analyzing trace with hash 97085556, now seen corresponding path program 1 times [2022-11-19 06:49:38,086 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 06:49:38,087 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1629552099] [2022-11-19 06:49:38,087 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 06:49:38,087 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 06:49:38,098 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 06:49:38,173 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 16 proven. 1 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-11-19 06:49:38,174 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 06:49:38,174 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1629552099] [2022-11-19 06:49:38,174 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1629552099] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-19 06:49:38,174 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [919155212] [2022-11-19 06:49:38,174 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 06:49:38,174 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-19 06:49:38,174 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 [2022-11-19 06:49:38,175 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-19 06:49:38,187 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-19 06:49:38,276 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 06:49:38,278 INFO L263 TraceCheckSpWp]: Trace formula consists of 288 conjuncts, 24 conjunts are in the unsatisfiable core [2022-11-19 06:49:38,281 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-19 06:49:38,547 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 4 proven. 11 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2022-11-19 06:49:38,547 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-19 06:49:38,908 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 6 proven. 2 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2022-11-19 06:49:38,908 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [919155212] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-19 06:49:38,908 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1510325994] [2022-11-19 06:49:38,915 INFO L159 IcfgInterpreter]: Started Sifa with 37 locations of interest [2022-11-19 06:49:38,915 INFO L166 IcfgInterpreter]: Building call graph [2022-11-19 06:49:38,915 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-19 06:49:38,916 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-19 06:49:38,916 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-19 06:49:41,246 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 114 for LOIs [2022-11-19 06:49:41,257 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 119 for LOIs [2022-11-19 06:49:41,698 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 119 for LOIs [2022-11-19 06:49:42,123 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 48 for LOIs [2022-11-19 06:49:42,136 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-19 06:49:52,345 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '38474#(and (= |timeShift_getWaterLevel_~retValue_acc~4#1| |timeShift_getWaterLevel_#res#1|) (= |timeShift_getWaterLevel_~retValue_acc~4#1| ~waterLevel~0) (= ~methaneLevelCritical~0 0) (= ~head~0.offset 0) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~10#1|) (= |timeShift_getWaterLevel_#res#1| |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1|) (= 0 |timeShift___utac_acc__Specification3_spec__1_~tmp___1~0#1|) (= 1 ~systemActive~0) (= |old(~pumpRunning~0)| 0) (<= 2 |old(~waterLevel~0)|) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~10#1|) (= ~head~0.base 0) (= |#NULL.offset| 0) (= |timeShift___utac_acc__Specification3_spec__1_~tmp~3#1| 0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification3_spec__1_~tmp___1~0#1|) (<= 0 |#StackHeapBarrier|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0) (= 2 |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1|))' at error location [2022-11-19 06:49:52,345 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-19 06:49:52,345 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-19 06:49:52,345 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 9, 8] total 19 [2022-11-19 06:49:52,345 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1406315519] [2022-11-19 06:49:52,346 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-19 06:49:52,346 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 19 states [2022-11-19 06:49:52,346 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 06:49:52,347 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 19 interpolants. [2022-11-19 06:49:52,347 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=241, Invalid=1565, Unknown=0, NotChecked=0, Total=1806 [2022-11-19 06:49:52,348 INFO L87 Difference]: Start difference. First operand 5124 states and 6636 transitions. Second operand has 19 states, 17 states have (on average 5.705882352941177) internal successors, (97), 18 states have internal predecessors, (97), 9 states have call successors, (19), 7 states have call predecessors, (19), 7 states have return successors, (16), 10 states have call predecessors, (16), 9 states have call successors, (16) [2022-11-19 06:49:58,630 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 06:49:58,630 INFO L93 Difference]: Finished difference Result 13598 states and 18538 transitions. [2022-11-19 06:49:58,630 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 103 states. [2022-11-19 06:49:58,631 INFO L78 Accepts]: Start accepts. Automaton has has 19 states, 17 states have (on average 5.705882352941177) internal successors, (97), 18 states have internal predecessors, (97), 9 states have call successors, (19), 7 states have call predecessors, (19), 7 states have return successors, (16), 10 states have call predecessors, (16), 9 states have call successors, (16) Word has length 55 [2022-11-19 06:49:58,631 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 06:49:58,680 INFO L225 Difference]: With dead ends: 13598 [2022-11-19 06:49:58,680 INFO L226 Difference]: Without dead ends: 8479 [2022-11-19 06:49:58,705 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 296 GetRequests, 148 SyntacticMatches, 6 SemanticMatches, 142 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7970 ImplicationChecksByTransitivity, 13.3s TimeCoverageRelationStatistics Valid=1942, Invalid=18650, Unknown=0, NotChecked=0, Total=20592 [2022-11-19 06:49:58,708 INFO L413 NwaCegarLoop]: 126 mSDtfsCounter, 1503 mSDsluCounter, 767 mSDsCounter, 0 mSdLazyCounter, 2914 mSolverCounterSat, 1025 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1503 SdHoareTripleChecker+Valid, 893 SdHoareTripleChecker+Invalid, 3939 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1025 IncrementalHoareTripleChecker+Valid, 2914 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.1s IncrementalHoareTripleChecker+Time [2022-11-19 06:49:58,708 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1503 Valid, 893 Invalid, 3939 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1025 Valid, 2914 Invalid, 0 Unknown, 0 Unchecked, 2.1s Time] [2022-11-19 06:49:58,717 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 8479 states. [2022-11-19 06:49:59,795 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 8479 to 7976. [2022-11-19 06:49:59,810 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7976 states, 5495 states have (on average 1.1741583257506825) internal successors, (6452), 5783 states have internal predecessors, (6452), 1289 states have call successors, (1289), 1069 states have call predecessors, (1289), 1191 states have return successors, (2383), 1273 states have call predecessors, (2383), 1289 states have call successors, (2383) [2022-11-19 06:49:59,850 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7976 states to 7976 states and 10124 transitions. [2022-11-19 06:49:59,852 INFO L78 Accepts]: Start accepts. Automaton has 7976 states and 10124 transitions. Word has length 55 [2022-11-19 06:49:59,853 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 06:49:59,853 INFO L495 AbstractCegarLoop]: Abstraction has 7976 states and 10124 transitions. [2022-11-19 06:49:59,853 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 19 states, 17 states have (on average 5.705882352941177) internal successors, (97), 18 states have internal predecessors, (97), 9 states have call successors, (19), 7 states have call predecessors, (19), 7 states have return successors, (16), 10 states have call predecessors, (16), 9 states have call successors, (16) [2022-11-19 06:49:59,853 INFO L276 IsEmpty]: Start isEmpty. Operand 7976 states and 10124 transitions. [2022-11-19 06:49:59,858 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 59 [2022-11-19 06:49:59,858 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 06:49:59,859 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 06:49:59,867 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-19 06:50:00,064 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-19 06:50:00,064 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 06:50:00,065 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 06:50:00,065 INFO L85 PathProgramCache]: Analyzing trace with hash -177188978, now seen corresponding path program 1 times [2022-11-19 06:50:00,065 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 06:50:00,065 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1527909831] [2022-11-19 06:50:00,065 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 06:50:00,065 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 06:50:00,085 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 06:50:00,260 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2022-11-19 06:50:00,261 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 06:50:00,261 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1527909831] [2022-11-19 06:50:00,261 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1527909831] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 06:50:00,261 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-19 06:50:00,261 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-19 06:50:00,262 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [428451506] [2022-11-19 06:50:00,262 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 06:50:00,262 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-19 06:50:00,262 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 06:50:00,263 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-19 06:50:00,263 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=8, Invalid=12, Unknown=0, NotChecked=0, Total=20 [2022-11-19 06:50:00,263 INFO L87 Difference]: Start difference. First operand 7976 states and 10124 transitions. Second operand has 5 states, 5 states have (on average 6.6) internal successors, (33), 5 states have internal predecessors, (33), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (6), 2 states have call predecessors, (6), 2 states have call successors, (6) [2022-11-19 06:50:01,322 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 06:50:01,322 INFO L93 Difference]: Finished difference Result 15651 states and 19924 transitions. [2022-11-19 06:50:01,323 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-19 06:50:01,323 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 5 states have internal predecessors, (33), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (6), 2 states have call predecessors, (6), 2 states have call successors, (6) Word has length 58 [2022-11-19 06:50:01,325 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 06:50:01,391 INFO L225 Difference]: With dead ends: 15651 [2022-11-19 06:50:01,392 INFO L226 Difference]: Without dead ends: 8060 [2022-11-19 06:50:01,535 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=13, Invalid=17, Unknown=0, NotChecked=0, Total=30 [2022-11-19 06:50:01,536 INFO L413 NwaCegarLoop]: 61 mSDtfsCounter, 53 mSDsluCounter, 128 mSDsCounter, 0 mSdLazyCounter, 74 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 54 SdHoareTripleChecker+Valid, 189 SdHoareTripleChecker+Invalid, 82 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 74 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-19 06:50:01,537 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [54 Valid, 189 Invalid, 82 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 74 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-19 06:50:01,545 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 8060 states. [2022-11-19 06:50:02,807 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 8060 to 7964. [2022-11-19 06:50:02,833 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 7964 states, 5483 states have (on average 1.1705270837132957) internal successors, (6418), 5771 states have internal predecessors, (6418), 1289 states have call successors, (1289), 1069 states have call predecessors, (1289), 1191 states have return successors, (2383), 1273 states have call predecessors, (2383), 1289 states have call successors, (2383) [2022-11-19 06:50:02,864 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 7964 states to 7964 states and 10090 transitions. [2022-11-19 06:50:02,866 INFO L78 Accepts]: Start accepts. Automaton has 7964 states and 10090 transitions. Word has length 58 [2022-11-19 06:50:02,866 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 06:50:02,866 INFO L495 AbstractCegarLoop]: Abstraction has 7964 states and 10090 transitions. [2022-11-19 06:50:02,867 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 6.6) internal successors, (33), 5 states have internal predecessors, (33), 2 states have call successors, (6), 1 states have call predecessors, (6), 2 states have return successors, (6), 2 states have call predecessors, (6), 2 states have call successors, (6) [2022-11-19 06:50:02,868 INFO L276 IsEmpty]: Start isEmpty. Operand 7964 states and 10090 transitions. [2022-11-19 06:50:02,873 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 65 [2022-11-19 06:50:02,873 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 06:50:02,873 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 06:50:02,873 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9 [2022-11-19 06:50:02,874 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 06:50:02,874 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 06:50:02,874 INFO L85 PathProgramCache]: Analyzing trace with hash -561315309, now seen corresponding path program 1 times [2022-11-19 06:50:02,875 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 06:50:02,875 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [207598132] [2022-11-19 06:50:02,875 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 06:50:02,875 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 06:50:02,910 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 06:50:03,307 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 9 proven. 11 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2022-11-19 06:50:03,307 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 06:50:03,307 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [207598132] [2022-11-19 06:50:03,307 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [207598132] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-19 06:50:03,308 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1599670749] [2022-11-19 06:50:03,308 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 06:50:03,308 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-19 06:50:03,308 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 [2022-11-19 06:50:03,309 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-19 06:50:03,316 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-11-19 06:50:03,401 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 06:50:03,403 INFO L263 TraceCheckSpWp]: Trace formula consists of 306 conjuncts, 7 conjunts are in the unsatisfiable core [2022-11-19 06:50:03,405 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-19 06:50:03,479 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 25 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-19 06:50:03,479 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-19 06:50:03,479 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1599670749] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 06:50:03,479 INFO L184 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2022-11-19 06:50:03,480 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [13] total 16 [2022-11-19 06:50:03,480 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1796071314] [2022-11-19 06:50:03,480 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 06:50:03,480 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-19 06:50:03,480 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 06:50:03,481 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-19 06:50:03,481 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=34, Invalid=206, Unknown=0, NotChecked=0, Total=240 [2022-11-19 06:50:03,482 INFO L87 Difference]: Start difference. First operand 7964 states and 10090 transitions. Second operand has 5 states, 5 states have (on average 8.8) internal successors, (44), 5 states have internal predecessors, (44), 3 states have call successors, (10), 4 states have call predecessors, (10), 4 states have return successors, (9), 3 states have call predecessors, (9), 3 states have call successors, (9) [2022-11-19 06:50:04,420 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 06:50:04,420 INFO L93 Difference]: Finished difference Result 13684 states and 17624 transitions. [2022-11-19 06:50:04,421 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-19 06:50:04,421 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 8.8) internal successors, (44), 5 states have internal predecessors, (44), 3 states have call successors, (10), 4 states have call predecessors, (10), 4 states have return successors, (9), 3 states have call predecessors, (9), 3 states have call successors, (9) Word has length 64 [2022-11-19 06:50:04,422 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 06:50:04,451 INFO L225 Difference]: With dead ends: 13684 [2022-11-19 06:50:04,451 INFO L226 Difference]: Without dead ends: 6078 [2022-11-19 06:50:04,480 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 83 GetRequests, 66 SyntacticMatches, 0 SemanticMatches, 17 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 34 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=46, Invalid=296, Unknown=0, NotChecked=0, Total=342 [2022-11-19 06:50:04,480 INFO L413 NwaCegarLoop]: 53 mSDtfsCounter, 71 mSDsluCounter, 77 mSDsCounter, 0 mSdLazyCounter, 120 mSolverCounterSat, 42 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 71 SdHoareTripleChecker+Valid, 130 SdHoareTripleChecker+Invalid, 162 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 42 IncrementalHoareTripleChecker+Valid, 120 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-19 06:50:04,481 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [71 Valid, 130 Invalid, 162 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [42 Valid, 120 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-19 06:50:04,487 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 6078 states. [2022-11-19 06:50:05,219 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 6078 to 5864. [2022-11-19 06:50:05,228 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 5864 states, 4069 states have (on average 1.1511427869255346) internal successors, (4684), 4247 states have internal predecessors, (4684), 953 states have call successors, (953), 807 states have call predecessors, (953), 841 states have return successors, (1439), 902 states have call predecessors, (1439), 953 states have call successors, (1439) [2022-11-19 06:50:05,248 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 5864 states to 5864 states and 7076 transitions. [2022-11-19 06:50:05,250 INFO L78 Accepts]: Start accepts. Automaton has 5864 states and 7076 transitions. Word has length 64 [2022-11-19 06:50:05,251 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 06:50:05,251 INFO L495 AbstractCegarLoop]: Abstraction has 5864 states and 7076 transitions. [2022-11-19 06:50:05,251 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 8.8) internal successors, (44), 5 states have internal predecessors, (44), 3 states have call successors, (10), 4 states have call predecessors, (10), 4 states have return successors, (9), 3 states have call predecessors, (9), 3 states have call successors, (9) [2022-11-19 06:50:05,251 INFO L276 IsEmpty]: Start isEmpty. Operand 5864 states and 7076 transitions. [2022-11-19 06:50:05,254 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 71 [2022-11-19 06:50:05,254 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 06:50:05,254 INFO L195 NwaCegarLoop]: trace histogram [4, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 06:50:05,264 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2022-11-19 06:50:05,460 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2022-11-19 06:50:05,460 INFO L420 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 06:50:05,460 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 06:50:05,460 INFO L85 PathProgramCache]: Analyzing trace with hash 397711121, now seen corresponding path program 1 times [2022-11-19 06:50:05,461 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 06:50:05,461 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [181693962] [2022-11-19 06:50:05,461 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 06:50:05,461 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 06:50:05,483 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 06:50:05,783 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 17 proven. 5 refuted. 0 times theorem prover too weak. 16 trivial. 0 not checked. [2022-11-19 06:50:05,783 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 06:50:05,783 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [181693962] [2022-11-19 06:50:05,783 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [181693962] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-19 06:50:05,783 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1630768489] [2022-11-19 06:50:05,784 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 06:50:05,784 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-19 06:50:05,784 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 [2022-11-19 06:50:05,785 INFO L229 MonitoredProcess]: Starting monitored process 5 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-19 06:50:05,807 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2022-11-19 06:50:05,878 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 06:50:05,880 INFO L263 TraceCheckSpWp]: Trace formula consists of 326 conjuncts, 25 conjunts are in the unsatisfiable core [2022-11-19 06:50:05,883 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-19 06:50:06,192 INFO L134 CoverageAnalysis]: Checked inductivity of 38 backedges. 34 proven. 0 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-11-19 06:50:06,192 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-19 06:50:06,192 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1630768489] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 06:50:06,192 INFO L184 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2022-11-19 06:50:06,192 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [9] total 16 [2022-11-19 06:50:06,193 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [874384482] [2022-11-19 06:50:06,193 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 06:50:06,193 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2022-11-19 06:50:06,193 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 06:50:06,194 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2022-11-19 06:50:06,194 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=61, Invalid=179, Unknown=0, NotChecked=0, Total=240 [2022-11-19 06:50:06,194 INFO L87 Difference]: Start difference. First operand 5864 states and 7076 transitions. Second operand has 9 states, 9 states have (on average 5.222222222222222) internal successors, (47), 8 states have internal predecessors, (47), 5 states have call successors, (11), 5 states have call predecessors, (11), 4 states have return successors, (10), 4 states have call predecessors, (10), 5 states have call successors, (10) [2022-11-19 06:50:07,070 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 06:50:07,071 INFO L93 Difference]: Finished difference Result 8434 states and 10232 transitions. [2022-11-19 06:50:07,071 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2022-11-19 06:50:07,072 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 9 states have (on average 5.222222222222222) internal successors, (47), 8 states have internal predecessors, (47), 5 states have call successors, (11), 5 states have call predecessors, (11), 4 states have return successors, (10), 4 states have call predecessors, (10), 5 states have call successors, (10) Word has length 70 [2022-11-19 06:50:07,072 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 06:50:07,095 INFO L225 Difference]: With dead ends: 8434 [2022-11-19 06:50:07,095 INFO L226 Difference]: Without dead ends: 2754 [2022-11-19 06:50:07,112 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 85 GetRequests, 64 SyntacticMatches, 0 SemanticMatches, 21 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 86 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=139, Invalid=367, Unknown=0, NotChecked=0, Total=506 [2022-11-19 06:50:07,113 INFO L413 NwaCegarLoop]: 40 mSDtfsCounter, 151 mSDsluCounter, 87 mSDsCounter, 0 mSdLazyCounter, 293 mSolverCounterSat, 69 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 158 SdHoareTripleChecker+Valid, 127 SdHoareTripleChecker+Invalid, 362 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 69 IncrementalHoareTripleChecker+Valid, 293 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-19 06:50:07,114 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [158 Valid, 127 Invalid, 362 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [69 Valid, 293 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-19 06:50:07,117 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2754 states. [2022-11-19 06:50:07,605 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2754 to 2708. [2022-11-19 06:50:07,608 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2708 states, 1872 states have (on average 1.1495726495726495) internal successors, (2152), 1965 states have internal predecessors, (2152), 453 states have call successors, (453), 384 states have call predecessors, (453), 382 states have return successors, (631), 414 states have call predecessors, (631), 453 states have call successors, (631) [2022-11-19 06:50:07,619 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2708 states to 2708 states and 3236 transitions. [2022-11-19 06:50:07,621 INFO L78 Accepts]: Start accepts. Automaton has 2708 states and 3236 transitions. Word has length 70 [2022-11-19 06:50:07,621 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 06:50:07,621 INFO L495 AbstractCegarLoop]: Abstraction has 2708 states and 3236 transitions. [2022-11-19 06:50:07,622 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 9 states have (on average 5.222222222222222) internal successors, (47), 8 states have internal predecessors, (47), 5 states have call successors, (11), 5 states have call predecessors, (11), 4 states have return successors, (10), 4 states have call predecessors, (10), 5 states have call successors, (10) [2022-11-19 06:50:07,622 INFO L276 IsEmpty]: Start isEmpty. Operand 2708 states and 3236 transitions. [2022-11-19 06:50:07,624 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 70 [2022-11-19 06:50:07,624 INFO L187 NwaCegarLoop]: Found error trace [2022-11-19 06:50:07,624 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 06:50:07,630 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2022-11-19 06:50:07,830 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable11 [2022-11-19 06:50:07,830 INFO L420 AbstractCegarLoop]: === Iteration 13 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-19 06:50:07,831 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-19 06:50:07,831 INFO L85 PathProgramCache]: Analyzing trace with hash -1577755787, now seen corresponding path program 1 times [2022-11-19 06:50:07,831 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-19 06:50:07,831 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [507101718] [2022-11-19 06:50:07,832 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 06:50:07,832 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-19 06:50:07,860 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 06:50:08,288 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 12 proven. 10 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-19 06:50:08,288 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-19 06:50:08,289 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [507101718] [2022-11-19 06:50:08,289 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [507101718] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-19 06:50:08,289 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [669100787] [2022-11-19 06:50:08,289 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-19 06:50:08,290 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-19 06:50:08,290 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 [2022-11-19 06:50:08,291 INFO L229 MonitoredProcess]: Starting monitored process 6 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-19 06:50:08,315 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2022-11-19 06:50:08,387 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-19 06:50:08,389 INFO L263 TraceCheckSpWp]: Trace formula consists of 312 conjuncts, 27 conjunts are in the unsatisfiable core [2022-11-19 06:50:08,392 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-19 06:50:08,501 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 12 proven. 0 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2022-11-19 06:50:08,501 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-19 06:50:08,502 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [669100787] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-19 06:50:08,502 INFO L184 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2022-11-19 06:50:08,502 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [10] imperfect sequences [13] total 17 [2022-11-19 06:50:08,502 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1427021456] [2022-11-19 06:50:08,502 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-19 06:50:08,503 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-11-19 06:50:08,503 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-19 06:50:08,503 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-11-19 06:50:08,504 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=41, Invalid=231, Unknown=0, NotChecked=0, Total=272 [2022-11-19 06:50:08,504 INFO L87 Difference]: Start difference. First operand 2708 states and 3236 transitions. Second operand has 10 states, 8 states have (on average 4.625) internal successors, (37), 8 states have internal predecessors, (37), 2 states have call successors, (8), 2 states have call predecessors, (8), 4 states have return successors, (9), 4 states have call predecessors, (9), 2 states have call successors, (9) [2022-11-19 06:50:09,310 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-19 06:50:09,310 INFO L93 Difference]: Finished difference Result 4995 states and 6036 transitions. [2022-11-19 06:50:09,311 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2022-11-19 06:50:09,311 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 8 states have (on average 4.625) internal successors, (37), 8 states have internal predecessors, (37), 2 states have call successors, (8), 2 states have call predecessors, (8), 4 states have return successors, (9), 4 states have call predecessors, (9), 2 states have call successors, (9) Word has length 69 [2022-11-19 06:50:09,311 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-19 06:50:09,313 INFO L225 Difference]: With dead ends: 4995 [2022-11-19 06:50:09,313 INFO L226 Difference]: Without dead ends: 0 [2022-11-19 06:50:09,327 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 89 GetRequests, 69 SyntacticMatches, 0 SemanticMatches, 20 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 50 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=75, Invalid=387, Unknown=0, NotChecked=0, Total=462 [2022-11-19 06:50:09,328 INFO L413 NwaCegarLoop]: 87 mSDtfsCounter, 104 mSDsluCounter, 401 mSDsCounter, 0 mSdLazyCounter, 366 mSolverCounterSat, 18 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 107 SdHoareTripleChecker+Valid, 488 SdHoareTripleChecker+Invalid, 384 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 18 IncrementalHoareTripleChecker+Valid, 366 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-19 06:50:09,328 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [107 Valid, 488 Invalid, 384 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [18 Valid, 366 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-19 06:50:09,328 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-19 06:50:09,329 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-19 06:50:09,329 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-19 06:50:09,329 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-19 06:50:09,330 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 69 [2022-11-19 06:50:09,330 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-19 06:50:09,330 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-19 06:50:09,330 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 8 states have (on average 4.625) internal successors, (37), 8 states have internal predecessors, (37), 2 states have call successors, (8), 2 states have call predecessors, (8), 4 states have return successors, (9), 4 states have call predecessors, (9), 2 states have call successors, (9) [2022-11-19 06:50:09,330 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-19 06:50:09,331 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-19 06:50:09,333 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-19 06:50:09,344 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Forceful destruction successful, exit code 0 [2022-11-19 06:50:09,539 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable12 [2022-11-19 06:50:09,541 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-19 06:50:45,292 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 641 647) no Hoare annotation was computed. [2022-11-19 06:50:45,292 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 641 647) the Hoare annotation is: true [2022-11-19 06:50:45,292 INFO L895 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 450 461) the Hoare annotation is: (or (not (= 1 ~systemActive~0)) (= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0) (not (< ~waterLevel~0 3))) [2022-11-19 06:50:45,292 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 450 461) no Hoare annotation was computed. [2022-11-19 06:50:45,292 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 896 925) no Hoare annotation was computed. [2022-11-19 06:50:45,293 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 896 925) the Hoare annotation is: true [2022-11-19 06:50:45,293 INFO L902 garLoopResultBuilder]: At program point L921(lines 896 925) the Hoare annotation is: true [2022-11-19 06:50:45,293 INFO L899 garLoopResultBuilder]: For program point L917(line 917) no Hoare annotation was computed. [2022-11-19 06:50:45,293 INFO L899 garLoopResultBuilder]: For program point L910(lines 910 914) no Hoare annotation was computed. [2022-11-19 06:50:45,293 INFO L902 garLoopResultBuilder]: At program point L910-1(lines 910 914) the Hoare annotation is: true [2022-11-19 06:50:45,293 INFO L902 garLoopResultBuilder]: At program point L906-2(lines 906 920) the Hoare annotation is: true [2022-11-19 06:50:45,293 INFO L902 garLoopResultBuilder]: At program point L902(line 902) the Hoare annotation is: true [2022-11-19 06:50:45,294 INFO L899 garLoopResultBuilder]: For program point L902-1(line 902) no Hoare annotation was computed. [2022-11-19 06:50:45,297 INFO L895 garLoopResultBuilder]: At program point L576(lines 576 596) the Hoare annotation is: (let ((.cse4 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse3 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= 1 ~systemActive~0))) (.cse5 (not (= |old(~waterLevel~0)| 2))) (.cse6 (= ~waterLevel~0 1))) (and (let ((.cse0 (= ~methaneLevelCritical~0 |timeShift___utac_acc__Specification3_spec__1_~tmp~3#1|))) (or (and .cse0 (not (= |old(~pumpRunning~0)| 0)) .cse1) .cse2 (and .cse0 .cse3 (not .cse1)) (and .cse0 .cse4) (not (< |old(~waterLevel~0)| 3)))) (or .cse2 .cse5 .cse4 .cse6) (let ((.cse7 (<= ~waterLevel~0 |old(~waterLevel~0)|))) (or .cse2 (not (< |old(~waterLevel~0)| 2)) (and .cse3 .cse7) (and .cse1 .cse7))) (or .cse2 (not (= |old(~pumpRunning~0)| 1)) .cse5 .cse6) (or .cse2 (not (= ~methaneLevelCritical~0 0)) .cse5 .cse6 (= ~pumpRunning~0 1)))) [2022-11-19 06:50:45,298 INFO L895 garLoopResultBuilder]: At program point L605(line 605) the Hoare annotation is: (or (not (= 1 ~systemActive~0)) (not (< |old(~waterLevel~0)| 3))) [2022-11-19 06:50:45,298 INFO L895 garLoopResultBuilder]: At program point L689(line 689) the Hoare annotation is: (or (not (= 1 ~systemActive~0)) (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (not (= ~pumpRunning~0 0)) (let ((.cse0 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse0) (= |old(~waterLevel~0)| ~waterLevel~0)) (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) .cse0)))) (not (< |old(~waterLevel~0)| 3))) [2022-11-19 06:50:45,298 INFO L899 garLoopResultBuilder]: For program point L586(lines 586 592) no Hoare annotation was computed. [2022-11-19 06:50:45,300 INFO L895 garLoopResultBuilder]: At program point L582(lines 582 595) the Hoare annotation is: (let ((.cse8 (= |old(~pumpRunning~0)| 0))) (let ((.cse3 (= ~waterLevel~0 1)) (.cse2 (not (= |old(~waterLevel~0)| 2))) (.cse7 (not .cse8)) (.cse0 (= ~methaneLevelCritical~0 |timeShift___utac_acc__Specification3_spec__1_~tmp~3#1|)) (.cse4 (= ~pumpRunning~0 0)) (.cse5 (<= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1| 1)) (.cse9 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse10 (= ~methaneLevelCritical~0 0)) (.cse1 (not (= 1 ~systemActive~0))) (.cse11 (not (< |old(~waterLevel~0)| 2)))) (and (or (and .cse0 (= ~pumpRunning~0 1)) .cse1 .cse2 .cse3) (let ((.cse6 (<= ~waterLevel~0 |old(~waterLevel~0)|))) (or (and .cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|) (not .cse4) .cse5 .cse6) (and .cse0 .cse7 .cse4 .cse5 .cse6) .cse1 (and .cse8 (not (<= 2 |old(~waterLevel~0)|))) (and (<= 2 ~waterLevel~0) .cse9) (not (< |old(~waterLevel~0)| 3)))) (or .cse1 (not (= |old(~pumpRunning~0)| 1)) .cse2 .cse3) (or .cse10 .cse1 .cse2) (or .cse7 .cse1 .cse11 (and .cse0 .cse4 .cse5 .cse9)) (or .cse10 .cse1 .cse11)))) [2022-11-19 06:50:45,301 INFO L895 garLoopResultBuilder]: At program point L582-1(lines 567 599) the Hoare annotation is: (let ((.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (< |old(~waterLevel~0)| 2))) (.cse8 (not (= |old(~waterLevel~0)| 2))) (.cse5 (= ~waterLevel~0 1)) (.cse6 (= ~methaneLevelCritical~0 |timeShift___utac_acc__Specification3_spec__1_~tmp~3#1|)) (.cse3 (<= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1| 1)) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse7 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse10 (not (< |old(~waterLevel~0)| 3)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 (and .cse4 .cse5) (and .cse6 .cse7) .cse8) (or .cse4 .cse0 .cse1 .cse7) (or .cse0 (not (= |old(~pumpRunning~0)| 1)) .cse8 .cse5) (let ((.cse9 (<= ~waterLevel~0 |old(~waterLevel~0)|))) (or .cse0 (and (<= 2 ~waterLevel~0) .cse7) (and .cse6 (= ~pumpRunning~0 0) .cse9) (and .cse6 (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse9) .cse10)) (or (and .cse3 (< ~waterLevel~0 2)) .cse0 .cse2 (and .cse7 (= ~pumpRunning~0 1)) .cse10))) [2022-11-19 06:50:45,301 INFO L895 garLoopResultBuilder]: At program point L574(line 574) the Hoare annotation is: (let ((.cse4 (not (= |old(~pumpRunning~0)| 0)))) (let ((.cse1 (and .cse4 (= ~waterLevel~0 1))) (.cse2 (not (= |old(~waterLevel~0)| 2))) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse0 (not (= 1 ~systemActive~0))) (.cse6 (not (< |old(~waterLevel~0)| 3)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 (not (= ~methaneLevelCritical~0 0)) .cse1 .cse2 (= ~pumpRunning~0 1)) (or .cse4 .cse0 (not (< |old(~waterLevel~0)| 2)) .cse3) (let ((.cse5 (<= ~waterLevel~0 |old(~waterLevel~0)|))) (or .cse0 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse5) (and (<= 2 ~waterLevel~0) .cse3) (and (= ~pumpRunning~0 0) .cse5) .cse6)) (or .cse0 (not (= |old(~pumpRunning~0)| 1)) (< ~waterLevel~0 2) .cse6)))) [2022-11-19 06:50:45,301 INFO L899 garLoopResultBuilder]: For program point L574-1(line 574) no Hoare annotation was computed. [2022-11-19 06:50:45,301 INFO L895 garLoopResultBuilder]: At program point L694(line 694) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0)))) (and (or .cse0 .cse1 (not (= |old(~waterLevel~0)| 2))) (or .cse0 (not (< |old(~waterLevel~0)| 2)) .cse1))) [2022-11-19 06:50:45,302 INFO L895 garLoopResultBuilder]: At program point L694-1(lines 675 699) the Hoare annotation is: (let ((.cse4 (not (= |old(~pumpRunning~0)| 0)))) (let ((.cse1 (and .cse4 (= ~waterLevel~0 1))) (.cse2 (not (= |old(~waterLevel~0)| 2))) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse0 (not (= 1 ~systemActive~0))) (.cse6 (not (< |old(~waterLevel~0)| 3)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 (not (= ~methaneLevelCritical~0 0)) .cse1 .cse2 (= ~pumpRunning~0 1)) (or .cse4 .cse0 (not (< |old(~waterLevel~0)| 2)) .cse3) (let ((.cse5 (<= ~waterLevel~0 |old(~waterLevel~0)|))) (or .cse0 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse5) (and (<= 2 ~waterLevel~0) .cse3) (and (= ~pumpRunning~0 0) .cse5) .cse6)) (or .cse0 (not (= |old(~pumpRunning~0)| 1)) (< ~waterLevel~0 2) .cse6)))) [2022-11-19 06:50:45,302 INFO L899 garLoopResultBuilder]: For program point L628-1(lines 628 634) no Hoare annotation was computed. [2022-11-19 06:50:45,302 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 617 640) the Hoare annotation is: (or (not (= 1 ~systemActive~0)) (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (= |old(~waterLevel~0)| ~waterLevel~0)) (not (< |old(~waterLevel~0)| 3))) [2022-11-19 06:50:45,303 INFO L899 garLoopResultBuilder]: For program point L621-1(lines 620 639) no Hoare annotation was computed. [2022-11-19 06:50:45,303 INFO L895 garLoopResultBuilder]: At program point L683(lines 683 691) the Hoare annotation is: (or (not (= 1 ~systemActive~0)) (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (not (= ~pumpRunning~0 0)) (let ((.cse0 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse0) (= |old(~waterLevel~0)| ~waterLevel~0)) (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) .cse0)))) (not (< |old(~waterLevel~0)| 3))) [2022-11-19 06:50:45,303 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 617 640) no Hoare annotation was computed. [2022-11-19 06:50:45,303 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 605) no Hoare annotation was computed. [2022-11-19 06:50:45,304 INFO L895 garLoopResultBuilder]: At program point L679(lines 679 696) the Hoare annotation is: (or (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (or (and .cse0 .cse1) (and (not .cse0) (let ((.cse2 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse2) .cse1) (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) .cse2))))))) (not (= 1 ~systemActive~0)) (not (< |old(~waterLevel~0)| 3))) [2022-11-19 06:50:45,304 INFO L902 garLoopResultBuilder]: At program point isMethaneLevelCriticalENTRY(lines 462 470) the Hoare annotation is: true [2022-11-19 06:50:45,304 INFO L899 garLoopResultBuilder]: For program point isMethaneLevelCriticalEXIT(lines 462 470) no Hoare annotation was computed. [2022-11-19 06:50:45,304 INFO L895 garLoopResultBuilder]: At program point L886(lines 839 887) the Hoare annotation is: false [2022-11-19 06:50:45,304 INFO L895 garLoopResultBuilder]: At program point L977(lines 977 984) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1) (= |ULTIMATE.start_main_~tmp~10#1| 1)) [2022-11-19 06:50:45,304 INFO L902 garLoopResultBuilder]: At program point L977-2(lines 977 984) the Hoare annotation is: true [2022-11-19 06:50:45,305 INFO L899 garLoopResultBuilder]: For program point L841(lines 840 885) no Hoare annotation was computed. [2022-11-19 06:50:45,305 INFO L895 garLoopResultBuilder]: At program point L862(line 862) the Hoare annotation is: (let ((.cse6 (or (not (= |old(~methaneLevelCritical~0)| 0)) (= ~methaneLevelCritical~0 1))) (.cse4 (not (= 0 ~systemActive~0))) (.cse5 (or (not (= ~pumpRunning~0 0)) (<= 2 ~waterLevel~0))) (.cse0 (= ~methaneLevelCritical~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~10#1| ~systemActive~0)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= 2 ~waterLevel~0) .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse6 (<= ~waterLevel~0 1) .cse1 .cse2 .cse3) (and .cse6 .cse1 .cse2 .cse3 (< ~waterLevel~0 3) .cse4 .cse5) (and .cse0 .cse1 .cse2 .cse3 (< ~waterLevel~0 2)))) [2022-11-19 06:50:45,305 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-19 06:50:45,306 INFO L895 garLoopResultBuilder]: At program point L883(lines 840 885) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_main_~tmp~10#1| ~systemActive~0)) (.cse2 (= ~methaneLevelCritical~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (< ~waterLevel~0 3))) (or (and (or (not (= |old(~methaneLevelCritical~0)| 0)) (= ~methaneLevelCritical~0 1)) .cse0 .cse1 (not .cse2) .cse3 .cse4) (and .cse2 .cse0 .cse1 .cse3 (< ~waterLevel~0 2)) (and .cse2 .cse1 .cse3 .cse4 (= |ULTIMATE.start_main_~tmp~10#1| 1) (= ~pumpRunning~0 1)))) [2022-11-19 06:50:45,306 INFO L899 garLoopResultBuilder]: For program point L850(lines 850 856) no Hoare annotation was computed. [2022-11-19 06:50:45,306 INFO L899 garLoopResultBuilder]: For program point L850-1(lines 850 856) no Hoare annotation was computed. [2022-11-19 06:50:45,306 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-19 06:50:45,306 INFO L895 garLoopResultBuilder]: At program point L876-2(lines 870 881) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_main_~tmp~10#1| ~systemActive~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (< ~waterLevel~0 3))) (or (and (= ~methaneLevelCritical~0 0) .cse0 .cse1 .cse2 .cse3) (and (or (not (= |old(~methaneLevelCritical~0)| 0)) (= ~methaneLevelCritical~0 1)) .cse0 .cse1 .cse2 .cse3))) [2022-11-19 06:50:45,306 INFO L899 garLoopResultBuilder]: For program point L860(lines 860 866) no Hoare annotation was computed. [2022-11-19 06:50:45,307 INFO L899 garLoopResultBuilder]: For program point L860-1(lines 860 866) no Hoare annotation was computed. [2022-11-19 06:50:45,307 INFO L902 garLoopResultBuilder]: At program point L889(lines 830 893) the Hoare annotation is: true [2022-11-19 06:50:45,307 INFO L895 garLoopResultBuilder]: At program point L852(line 852) the Hoare annotation is: (let ((.cse1 (= |ULTIMATE.start_main_~tmp~10#1| ~systemActive~0)) (.cse4 (= 1 ~systemActive~0)) (.cse0 (= ~methaneLevelCritical~0 0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse5 (< ~waterLevel~0 3)) (.cse3 (not (= 0 ~systemActive~0)))) (or (and (= 2 ~waterLevel~0) .cse0 .cse1 .cse2 (= |ULTIMATE.start_main_~tmp~10#1| 1) .cse3 (= ~pumpRunning~0 1)) (and .cse0 (or (= ~pumpRunning~0 0) (< ~waterLevel~0 2)) .cse1 .cse4 .cse2 .cse5 .cse3) (and (or (not (= |old(~methaneLevelCritical~0)| 0)) (= ~methaneLevelCritical~0 1)) .cse1 .cse4 (not .cse0) .cse2 .cse5 .cse3))) [2022-11-19 06:50:45,307 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 649 673) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (< ~waterLevel~0 2))) (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) .cse0 (not (< ~waterLevel~0 3))))) [2022-11-19 06:50:45,307 INFO L895 garLoopResultBuilder]: At program point L663(line 663) the Hoare annotation is: (let ((.cse3 (= |old(~pumpRunning~0)| 0))) (let ((.cse1 (not (< ~waterLevel~0 3))) (.cse2 (and (not .cse3) (not (= ~waterLevel~0 0)))) (.cse0 (not (= 1 ~systemActive~0)))) (and (or .cse0 (not (<= 2 ~waterLevel~0)) .cse1 .cse2) (or .cse0 (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~4#1| 0)) .cse1 .cse2) (or .cse0 .cse3 (not (<= ~waterLevel~0 1)))))) [2022-11-19 06:50:45,308 INFO L899 garLoopResultBuilder]: For program point L657(lines 657 665) no Hoare annotation was computed. [2022-11-19 06:50:45,308 INFO L895 garLoopResultBuilder]: At program point L653(lines 653 670) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (< ~waterLevel~0 2))) (or (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) .cse0 (not (< ~waterLevel~0 3))))) [2022-11-19 06:50:45,308 INFO L895 garLoopResultBuilder]: At program point L668(line 668) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse0 (not (< ~waterLevel~0 2))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (not (< ~waterLevel~0 3))))) [2022-11-19 06:50:45,308 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 649 673) no Hoare annotation was computed. [2022-11-19 06:50:45,308 INFO L899 garLoopResultBuilder]: For program point L668-1(lines 649 673) no Hoare annotation was computed. [2022-11-19 06:50:45,309 INFO L895 garLoopResultBuilder]: At program point L739(line 739) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~4#1| 1)) (not (< ~waterLevel~0 3))) (or .cse0 (not (<= ~waterLevel~0 1))))) [2022-11-19 06:50:45,309 INFO L895 garLoopResultBuilder]: At program point L739-1(line 739) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0)))) (and (or .cse0 (not (<= ~waterLevel~0 1))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_isMethaneAlarm_#t~ret39#1| ~methaneLevelCritical~0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~4#1| 1)) (not (= 2 ~waterLevel~0))))) [2022-11-19 06:50:45,309 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 438 449) no Hoare annotation was computed. [2022-11-19 06:50:45,309 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 438 449) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse2 (not (< |old(~waterLevel~0)| 3)))) (and (or (= ~methaneLevelCritical~0 0) .cse0 (not (= |old(~waterLevel~0)| 2)) .cse1) (or .cse0 (not (< |old(~waterLevel~0)| 2)) .cse1) (or (not (= ~pumpRunning~0 0)) .cse0 .cse1 .cse2) (or .cse0 (not (= ~pumpRunning~0 1)) .cse1 .cse2))) [2022-11-19 06:50:45,312 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-19 06:50:45,315 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-19 06:50:45,351 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 19.11 06:50:45 BoogieIcfgContainer [2022-11-19 06:50:45,367 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-19 06:50:45,367 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-19 06:50:45,368 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-19 06:50:45,368 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-19 06:50:45,368 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 19.11 06:49:13" (3/4) ... [2022-11-19 06:50:45,371 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-19 06:50:45,379 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-19 06:50:45,379 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-19 06:50:45,379 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-19 06:50:45,379 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-19 06:50:45,380 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2022-11-19 06:50:45,380 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-19 06:50:45,380 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-19 06:50:45,387 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 51 nodes and edges [2022-11-19 06:50:45,390 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 12 nodes and edges [2022-11-19 06:50:45,391 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 6 nodes and edges [2022-11-19 06:50:45,391 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-19 06:50:45,392 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-19 06:50:45,417 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(methaneLevelCritical) == 0) || methaneLevelCritical == 1) && tmp == systemActive) && 1 == systemActive) && !(methaneLevelCritical == 0)) && splverifierCounter == 0) && waterLevel < 3) || ((((methaneLevelCritical == 0 && tmp == systemActive) && 1 == systemActive) && splverifierCounter == 0) && waterLevel < 2)) || (((((methaneLevelCritical == 0 && 1 == systemActive) && splverifierCounter == 0) && waterLevel < 3) && tmp == 1) && pumpRunning == 1) [2022-11-19 06:50:45,418 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(1 == systemActive) || (pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) < 3) [2022-11-19 06:50:45,419 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((pumpRunning == \old(pumpRunning) && ((pumpRunning == 0 && \old(waterLevel) == waterLevel) || (!(pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))))) || !(1 == systemActive)) || !(\old(waterLevel) < 3) [2022-11-19 06:50:45,420 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(1 == systemActive) || (!(\old(pumpRunning) == 0) && waterLevel == 1)) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || (!(\old(pumpRunning) == 0) && waterLevel == 1)) || !(\old(waterLevel) == 2)) || pumpRunning == 1)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || \old(waterLevel) == waterLevel)) && ((((!(1 == systemActive) || (pumpRunning == \old(pumpRunning) && waterLevel <= \old(waterLevel))) || (2 <= waterLevel && \old(waterLevel) == waterLevel)) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) || !(\old(waterLevel) < 3))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || waterLevel < 2) || !(\old(waterLevel) < 3)) [2022-11-19 06:50:45,420 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((pumpRunning == \old(pumpRunning) || !(1 == systemActive)) || !(waterLevel < 2)) && (((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(waterLevel < 3)) [2022-11-19 06:50:45,421 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((methaneLevelCritical == tmp && !(\old(pumpRunning) == 0)) && pumpRunning == 0) || !(1 == systemActive)) || ((methaneLevelCritical == tmp && pumpRunning == \old(pumpRunning)) && !(pumpRunning == 0))) || (methaneLevelCritical == tmp && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) < 3)) && (((!(1 == systemActive) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel) || waterLevel == 1)) && (((!(1 == systemActive) || !(\old(waterLevel) < 2)) || (pumpRunning == \old(pumpRunning) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel)))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || waterLevel == 1)) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || waterLevel == 1) || pumpRunning == 1) [2022-11-19 06:50:45,422 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0)) || tmp___0 <= 1) && (((!(1 == systemActive) || (!(\old(pumpRunning) == 0) && waterLevel == 1)) || (methaneLevelCritical == tmp && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || \old(waterLevel) == waterLevel)) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || waterLevel == 1)) && ((((!(1 == systemActive) || (2 <= waterLevel && \old(waterLevel) == waterLevel)) || ((methaneLevelCritical == tmp && pumpRunning == 0) && waterLevel <= \old(waterLevel))) || ((methaneLevelCritical == tmp && pumpRunning == \old(pumpRunning)) && waterLevel <= \old(waterLevel))) || !(\old(waterLevel) < 3))) && (((((tmp___0 <= 1 && waterLevel < 2) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || (\old(waterLevel) == waterLevel && pumpRunning == 1)) || !(\old(waterLevel) < 3)) [2022-11-19 06:50:45,422 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(1 == systemActive) || !(waterLevel <= 1)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && aux-isMethaneLevelCritical()-aux == methaneLevelCritical) && tmp == 1)) || !(2 == waterLevel)) [2022-11-19 06:50:45,422 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((methaneLevelCritical == tmp && pumpRunning == 1) || !(1 == systemActive)) || !(\old(waterLevel) == 2)) || waterLevel == 1) && (((((((((methaneLevelCritical == tmp && pumpRunning == \old(pumpRunning)) && !(pumpRunning == 0)) && tmp___0 <= 1) && waterLevel <= \old(waterLevel)) || ((((methaneLevelCritical == tmp && !(\old(pumpRunning) == 0)) && pumpRunning == 0) && tmp___0 <= 1) && waterLevel <= \old(waterLevel))) || !(1 == systemActive)) || (\old(pumpRunning) == 0 && !(2 <= \old(waterLevel)))) || (2 <= waterLevel && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) < 3))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || waterLevel == 1)) && ((methaneLevelCritical == 0 || !(1 == systemActive)) || !(\old(waterLevel) == 2))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || (((methaneLevelCritical == tmp && pumpRunning == 0) && tmp___0 <= 1) && \old(waterLevel) == waterLevel))) && ((methaneLevelCritical == 0 || !(1 == systemActive)) || !(\old(waterLevel) < 2)) [2022-11-19 06:50:45,423 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (!(1 == systemActive) || ((pumpRunning == \old(pumpRunning) && !(pumpRunning == 0)) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))))) || !(\old(waterLevel) < 3) [2022-11-19 06:50:45,425 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: !(1 == systemActive) || !(\old(waterLevel) < 3) [2022-11-19 06:50:45,475 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/witness.graphml [2022-11-19 06:50:45,476 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-19 06:50:45,476 INFO L158 Benchmark]: Toolchain (without parser) took 92940.79ms. Allocated memory was 142.6MB in the beginning and 1.7GB in the end (delta: 1.6GB). Free memory was 108.9MB in the beginning and 1.5GB in the end (delta: -1.4GB). Peak memory consumption was 172.6MB. Max. memory is 16.1GB. [2022-11-19 06:50:45,477 INFO L158 Benchmark]: CDTParser took 0.25ms. Allocated memory is still 83.9MB. Free memory was 40.2MB in the beginning and 40.1MB in the end (delta: 40.8kB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-19 06:50:45,477 INFO L158 Benchmark]: CACSL2BoogieTranslator took 494.81ms. Allocated memory is still 142.6MB. Free memory was 108.5MB in the beginning and 110.7MB in the end (delta: -2.2MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2022-11-19 06:50:45,478 INFO L158 Benchmark]: Boogie Procedure Inliner took 73.14ms. Allocated memory is still 142.6MB. Free memory was 110.7MB in the beginning and 108.6MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-19 06:50:45,478 INFO L158 Benchmark]: Boogie Preprocessor took 63.90ms. Allocated memory is still 142.6MB. Free memory was 108.6MB in the beginning and 106.9MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-19 06:50:45,479 INFO L158 Benchmark]: RCFGBuilder took 682.70ms. Allocated memory is still 142.6MB. Free memory was 106.9MB in the beginning and 80.4MB in the end (delta: 26.5MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. [2022-11-19 06:50:45,479 INFO L158 Benchmark]: TraceAbstraction took 91506.32ms. Allocated memory was 142.6MB in the beginning and 1.7GB in the end (delta: 1.6GB). Free memory was 79.7MB in the beginning and 1.5GB in the end (delta: -1.4GB). Peak memory consumption was 1.0GB. Max. memory is 16.1GB. [2022-11-19 06:50:45,480 INFO L158 Benchmark]: Witness Printer took 108.47ms. Allocated memory is still 1.7GB. Free memory was 1.5GB in the beginning and 1.5GB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-11-19 06:50:45,487 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.25ms. Allocated memory is still 83.9MB. Free memory was 40.2MB in the beginning and 40.1MB in the end (delta: 40.8kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 494.81ms. Allocated memory is still 142.6MB. Free memory was 108.5MB in the beginning and 110.7MB in the end (delta: -2.2MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 73.14ms. Allocated memory is still 142.6MB. Free memory was 110.7MB in the beginning and 108.6MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 63.90ms. Allocated memory is still 142.6MB. Free memory was 108.6MB in the beginning and 106.9MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 682.70ms. Allocated memory is still 142.6MB. Free memory was 106.9MB in the beginning and 80.4MB in the end (delta: 26.5MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. * TraceAbstraction took 91506.32ms. Allocated memory was 142.6MB in the beginning and 1.7GB in the end (delta: 1.6GB). Free memory was 79.7MB in the beginning and 1.5GB in the end (delta: -1.4GB). Peak memory consumption was 1.0GB. Max. memory is 16.1GB. * Witness Printer took 108.47ms. Allocated memory is still 1.7GB. Free memory was 1.5GB in the beginning and 1.5GB in the end (delta: 5.2MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 605]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 58 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 91.4s, OverallIterations: 13, TraceHistogramMax: 4, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 16.3s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 35.8s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 3300 SdHoareTripleChecker+Valid, 5.6s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 3268 mSDsluCounter, 4136 SdHoareTripleChecker+Invalid, 4.6s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3199 mSDsCounter, 1861 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 6716 IncrementalHoareTripleChecker+Invalid, 8577 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 1861 mSolverCounterUnsat, 937 mSDtfsCounter, 6716 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 793 GetRequests, 445 SyntacticMatches, 11 SemanticMatches, 337 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 11034 ImplicationChecksByTransitivity, 26.9s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=7976occurred in iteration=9, InterpolantAutomatonStates: 247, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 5.2s AutomataMinimizationTime, 13 MinimizatonAttempts, 1733 StatesRemovedByMinimization, 9 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 35 LocationsWithAnnotation, 23133 PreInvPairs, 24595 NumberOfFragments, 1368 HoareAnnotationTreeSize, 23133 FomulaSimplifications, 160952 FormulaSimplificationTreeSizeReduction, 10.8s HoareSimplificationTime, 35 FomulaSimplificationsInter, 338509 FormulaSimplificationTreeSizeReductionInter, 24.4s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.4s SatisfiabilityAnalysisTime, 4.9s InterpolantComputationTime, 825 NumberOfCodeBlocks, 825 NumberOfCodeBlocksAsserted, 18 NumberOfCheckSat, 895 ConstructedInterpolants, 0 QuantifiedInterpolants, 2592 SizeOfPredicates, 44 NumberOfNonLiveVariables, 1451 ConjunctsInSsa, 114 ConjunctsInUnsatCore, 20 InterpolantComputations, 11 PerfectInterpolantSequences, 238/282 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 683]: Loop Invariant Derived loop invariant: (!(1 == systemActive) || ((pumpRunning == \old(pumpRunning) && !(pumpRunning == 0)) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))))) || !(\old(waterLevel) < 3) - InvariantResult [Line: 977]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive) && waterLevel == 1) && tmp == 1 - InvariantResult [Line: 582]: Loop Invariant Derived loop invariant: ((((((((methaneLevelCritical == tmp && pumpRunning == 1) || !(1 == systemActive)) || !(\old(waterLevel) == 2)) || waterLevel == 1) && (((((((((methaneLevelCritical == tmp && pumpRunning == \old(pumpRunning)) && !(pumpRunning == 0)) && tmp___0 <= 1) && waterLevel <= \old(waterLevel)) || ((((methaneLevelCritical == tmp && !(\old(pumpRunning) == 0)) && pumpRunning == 0) && tmp___0 <= 1) && waterLevel <= \old(waterLevel))) || !(1 == systemActive)) || (\old(pumpRunning) == 0 && !(2 <= \old(waterLevel)))) || (2 <= waterLevel && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) < 3))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || waterLevel == 1)) && ((methaneLevelCritical == 0 || !(1 == systemActive)) || !(\old(waterLevel) == 2))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || (((methaneLevelCritical == tmp && pumpRunning == 0) && tmp___0 <= 1) && \old(waterLevel) == waterLevel))) && ((methaneLevelCritical == 0 || !(1 == systemActive)) || !(\old(waterLevel) < 2)) - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 977]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 567]: Loop Invariant Derived loop invariant: (((((((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0)) || tmp___0 <= 1) && (((!(1 == systemActive) || (!(\old(pumpRunning) == 0) && waterLevel == 1)) || (methaneLevelCritical == tmp && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || \old(waterLevel) == waterLevel)) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || waterLevel == 1)) && ((((!(1 == systemActive) || (2 <= waterLevel && \old(waterLevel) == waterLevel)) || ((methaneLevelCritical == tmp && pumpRunning == 0) && waterLevel <= \old(waterLevel))) || ((methaneLevelCritical == tmp && pumpRunning == \old(pumpRunning)) && waterLevel <= \old(waterLevel))) || !(\old(waterLevel) < 3))) && (((((tmp___0 <= 1 && waterLevel < 2) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || (\old(waterLevel) == waterLevel && pumpRunning == 1)) || !(\old(waterLevel) < 3)) - InvariantResult [Line: 906]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 840]: Loop Invariant Derived loop invariant: (((((((!(\old(methaneLevelCritical) == 0) || methaneLevelCritical == 1) && tmp == systemActive) && 1 == systemActive) && !(methaneLevelCritical == 0)) && splverifierCounter == 0) && waterLevel < 3) || ((((methaneLevelCritical == 0 && tmp == systemActive) && 1 == systemActive) && splverifierCounter == 0) && waterLevel < 2)) || (((((methaneLevelCritical == 0 && 1 == systemActive) && splverifierCounter == 0) && waterLevel < 3) && tmp == 1) && pumpRunning == 1) - InvariantResult [Line: 896]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 617]: Loop Invariant Derived loop invariant: (!(1 == systemActive) || (pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) < 3) - InvariantResult [Line: 576]: Loop Invariant Derived loop invariant: (((((((((methaneLevelCritical == tmp && !(\old(pumpRunning) == 0)) && pumpRunning == 0) || !(1 == systemActive)) || ((methaneLevelCritical == tmp && pumpRunning == \old(pumpRunning)) && !(pumpRunning == 0))) || (methaneLevelCritical == tmp && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) < 3)) && (((!(1 == systemActive) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel) || waterLevel == 1)) && (((!(1 == systemActive) || !(\old(waterLevel) < 2)) || (pumpRunning == \old(pumpRunning) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel)))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || waterLevel == 1)) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || waterLevel == 1) || pumpRunning == 1) - InvariantResult [Line: 830]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 739]: Loop Invariant Derived loop invariant: (!(1 == systemActive) || !(waterLevel <= 1)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && aux-isMethaneLevelCritical()-aux == methaneLevelCritical) && tmp == 1)) || !(2 == waterLevel)) - InvariantResult [Line: 679]: Loop Invariant Derived loop invariant: ((pumpRunning == \old(pumpRunning) && ((pumpRunning == 0 && \old(waterLevel) == waterLevel) || (!(pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))))) || !(1 == systemActive)) || !(\old(waterLevel) < 3) - InvariantResult [Line: 605]: Loop Invariant Derived loop invariant: !(1 == systemActive) || !(\old(waterLevel) < 3) - InvariantResult [Line: 839]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 675]: Loop Invariant Derived loop invariant: ((((((!(1 == systemActive) || (!(\old(pumpRunning) == 0) && waterLevel == 1)) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || (!(\old(pumpRunning) == 0) && waterLevel == 1)) || !(\old(waterLevel) == 2)) || pumpRunning == 1)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || \old(waterLevel) == waterLevel)) && ((((!(1 == systemActive) || (pumpRunning == \old(pumpRunning) && waterLevel <= \old(waterLevel))) || (2 <= waterLevel && \old(waterLevel) == waterLevel)) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) || !(\old(waterLevel) < 3))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || waterLevel < 2) || !(\old(waterLevel) < 3)) - InvariantResult [Line: 653]: Loop Invariant Derived loop invariant: ((pumpRunning == \old(pumpRunning) || !(1 == systemActive)) || !(waterLevel < 2)) && (((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(waterLevel < 3)) RESULT: Ultimate proved your program to be correct! [2022-11-19 06:50:45,538 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_97f67730-c720-4fcc-8b51-fae3da69e04b/bin/utaipan-I9t0OCRTmS/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE