./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec1_product60.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 6b4ec56b Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec1_product60.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9 --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 0fa225959be52b1defd5d055d32ae3a8dd944c37a01adb589e2f547028e60f67 --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-6b4ec56 [2022-11-20 20:52:11,690 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-20 20:52:11,692 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-20 20:52:11,715 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-20 20:52:11,716 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-20 20:52:11,717 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-20 20:52:11,719 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-20 20:52:11,721 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-20 20:52:11,723 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-20 20:52:11,724 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-20 20:52:11,725 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-20 20:52:11,726 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-20 20:52:11,727 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-20 20:52:11,728 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-20 20:52:11,729 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-20 20:52:11,730 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-20 20:52:11,731 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-20 20:52:11,732 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-20 20:52:11,734 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-20 20:52:11,737 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-20 20:52:11,738 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-20 20:52:11,740 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-20 20:52:11,741 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-20 20:52:11,743 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-20 20:52:11,746 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-20 20:52:11,747 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-20 20:52:11,747 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-20 20:52:11,748 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-20 20:52:11,749 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-20 20:52:11,750 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-20 20:52:11,750 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-20 20:52:11,751 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-20 20:52:11,752 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-20 20:52:11,753 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-20 20:52:11,755 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-20 20:52:11,755 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-20 20:52:11,756 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-20 20:52:11,756 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-20 20:52:11,757 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-20 20:52:11,758 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-20 20:52:11,759 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-20 20:52:11,760 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-20 20:52:11,790 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-20 20:52:11,790 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-20 20:52:11,791 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-20 20:52:11,791 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-20 20:52:11,792 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-20 20:52:11,792 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-20 20:52:11,792 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-20 20:52:11,792 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-20 20:52:11,793 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-20 20:52:11,793 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-20 20:52:11,793 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-20 20:52:11,793 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-20 20:52:11,794 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-20 20:52:11,794 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-20 20:52:11,794 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-20 20:52:11,794 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-20 20:52:11,795 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-20 20:52:11,795 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-20 20:52:11,796 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-20 20:52:11,796 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-20 20:52:11,796 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-20 20:52:11,797 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-20 20:52:11,797 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-20 20:52:11,797 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-20 20:52:11,797 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-20 20:52:11,798 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-20 20:52:11,798 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-20 20:52:11,798 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-20 20:52:11,798 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-20 20:52:11,798 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-20 20:52:11,805 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-20 20:52:11,806 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-20 20:52:11,806 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-20 20:52:11,806 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-20 20:52:11,806 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-20 20:52:11,806 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-20 20:52:11,807 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-20 20:52:11,808 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-20 20:52:11,808 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-20 20:52:11,808 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-20 20:52:11,808 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-20 20:52:11,808 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9 Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 0fa225959be52b1defd5d055d32ae3a8dd944c37a01adb589e2f547028e60f67 [2022-11-20 20:52:12,158 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-20 20:52:12,182 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-20 20:52:12,186 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-20 20:52:12,187 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-20 20:52:12,188 INFO L275 PluginConnector]: CDTParser initialized [2022-11-20 20:52:12,189 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/../../sv-benchmarks/c/product-lines/minepump_spec1_product60.cil.c [2022-11-20 20:52:15,317 INFO L500 CDTParser]: Created temporary CDT project at NULL [2022-11-20 20:52:15,638 INFO L351 CDTParser]: Found 1 translation units. [2022-11-20 20:52:15,638 INFO L172 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/sv-benchmarks/c/product-lines/minepump_spec1_product60.cil.c [2022-11-20 20:52:15,651 INFO L394 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/data/4aa805ffd/7c912c19b57c4f77a80c93a81a2068dc/FLAGb617a47e8 [2022-11-20 20:52:15,667 INFO L402 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/data/4aa805ffd/7c912c19b57c4f77a80c93a81a2068dc [2022-11-20 20:52:15,670 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-20 20:52:15,672 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-20 20:52:15,673 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-20 20:52:15,673 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-20 20:52:15,677 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-20 20:52:15,679 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.11 08:52:15" (1/1) ... [2022-11-20 20:52:15,680 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@1fe8bcba and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:52:15, skipping insertion in model container [2022-11-20 20:52:15,681 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 20.11 08:52:15" (1/1) ... [2022-11-20 20:52:15,689 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-20 20:52:15,731 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-20 20:52:16,084 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/sv-benchmarks/c/product-lines/minepump_spec1_product60.cil.c[14569,14582] [2022-11-20 20:52:16,108 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-20 20:52:16,120 INFO L203 MainTranslator]: Completed pre-run [2022-11-20 20:52:16,180 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/sv-benchmarks/c/product-lines/minepump_spec1_product60.cil.c[14569,14582] [2022-11-20 20:52:16,193 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-20 20:52:16,211 INFO L208 MainTranslator]: Completed translation [2022-11-20 20:52:16,212 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:52:16 WrapperNode [2022-11-20 20:52:16,212 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-20 20:52:16,213 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-20 20:52:16,214 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-20 20:52:16,214 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-20 20:52:16,221 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:52:16" (1/1) ... [2022-11-20 20:52:16,235 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:52:16" (1/1) ... [2022-11-20 20:52:16,262 INFO L138 Inliner]: procedures = 58, calls = 103, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 218 [2022-11-20 20:52:16,263 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-20 20:52:16,263 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-20 20:52:16,264 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-20 20:52:16,264 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-20 20:52:16,274 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:52:16" (1/1) ... [2022-11-20 20:52:16,275 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:52:16" (1/1) ... [2022-11-20 20:52:16,288 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:52:16" (1/1) ... [2022-11-20 20:52:16,289 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:52:16" (1/1) ... [2022-11-20 20:52:16,301 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:52:16" (1/1) ... [2022-11-20 20:52:16,320 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:52:16" (1/1) ... [2022-11-20 20:52:16,321 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:52:16" (1/1) ... [2022-11-20 20:52:16,323 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:52:16" (1/1) ... [2022-11-20 20:52:16,325 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-20 20:52:16,326 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-20 20:52:16,327 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-20 20:52:16,327 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-20 20:52:16,333 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:52:16" (1/1) ... [2022-11-20 20:52:16,340 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-20 20:52:16,355 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 [2022-11-20 20:52:16,368 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-20 20:52:16,378 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-20 20:52:16,418 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-20 20:52:16,419 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-20 20:52:16,419 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-20 20:52:16,419 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-11-20 20:52:16,419 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-11-20 20:52:16,419 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-20 20:52:16,420 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-20 20:52:16,420 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-20 20:52:16,421 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-20 20:52:16,421 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-20 20:52:16,421 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-20 20:52:16,422 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-20 20:52:16,422 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-20 20:52:16,422 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-11-20 20:52:16,422 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-11-20 20:52:16,423 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-20 20:52:16,423 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-20 20:52:16,424 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-20 20:52:16,424 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-20 20:52:16,424 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-20 20:52:16,520 INFO L235 CfgBuilder]: Building ICFG [2022-11-20 20:52:16,522 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-20 20:52:16,905 INFO L276 CfgBuilder]: Performing block encoding [2022-11-20 20:52:17,119 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-20 20:52:17,134 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-20 20:52:17,138 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.11 08:52:17 BoogieIcfgContainer [2022-11-20 20:52:17,138 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-20 20:52:17,141 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-20 20:52:17,141 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-20 20:52:17,145 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-20 20:52:17,145 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 20.11 08:52:15" (1/3) ... [2022-11-20 20:52:17,148 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2bf4df6e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.11 08:52:17, skipping insertion in model container [2022-11-20 20:52:17,148 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 20.11 08:52:16" (2/3) ... [2022-11-20 20:52:17,150 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@2bf4df6e and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 20.11 08:52:17, skipping insertion in model container [2022-11-20 20:52:17,151 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.11 08:52:17" (3/3) ... [2022-11-20 20:52:17,153 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec1_product60.cil.c [2022-11-20 20:52:17,175 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-20 20:52:17,175 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-20 20:52:17,257 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-20 20:52:17,264 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@4be970e, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-20 20:52:17,265 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-20 20:52:17,270 INFO L276 IsEmpty]: Start isEmpty. Operand has 65 states, 41 states have (on average 1.4390243902439024) internal successors, (59), 50 states have internal predecessors, (59), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) [2022-11-20 20:52:17,280 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 17 [2022-11-20 20:52:17,281 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 20:52:17,281 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 20:52:17,282 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 20:52:17,288 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 20:52:17,289 INFO L85 PathProgramCache]: Analyzing trace with hash 748246382, now seen corresponding path program 1 times [2022-11-20 20:52:17,300 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-20 20:52:17,301 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1338044144] [2022-11-20 20:52:17,301 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:52:17,302 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 20:52:17,406 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:52:17,476 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-20 20:52:17,477 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-20 20:52:17,478 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1338044144] [2022-11-20 20:52:17,478 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1338044144] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 20:52:17,479 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 20:52:17,479 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-20 20:52:17,481 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [826664170] [2022-11-20 20:52:17,482 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 20:52:17,486 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-20 20:52:17,487 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-20 20:52:17,517 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-20 20:52:17,519 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-20 20:52:17,522 INFO L87 Difference]: Start difference. First operand has 65 states, 41 states have (on average 1.4390243902439024) internal successors, (59), 50 states have internal predecessors, (59), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 6.0) internal successors, (12), 2 states have internal predecessors, (12), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-20 20:52:17,657 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 20:52:17,659 INFO L93 Difference]: Finished difference Result 128 states and 175 transitions. [2022-11-20 20:52:17,660 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-20 20:52:17,662 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 6.0) internal successors, (12), 2 states have internal predecessors, (12), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 16 [2022-11-20 20:52:17,662 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 20:52:17,674 INFO L225 Difference]: With dead ends: 128 [2022-11-20 20:52:17,674 INFO L226 Difference]: Without dead ends: 60 [2022-11-20 20:52:17,681 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-20 20:52:17,688 INFO L413 NwaCegarLoop]: 66 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 66 SdHoareTripleChecker+Invalid, 19 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-20 20:52:17,689 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 66 Invalid, 19 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-20 20:52:17,709 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 60 states. [2022-11-20 20:52:17,748 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 60 to 60. [2022-11-20 20:52:17,750 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 60 states, 38 states have (on average 1.3421052631578947) internal successors, (51), 46 states have internal predecessors, (51), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2022-11-20 20:52:17,759 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 60 states to 60 states and 78 transitions. [2022-11-20 20:52:17,763 INFO L78 Accepts]: Start accepts. Automaton has 60 states and 78 transitions. Word has length 16 [2022-11-20 20:52:17,763 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 20:52:17,764 INFO L495 AbstractCegarLoop]: Abstraction has 60 states and 78 transitions. [2022-11-20 20:52:17,764 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 6.0) internal successors, (12), 2 states have internal predecessors, (12), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-20 20:52:17,765 INFO L276 IsEmpty]: Start isEmpty. Operand 60 states and 78 transitions. [2022-11-20 20:52:17,769 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2022-11-20 20:52:17,770 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 20:52:17,770 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 20:52:17,771 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-20 20:52:17,771 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 20:52:17,773 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 20:52:17,774 INFO L85 PathProgramCache]: Analyzing trace with hash -744299753, now seen corresponding path program 1 times [2022-11-20 20:52:17,774 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-20 20:52:17,775 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1419671517] [2022-11-20 20:52:17,775 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:52:17,775 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 20:52:17,816 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:52:17,896 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-20 20:52:17,897 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-20 20:52:17,897 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1419671517] [2022-11-20 20:52:17,897 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1419671517] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 20:52:17,897 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 20:52:17,898 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-20 20:52:17,898 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1719985643] [2022-11-20 20:52:17,898 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 20:52:17,900 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-20 20:52:17,900 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-20 20:52:17,901 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-20 20:52:17,901 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-20 20:52:17,902 INFO L87 Difference]: Start difference. First operand 60 states and 78 transitions. Second operand has 3 states, 3 states have (on average 4.333333333333333) internal successors, (13), 3 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-20 20:52:17,951 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 20:52:17,951 INFO L93 Difference]: Finished difference Result 92 states and 118 transitions. [2022-11-20 20:52:17,952 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-20 20:52:17,952 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 4.333333333333333) internal successors, (13), 3 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 17 [2022-11-20 20:52:17,953 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 20:52:17,954 INFO L225 Difference]: With dead ends: 92 [2022-11-20 20:52:17,954 INFO L226 Difference]: Without dead ends: 52 [2022-11-20 20:52:17,955 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-20 20:52:17,956 INFO L413 NwaCegarLoop]: 52 mSDtfsCounter, 14 mSDsluCounter, 36 mSDsCounter, 0 mSdLazyCounter, 26 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 18 SdHoareTripleChecker+Valid, 88 SdHoareTripleChecker+Invalid, 26 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 26 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-20 20:52:17,957 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [18 Valid, 88 Invalid, 26 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 26 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-20 20:52:17,958 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 52 states. [2022-11-20 20:52:17,964 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 52 to 52. [2022-11-20 20:52:17,965 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 52 states, 33 states have (on average 1.3636363636363635) internal successors, (45), 41 states have internal predecessors, (45), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 8 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-20 20:52:17,966 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 52 states to 52 states and 67 transitions. [2022-11-20 20:52:17,967 INFO L78 Accepts]: Start accepts. Automaton has 52 states and 67 transitions. Word has length 17 [2022-11-20 20:52:17,967 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 20:52:17,967 INFO L495 AbstractCegarLoop]: Abstraction has 52 states and 67 transitions. [2022-11-20 20:52:17,967 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 4.333333333333333) internal successors, (13), 3 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-20 20:52:17,968 INFO L276 IsEmpty]: Start isEmpty. Operand 52 states and 67 transitions. [2022-11-20 20:52:17,969 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2022-11-20 20:52:17,969 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 20:52:17,969 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 20:52:17,970 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-20 20:52:17,970 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 20:52:17,971 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 20:52:17,971 INFO L85 PathProgramCache]: Analyzing trace with hash 2002296916, now seen corresponding path program 1 times [2022-11-20 20:52:17,971 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-20 20:52:17,972 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [277829362] [2022-11-20 20:52:17,972 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:52:17,972 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 20:52:17,993 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:52:18,130 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-20 20:52:18,131 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-20 20:52:18,131 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [277829362] [2022-11-20 20:52:18,131 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [277829362] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 20:52:18,132 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 20:52:18,132 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-20 20:52:18,132 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [997924842] [2022-11-20 20:52:18,132 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 20:52:18,133 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-20 20:52:18,133 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-20 20:52:18,134 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-20 20:52:18,134 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-20 20:52:18,134 INFO L87 Difference]: Start difference. First operand 52 states and 67 transitions. Second operand has 4 states, 4 states have (on average 4.25) internal successors, (17), 4 states have internal predecessors, (17), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-20 20:52:18,252 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 20:52:18,252 INFO L93 Difference]: Finished difference Result 135 states and 174 transitions. [2022-11-20 20:52:18,253 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-20 20:52:18,253 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 4.25) internal successors, (17), 4 states have internal predecessors, (17), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 20 [2022-11-20 20:52:18,253 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 20:52:18,255 INFO L225 Difference]: With dead ends: 135 [2022-11-20 20:52:18,255 INFO L226 Difference]: Without dead ends: 85 [2022-11-20 20:52:18,256 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-20 20:52:18,258 INFO L413 NwaCegarLoop]: 60 mSDtfsCounter, 90 mSDsluCounter, 71 mSDsCounter, 0 mSdLazyCounter, 47 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 94 SdHoareTripleChecker+Valid, 131 SdHoareTripleChecker+Invalid, 56 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 47 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-20 20:52:18,258 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [94 Valid, 131 Invalid, 56 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 47 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-20 20:52:18,260 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 85 states. [2022-11-20 20:52:18,276 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 85 to 82. [2022-11-20 20:52:18,276 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 82 states, 53 states have (on average 1.3584905660377358) internal successors, (72), 64 states have internal predecessors, (72), 16 states have call successors, (16), 12 states have call predecessors, (16), 12 states have return successors, (17), 12 states have call predecessors, (17), 16 states have call successors, (17) [2022-11-20 20:52:18,277 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 82 states to 82 states and 105 transitions. [2022-11-20 20:52:18,278 INFO L78 Accepts]: Start accepts. Automaton has 82 states and 105 transitions. Word has length 20 [2022-11-20 20:52:18,278 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 20:52:18,278 INFO L495 AbstractCegarLoop]: Abstraction has 82 states and 105 transitions. [2022-11-20 20:52:18,279 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 4.25) internal successors, (17), 4 states have internal predecessors, (17), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-20 20:52:18,279 INFO L276 IsEmpty]: Start isEmpty. Operand 82 states and 105 transitions. [2022-11-20 20:52:18,280 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2022-11-20 20:52:18,280 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 20:52:18,281 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 20:52:18,281 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-20 20:52:18,281 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 20:52:18,282 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 20:52:18,282 INFO L85 PathProgramCache]: Analyzing trace with hash -1831391687, now seen corresponding path program 1 times [2022-11-20 20:52:18,283 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-20 20:52:18,283 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [542538064] [2022-11-20 20:52:18,283 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:52:18,283 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 20:52:18,302 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:52:18,427 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-20 20:52:18,427 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-20 20:52:18,428 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [542538064] [2022-11-20 20:52:18,428 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [542538064] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 20:52:18,428 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 20:52:18,429 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-20 20:52:18,429 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1255501290] [2022-11-20 20:52:18,429 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 20:52:18,430 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-20 20:52:18,430 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-20 20:52:18,431 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-20 20:52:18,431 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-20 20:52:18,431 INFO L87 Difference]: Start difference. First operand 82 states and 105 transitions. Second operand has 6 states, 5 states have (on average 4.0) internal successors, (20), 4 states have internal predecessors, (20), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-20 20:52:18,680 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 20:52:18,680 INFO L93 Difference]: Finished difference Result 240 states and 314 transitions. [2022-11-20 20:52:18,681 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-11-20 20:52:18,681 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.0) internal successors, (20), 4 states have internal predecessors, (20), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 23 [2022-11-20 20:52:18,682 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 20:52:18,689 INFO L225 Difference]: With dead ends: 240 [2022-11-20 20:52:18,690 INFO L226 Difference]: Without dead ends: 160 [2022-11-20 20:52:18,694 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-11-20 20:52:18,703 INFO L413 NwaCegarLoop]: 61 mSDtfsCounter, 45 mSDsluCounter, 207 mSDsCounter, 0 mSdLazyCounter, 107 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 48 SdHoareTripleChecker+Valid, 268 SdHoareTripleChecker+Invalid, 108 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 107 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-20 20:52:18,705 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [48 Valid, 268 Invalid, 108 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 107 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-20 20:52:18,707 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 160 states. [2022-11-20 20:52:18,752 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 160 to 152. [2022-11-20 20:52:18,754 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 152 states, 99 states have (on average 1.3434343434343434) internal successors, (133), 118 states have internal predecessors, (133), 30 states have call successors, (30), 22 states have call predecessors, (30), 22 states have return successors, (32), 22 states have call predecessors, (32), 30 states have call successors, (32) [2022-11-20 20:52:18,760 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 152 states to 152 states and 195 transitions. [2022-11-20 20:52:18,761 INFO L78 Accepts]: Start accepts. Automaton has 152 states and 195 transitions. Word has length 23 [2022-11-20 20:52:18,761 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 20:52:18,762 INFO L495 AbstractCegarLoop]: Abstraction has 152 states and 195 transitions. [2022-11-20 20:52:18,762 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 4.0) internal successors, (20), 4 states have internal predecessors, (20), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-20 20:52:18,762 INFO L276 IsEmpty]: Start isEmpty. Operand 152 states and 195 transitions. [2022-11-20 20:52:18,772 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-11-20 20:52:18,772 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 20:52:18,772 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 20:52:18,773 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-20 20:52:18,774 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 20:52:18,774 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 20:52:18,775 INFO L85 PathProgramCache]: Analyzing trace with hash -1812859144, now seen corresponding path program 1 times [2022-11-20 20:52:18,775 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-20 20:52:18,775 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [320409321] [2022-11-20 20:52:18,776 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:52:18,776 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 20:52:18,809 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:52:18,942 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-20 20:52:18,942 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-20 20:52:18,942 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [320409321] [2022-11-20 20:52:18,943 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [320409321] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 20:52:18,943 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 20:52:18,943 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-20 20:52:18,944 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [638971448] [2022-11-20 20:52:18,944 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 20:52:18,944 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-20 20:52:18,945 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-20 20:52:18,945 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-20 20:52:18,945 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-20 20:52:18,946 INFO L87 Difference]: Start difference. First operand 152 states and 195 transitions. Second operand has 4 states, 4 states have (on average 5.25) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-20 20:52:19,054 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 20:52:19,054 INFO L93 Difference]: Finished difference Result 368 states and 488 transitions. [2022-11-20 20:52:19,055 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-20 20:52:19,055 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 5.25) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 26 [2022-11-20 20:52:19,055 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 20:52:19,058 INFO L225 Difference]: With dead ends: 368 [2022-11-20 20:52:19,058 INFO L226 Difference]: Without dead ends: 218 [2022-11-20 20:52:19,059 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-20 20:52:19,060 INFO L413 NwaCegarLoop]: 57 mSDtfsCounter, 38 mSDsluCounter, 96 mSDsCounter, 0 mSdLazyCounter, 51 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 38 SdHoareTripleChecker+Valid, 153 SdHoareTripleChecker+Invalid, 59 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 51 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-20 20:52:19,061 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [38 Valid, 153 Invalid, 59 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 51 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-20 20:52:19,062 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 218 states. [2022-11-20 20:52:19,111 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 218 to 210. [2022-11-20 20:52:19,114 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 210 states, 143 states have (on average 1.2797202797202798) internal successors, (183), 159 states have internal predecessors, (183), 35 states have call successors, (35), 31 states have call predecessors, (35), 31 states have return successors, (47), 33 states have call predecessors, (47), 35 states have call successors, (47) [2022-11-20 20:52:19,134 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 210 states to 210 states and 265 transitions. [2022-11-20 20:52:19,134 INFO L78 Accepts]: Start accepts. Automaton has 210 states and 265 transitions. Word has length 26 [2022-11-20 20:52:19,135 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 20:52:19,135 INFO L495 AbstractCegarLoop]: Abstraction has 210 states and 265 transitions. [2022-11-20 20:52:19,135 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 5.25) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-20 20:52:19,135 INFO L276 IsEmpty]: Start isEmpty. Operand 210 states and 265 transitions. [2022-11-20 20:52:19,137 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2022-11-20 20:52:19,138 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 20:52:19,138 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 20:52:19,138 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-20 20:52:19,139 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 20:52:19,139 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 20:52:19,139 INFO L85 PathProgramCache]: Analyzing trace with hash 386536124, now seen corresponding path program 1 times [2022-11-20 20:52:19,140 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-20 20:52:19,140 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [589639465] [2022-11-20 20:52:19,140 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:52:19,140 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 20:52:19,160 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:52:19,460 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-20 20:52:19,461 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-20 20:52:19,461 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [589639465] [2022-11-20 20:52:19,461 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [589639465] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-20 20:52:19,462 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1513792919] [2022-11-20 20:52:19,462 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:52:19,462 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-20 20:52:19,462 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 [2022-11-20 20:52:19,471 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-20 20:52:19,495 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-20 20:52:19,587 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:52:19,590 INFO L263 TraceCheckSpWp]: Trace formula consists of 209 conjuncts, 31 conjunts are in the unsatisfiable core [2022-11-20 20:52:19,598 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-20 20:52:20,058 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-20 20:52:20,059 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-20 20:52:20,534 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-20 20:52:20,535 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1513792919] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-20 20:52:20,535 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1099603034] [2022-11-20 20:52:20,558 INFO L159 IcfgInterpreter]: Started Sifa with 34 locations of interest [2022-11-20 20:52:20,558 INFO L166 IcfgInterpreter]: Building call graph [2022-11-20 20:52:20,562 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-20 20:52:20,569 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-20 20:52:20,570 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-20 20:52:22,235 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 137 for LOIs [2022-11-20 20:52:22,899 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 133 for LOIs [2022-11-20 20:52:23,044 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 114 for LOIs [2022-11-20 20:52:23,059 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-20 20:52:33,009 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSifa [1099603034] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 20:52:33,010 INFO L184 FreeRefinementEngine]: Found 1 perfect and 3 imperfect interpolant sequences. [2022-11-20 20:52:33,010 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [15] imperfect sequences [12, 10, 10] total 38 [2022-11-20 20:52:33,011 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [723879301] [2022-11-20 20:52:33,011 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 20:52:33,011 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 16 states [2022-11-20 20:52:33,011 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-20 20:52:33,012 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 16 interpolants. [2022-11-20 20:52:33,013 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=248, Invalid=1158, Unknown=0, NotChecked=0, Total=1406 [2022-11-20 20:52:33,013 INFO L87 Difference]: Start difference. First operand 210 states and 265 transitions. Second operand has 16 states, 13 states have (on average 1.9230769230769231) internal successors, (25), 13 states have internal predecessors, (25), 4 states have call successors, (5), 4 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-20 20:52:37,483 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 20:52:37,483 INFO L93 Difference]: Finished difference Result 490 states and 616 transitions. [2022-11-20 20:52:37,487 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 16 states. [2022-11-20 20:52:37,488 INFO L78 Accepts]: Start accepts. Automaton has has 16 states, 13 states have (on average 1.9230769230769231) internal successors, (25), 13 states have internal predecessors, (25), 4 states have call successors, (5), 4 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) Word has length 35 [2022-11-20 20:52:37,488 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 20:52:37,490 INFO L225 Difference]: With dead ends: 490 [2022-11-20 20:52:37,491 INFO L226 Difference]: Without dead ends: 282 [2022-11-20 20:52:37,492 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 120 GetRequests, 77 SyntacticMatches, 3 SemanticMatches, 40 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 610 ImplicationChecksByTransitivity, 13.2s TimeCoverageRelationStatistics Valid=310, Invalid=1412, Unknown=0, NotChecked=0, Total=1722 [2022-11-20 20:52:37,493 INFO L413 NwaCegarLoop]: 47 mSDtfsCounter, 105 mSDsluCounter, 260 mSDsCounter, 0 mSdLazyCounter, 589 mSolverCounterSat, 56 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 106 SdHoareTripleChecker+Valid, 307 SdHoareTripleChecker+Invalid, 645 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 56 IncrementalHoareTripleChecker+Valid, 589 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.5s IncrementalHoareTripleChecker+Time [2022-11-20 20:52:37,494 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [106 Valid, 307 Invalid, 645 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [56 Valid, 589 Invalid, 0 Unknown, 0 Unchecked, 1.5s Time] [2022-11-20 20:52:37,495 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 282 states. [2022-11-20 20:52:37,551 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 282 to 269. [2022-11-20 20:52:37,552 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 269 states, 184 states have (on average 1.2554347826086956) internal successors, (231), 201 states have internal predecessors, (231), 44 states have call successors, (44), 40 states have call predecessors, (44), 40 states have return successors, (56), 41 states have call predecessors, (56), 44 states have call successors, (56) [2022-11-20 20:52:37,554 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 269 states to 269 states and 331 transitions. [2022-11-20 20:52:37,555 INFO L78 Accepts]: Start accepts. Automaton has 269 states and 331 transitions. Word has length 35 [2022-11-20 20:52:37,555 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 20:52:37,555 INFO L495 AbstractCegarLoop]: Abstraction has 269 states and 331 transitions. [2022-11-20 20:52:37,555 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 16 states, 13 states have (on average 1.9230769230769231) internal successors, (25), 13 states have internal predecessors, (25), 4 states have call successors, (5), 4 states have call predecessors, (5), 2 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-20 20:52:37,556 INFO L276 IsEmpty]: Start isEmpty. Operand 269 states and 331 transitions. [2022-11-20 20:52:37,557 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-11-20 20:52:37,557 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 20:52:37,558 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 20:52:37,570 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2022-11-20 20:52:37,764 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable5 [2022-11-20 20:52:37,765 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 20:52:37,765 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 20:52:37,765 INFO L85 PathProgramCache]: Analyzing trace with hash 772749482, now seen corresponding path program 1 times [2022-11-20 20:52:37,765 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-20 20:52:37,766 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1869917881] [2022-11-20 20:52:37,766 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:52:37,766 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 20:52:37,798 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:52:38,096 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-20 20:52:38,097 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-20 20:52:38,097 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1869917881] [2022-11-20 20:52:38,098 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1869917881] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-20 20:52:38,098 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1304474431] [2022-11-20 20:52:38,098 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:52:38,098 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-20 20:52:38,098 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 [2022-11-20 20:52:38,100 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-20 20:52:38,127 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-20 20:52:38,188 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:52:38,190 INFO L263 TraceCheckSpWp]: Trace formula consists of 215 conjuncts, 31 conjunts are in the unsatisfiable core [2022-11-20 20:52:38,204 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-20 20:52:38,450 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-20 20:52:38,450 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-20 20:52:38,832 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-20 20:52:38,833 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1304474431] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-20 20:52:38,833 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [321332170] [2022-11-20 20:52:38,835 INFO L159 IcfgInterpreter]: Started Sifa with 37 locations of interest [2022-11-20 20:52:38,838 INFO L166 IcfgInterpreter]: Building call graph [2022-11-20 20:52:38,838 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-20 20:52:38,839 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-20 20:52:38,845 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-20 20:52:40,091 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 114 for LOIs [2022-11-20 20:52:40,106 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 134 for LOIs [2022-11-20 20:52:40,724 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 129 for LOIs [2022-11-20 20:52:41,329 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 43 for LOIs [2022-11-20 20:52:41,336 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 112 for LOIs [2022-11-20 20:52:41,350 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-20 20:52:54,284 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '4088#(and (<= ~methaneLevelCritical~0 1) (<= ~pumpRunning~0 1) (= ~head~0.offset 0) (<= 2 ~waterLevel~0) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~9#1|) (= 1 ~systemActive~0) (= |old(~pumpRunning~0)| 0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1|) (<= 2 |old(~waterLevel~0)|) (= |timeShift___utac_acc__Specification1_spec__1_~tmp~1#1| ~methaneLevelCritical~0) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~9#1|) (<= 0 ~methaneLevelCritical~0) (<= 0 ~pumpRunning~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 0)) (<= 0 |#StackHeapBarrier|) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp~1#1| 0)) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-20 20:52:54,285 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-20 20:52:54,285 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-20 20:52:54,285 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 10, 10] total 24 [2022-11-20 20:52:54,285 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [499317929] [2022-11-20 20:52:54,286 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-20 20:52:54,286 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 24 states [2022-11-20 20:52:54,286 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-20 20:52:54,287 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 24 interpolants. [2022-11-20 20:52:54,288 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=337, Invalid=2213, Unknown=0, NotChecked=0, Total=2550 [2022-11-20 20:52:54,289 INFO L87 Difference]: Start difference. First operand 269 states and 331 transitions. Second operand has 24 states, 18 states have (on average 3.2777777777777777) internal successors, (59), 18 states have internal predecessors, (59), 7 states have call successors, (14), 6 states have call predecessors, (14), 10 states have return successors, (13), 11 states have call predecessors, (13), 7 states have call successors, (13) [2022-11-20 20:52:59,458 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 20:52:59,458 INFO L93 Difference]: Finished difference Result 1158 states and 1604 transitions. [2022-11-20 20:52:59,459 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 72 states. [2022-11-20 20:52:59,459 INFO L78 Accepts]: Start accepts. Automaton has has 24 states, 18 states have (on average 3.2777777777777777) internal successors, (59), 18 states have internal predecessors, (59), 7 states have call successors, (14), 6 states have call predecessors, (14), 10 states have return successors, (13), 11 states have call predecessors, (13), 7 states have call successors, (13) Word has length 38 [2022-11-20 20:52:59,462 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 20:52:59,482 INFO L225 Difference]: With dead ends: 1158 [2022-11-20 20:52:59,482 INFO L226 Difference]: Without dead ends: 897 [2022-11-20 20:52:59,490 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 203 GetRequests, 87 SyntacticMatches, 3 SemanticMatches, 113 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4880 ImplicationChecksByTransitivity, 15.9s TimeCoverageRelationStatistics Valid=1552, Invalid=11558, Unknown=0, NotChecked=0, Total=13110 [2022-11-20 20:52:59,491 INFO L413 NwaCegarLoop]: 60 mSDtfsCounter, 1242 mSDsluCounter, 518 mSDsCounter, 0 mSdLazyCounter, 2580 mSolverCounterSat, 882 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1247 SdHoareTripleChecker+Valid, 578 SdHoareTripleChecker+Invalid, 3462 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 882 IncrementalHoareTripleChecker+Valid, 2580 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.2s IncrementalHoareTripleChecker+Time [2022-11-20 20:52:59,491 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1247 Valid, 578 Invalid, 3462 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [882 Valid, 2580 Invalid, 0 Unknown, 0 Unchecked, 2.2s Time] [2022-11-20 20:52:59,493 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 897 states. [2022-11-20 20:52:59,615 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 897 to 639. [2022-11-20 20:52:59,616 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 639 states, 440 states have (on average 1.2204545454545455) internal successors, (537), 476 states have internal predecessors, (537), 101 states have call successors, (101), 84 states have call predecessors, (101), 97 states have return successors, (135), 103 states have call predecessors, (135), 101 states have call successors, (135) [2022-11-20 20:52:59,620 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 639 states to 639 states and 773 transitions. [2022-11-20 20:52:59,621 INFO L78 Accepts]: Start accepts. Automaton has 639 states and 773 transitions. Word has length 38 [2022-11-20 20:52:59,621 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 20:52:59,621 INFO L495 AbstractCegarLoop]: Abstraction has 639 states and 773 transitions. [2022-11-20 20:52:59,622 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 24 states, 18 states have (on average 3.2777777777777777) internal successors, (59), 18 states have internal predecessors, (59), 7 states have call successors, (14), 6 states have call predecessors, (14), 10 states have return successors, (13), 11 states have call predecessors, (13), 7 states have call successors, (13) [2022-11-20 20:52:59,622 INFO L276 IsEmpty]: Start isEmpty. Operand 639 states and 773 transitions. [2022-11-20 20:52:59,624 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 68 [2022-11-20 20:52:59,624 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 20:52:59,625 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 20:52:59,637 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-20 20:52:59,831 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-20 20:52:59,832 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 20:52:59,832 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 20:52:59,832 INFO L85 PathProgramCache]: Analyzing trace with hash -1410621706, now seen corresponding path program 1 times [2022-11-20 20:52:59,833 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-20 20:52:59,833 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [114112506] [2022-11-20 20:52:59,833 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:52:59,833 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 20:52:59,846 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:52:59,900 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 16 proven. 0 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2022-11-20 20:52:59,900 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-20 20:52:59,901 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [114112506] [2022-11-20 20:52:59,901 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [114112506] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-20 20:52:59,901 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-20 20:52:59,901 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-20 20:52:59,902 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [14304661] [2022-11-20 20:52:59,902 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-20 20:52:59,902 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-20 20:52:59,902 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-20 20:52:59,903 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-20 20:52:59,903 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-20 20:52:59,903 INFO L87 Difference]: Start difference. First operand 639 states and 773 transitions. Second operand has 4 states, 3 states have (on average 15.333333333333334) internal successors, (46), 4 states have internal predecessors, (46), 4 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (8), 3 states have call predecessors, (8), 4 states have call successors, (8) [2022-11-20 20:53:00,103 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 20:53:00,104 INFO L93 Difference]: Finished difference Result 1229 states and 1491 transitions. [2022-11-20 20:53:00,104 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-11-20 20:53:00,104 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 15.333333333333334) internal successors, (46), 4 states have internal predecessors, (46), 4 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (8), 3 states have call predecessors, (8), 4 states have call successors, (8) Word has length 67 [2022-11-20 20:53:00,105 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 20:53:00,109 INFO L225 Difference]: With dead ends: 1229 [2022-11-20 20:53:00,109 INFO L226 Difference]: Without dead ends: 651 [2022-11-20 20:53:00,111 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-20 20:53:00,112 INFO L413 NwaCegarLoop]: 73 mSDtfsCounter, 85 mSDsluCounter, 43 mSDsCounter, 0 mSdLazyCounter, 82 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 85 SdHoareTripleChecker+Valid, 116 SdHoareTripleChecker+Invalid, 86 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 82 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-20 20:53:00,113 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [85 Valid, 116 Invalid, 86 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 82 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-20 20:53:00,114 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 651 states. [2022-11-20 20:53:00,225 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 651 to 639. [2022-11-20 20:53:00,227 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 639 states, 440 states have (on average 1.2068181818181818) internal successors, (531), 476 states have internal predecessors, (531), 101 states have call successors, (101), 84 states have call predecessors, (101), 97 states have return successors, (124), 103 states have call predecessors, (124), 101 states have call successors, (124) [2022-11-20 20:53:00,230 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 639 states to 639 states and 756 transitions. [2022-11-20 20:53:00,232 INFO L78 Accepts]: Start accepts. Automaton has 639 states and 756 transitions. Word has length 67 [2022-11-20 20:53:00,233 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 20:53:00,233 INFO L495 AbstractCegarLoop]: Abstraction has 639 states and 756 transitions. [2022-11-20 20:53:00,233 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 15.333333333333334) internal successors, (46), 4 states have internal predecessors, (46), 4 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (8), 3 states have call predecessors, (8), 4 states have call successors, (8) [2022-11-20 20:53:00,233 INFO L276 IsEmpty]: Start isEmpty. Operand 639 states and 756 transitions. [2022-11-20 20:53:00,238 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 68 [2022-11-20 20:53:00,238 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 20:53:00,238 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 20:53:00,239 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-11-20 20:53:00,239 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 20:53:00,241 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 20:53:00,241 INFO L85 PathProgramCache]: Analyzing trace with hash -1326506653, now seen corresponding path program 1 times [2022-11-20 20:53:00,241 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-20 20:53:00,241 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1281223150] [2022-11-20 20:53:00,242 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:53:00,242 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 20:53:00,297 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:53:00,909 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 5 proven. 11 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2022-11-20 20:53:00,910 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-20 20:53:00,910 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1281223150] [2022-11-20 20:53:00,910 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1281223150] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-20 20:53:00,910 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [298385185] [2022-11-20 20:53:00,910 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:53:00,910 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-20 20:53:00,911 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 [2022-11-20 20:53:00,914 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-20 20:53:00,947 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-11-20 20:53:01,041 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:53:01,043 INFO L263 TraceCheckSpWp]: Trace formula consists of 300 conjuncts, 34 conjunts are in the unsatisfiable core [2022-11-20 20:53:01,047 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-20 20:53:01,470 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 13 proven. 11 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-20 20:53:01,471 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-20 20:53:02,065 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 9 proven. 3 refuted. 0 times theorem prover too weak. 14 trivial. 0 not checked. [2022-11-20 20:53:02,065 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [298385185] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-20 20:53:02,065 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [251559445] [2022-11-20 20:53:02,068 INFO L159 IcfgInterpreter]: Started Sifa with 44 locations of interest [2022-11-20 20:53:02,068 INFO L166 IcfgInterpreter]: Building call graph [2022-11-20 20:53:02,069 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-20 20:53:02,069 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-20 20:53:02,070 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-20 20:53:05,591 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 132 for LOIs [2022-11-20 20:53:05,622 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 41 for LOIs [2022-11-20 20:53:05,906 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 37 for LOIs [2022-11-20 20:53:06,197 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 38 for LOIs [2022-11-20 20:53:06,205 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 22 for LOIs [2022-11-20 20:53:06,208 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 40 for LOIs [2022-11-20 20:53:06,214 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-20 20:53:12,918 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '10204#(and (<= ~methaneLevelCritical~0 1) (<= 0 (+ |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 2147483648)) (= ~head~0.offset 0) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~9#1|) (<= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 2147483647) (= 1 ~systemActive~0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1|) (= |timeShift___utac_acc__Specification1_spec__1_~tmp~1#1| ~methaneLevelCritical~0) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~9#1|) (<= 0 ~methaneLevelCritical~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 0)) (<= 0 |#StackHeapBarrier|) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp~1#1| 0)) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-20 20:53:12,918 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-20 20:53:12,918 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-20 20:53:12,918 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 12, 14] total 31 [2022-11-20 20:53:12,918 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [848885881] [2022-11-20 20:53:12,919 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-20 20:53:12,919 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 31 states [2022-11-20 20:53:12,919 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-20 20:53:12,920 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 31 interpolants. [2022-11-20 20:53:12,921 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=431, Invalid=3351, Unknown=0, NotChecked=0, Total=3782 [2022-11-20 20:53:12,921 INFO L87 Difference]: Start difference. First operand 639 states and 756 transitions. Second operand has 31 states, 26 states have (on average 3.6538461538461537) internal successors, (95), 25 states have internal predecessors, (95), 13 states have call successors, (24), 11 states have call predecessors, (24), 10 states have return successors, (22), 9 states have call predecessors, (22), 13 states have call successors, (22) [2022-11-20 20:53:18,459 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 20:53:18,459 INFO L93 Difference]: Finished difference Result 3275 states and 4012 transitions. [2022-11-20 20:53:18,460 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 76 states. [2022-11-20 20:53:18,460 INFO L78 Accepts]: Start accepts. Automaton has has 31 states, 26 states have (on average 3.6538461538461537) internal successors, (95), 25 states have internal predecessors, (95), 13 states have call successors, (24), 11 states have call predecessors, (24), 10 states have return successors, (22), 9 states have call predecessors, (22), 13 states have call successors, (22) Word has length 67 [2022-11-20 20:53:18,460 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 20:53:18,476 INFO L225 Difference]: With dead ends: 3275 [2022-11-20 20:53:18,476 INFO L226 Difference]: Without dead ends: 2758 [2022-11-20 20:53:18,483 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 297 GetRequests, 153 SyntacticMatches, 15 SemanticMatches, 129 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7824 ImplicationChecksByTransitivity, 9.7s TimeCoverageRelationStatistics Valid=2255, Invalid=14775, Unknown=0, NotChecked=0, Total=17030 [2022-11-20 20:53:18,483 INFO L413 NwaCegarLoop]: 103 mSDtfsCounter, 1605 mSDsluCounter, 1175 mSDsCounter, 0 mSdLazyCounter, 2705 mSolverCounterSat, 1032 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 2.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1614 SdHoareTripleChecker+Valid, 1278 SdHoareTripleChecker+Invalid, 3737 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1032 IncrementalHoareTripleChecker+Valid, 2705 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.4s IncrementalHoareTripleChecker+Time [2022-11-20 20:53:18,484 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1614 Valid, 1278 Invalid, 3737 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1032 Valid, 2705 Invalid, 0 Unknown, 0 Unchecked, 2.4s Time] [2022-11-20 20:53:18,487 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2758 states. [2022-11-20 20:53:18,942 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2758 to 2398. [2022-11-20 20:53:18,947 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2398 states, 1696 states have (on average 1.2234669811320755) internal successors, (2075), 1816 states have internal predecessors, (2075), 363 states have call successors, (363), 278 states have call predecessors, (363), 338 states have return successors, (481), 386 states have call predecessors, (481), 363 states have call successors, (481) [2022-11-20 20:53:18,960 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2398 states to 2398 states and 2919 transitions. [2022-11-20 20:53:18,961 INFO L78 Accepts]: Start accepts. Automaton has 2398 states and 2919 transitions. Word has length 67 [2022-11-20 20:53:18,963 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 20:53:18,963 INFO L495 AbstractCegarLoop]: Abstraction has 2398 states and 2919 transitions. [2022-11-20 20:53:18,964 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 31 states, 26 states have (on average 3.6538461538461537) internal successors, (95), 25 states have internal predecessors, (95), 13 states have call successors, (24), 11 states have call predecessors, (24), 10 states have return successors, (22), 9 states have call predecessors, (22), 13 states have call successors, (22) [2022-11-20 20:53:18,964 INFO L276 IsEmpty]: Start isEmpty. Operand 2398 states and 2919 transitions. [2022-11-20 20:53:18,971 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 86 [2022-11-20 20:53:18,971 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 20:53:18,971 INFO L195 NwaCegarLoop]: trace histogram [4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 20:53:18,984 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2022-11-20 20:53:19,178 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-20 20:53:19,178 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 20:53:19,178 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 20:53:19,179 INFO L85 PathProgramCache]: Analyzing trace with hash 421351203, now seen corresponding path program 1 times [2022-11-20 20:53:19,179 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-20 20:53:19,179 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [706725183] [2022-11-20 20:53:19,179 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:53:19,179 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 20:53:19,214 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:53:19,824 INFO L134 CoverageAnalysis]: Checked inductivity of 62 backedges. 31 proven. 17 refuted. 0 times theorem prover too weak. 14 trivial. 0 not checked. [2022-11-20 20:53:19,824 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-20 20:53:19,824 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [706725183] [2022-11-20 20:53:19,824 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [706725183] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-20 20:53:19,824 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1171941225] [2022-11-20 20:53:19,825 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:53:19,825 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-20 20:53:19,825 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 [2022-11-20 20:53:19,826 INFO L229 MonitoredProcess]: Starting monitored process 5 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-20 20:53:19,836 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2022-11-20 20:53:19,943 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:53:19,946 INFO L263 TraceCheckSpWp]: Trace formula consists of 353 conjuncts, 29 conjunts are in the unsatisfiable core [2022-11-20 20:53:19,949 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-20 20:53:20,538 INFO L134 CoverageAnalysis]: Checked inductivity of 62 backedges. 44 proven. 16 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-20 20:53:20,538 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-20 20:53:21,532 INFO L134 CoverageAnalysis]: Checked inductivity of 62 backedges. 37 proven. 11 refuted. 0 times theorem prover too weak. 14 trivial. 0 not checked. [2022-11-20 20:53:21,532 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1171941225] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-20 20:53:21,532 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1888829686] [2022-11-20 20:53:21,535 INFO L159 IcfgInterpreter]: Started Sifa with 44 locations of interest [2022-11-20 20:53:21,536 INFO L166 IcfgInterpreter]: Building call graph [2022-11-20 20:53:21,536 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-20 20:53:21,536 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-20 20:53:21,537 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-20 20:53:23,015 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 43 for LOIs [2022-11-20 20:53:23,278 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 37 for LOIs [2022-11-20 20:53:23,483 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 37 for LOIs [2022-11-20 20:53:23,489 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 22 for LOIs [2022-11-20 20:53:23,492 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 40 for LOIs [2022-11-20 20:53:23,497 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-20 20:53:29,394 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '19416#(and (<= ~methaneLevelCritical~0 1) (<= 0 ~systemActive~0) (<= 0 (+ |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 2147483648)) (= ~head~0.offset 0) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~9#1|) (<= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 2147483647) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1|) (= |timeShift___utac_acc__Specification1_spec__1_~tmp~1#1| ~methaneLevelCritical~0) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~9#1|) (<= 0 ~methaneLevelCritical~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 0)) (<= 0 |#StackHeapBarrier|) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp~1#1| 0)) (<= ~systemActive~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-20 20:53:29,394 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-20 20:53:29,395 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-20 20:53:29,395 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 13, 14] total 30 [2022-11-20 20:53:29,395 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [37006552] [2022-11-20 20:53:29,395 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-20 20:53:29,396 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 30 states [2022-11-20 20:53:29,396 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-20 20:53:29,396 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 30 interpolants. [2022-11-20 20:53:29,397 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=392, Invalid=3390, Unknown=0, NotChecked=0, Total=3782 [2022-11-20 20:53:29,397 INFO L87 Difference]: Start difference. First operand 2398 states and 2919 transitions. Second operand has 30 states, 27 states have (on average 4.666666666666667) internal successors, (126), 25 states have internal predecessors, (126), 18 states have call successors, (26), 10 states have call predecessors, (26), 10 states have return successors, (25), 12 states have call predecessors, (25), 18 states have call successors, (25) [2022-11-20 20:53:33,319 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 20:53:33,319 INFO L93 Difference]: Finished difference Result 6548 states and 8082 transitions. [2022-11-20 20:53:33,320 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 50 states. [2022-11-20 20:53:33,320 INFO L78 Accepts]: Start accepts. Automaton has has 30 states, 27 states have (on average 4.666666666666667) internal successors, (126), 25 states have internal predecessors, (126), 18 states have call successors, (26), 10 states have call predecessors, (26), 10 states have return successors, (25), 12 states have call predecessors, (25), 18 states have call successors, (25) Word has length 85 [2022-11-20 20:53:33,321 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 20:53:33,345 INFO L225 Difference]: With dead ends: 6548 [2022-11-20 20:53:33,346 INFO L226 Difference]: Without dead ends: 4315 [2022-11-20 20:53:33,359 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 316 GetRequests, 207 SyntacticMatches, 11 SemanticMatches, 98 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4093 ImplicationChecksByTransitivity, 8.0s TimeCoverageRelationStatistics Valid=1235, Invalid=8665, Unknown=0, NotChecked=0, Total=9900 [2022-11-20 20:53:33,360 INFO L413 NwaCegarLoop]: 79 mSDtfsCounter, 867 mSDsluCounter, 703 mSDsCounter, 0 mSdLazyCounter, 1620 mSolverCounterSat, 561 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 876 SdHoareTripleChecker+Valid, 782 SdHoareTripleChecker+Invalid, 2181 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 561 IncrementalHoareTripleChecker+Valid, 1620 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.4s IncrementalHoareTripleChecker+Time [2022-11-20 20:53:33,361 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [876 Valid, 782 Invalid, 2181 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [561 Valid, 1620 Invalid, 0 Unknown, 0 Unchecked, 1.4s Time] [2022-11-20 20:53:33,366 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 4315 states. [2022-11-20 20:53:33,956 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 4315 to 2924. [2022-11-20 20:53:33,962 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2924 states, 2072 states have (on average 1.2186293436293436) internal successors, (2525), 2206 states have internal predecessors, (2525), 433 states have call successors, (433), 367 states have call predecessors, (433), 418 states have return successors, (553), 435 states have call predecessors, (553), 433 states have call successors, (553) [2022-11-20 20:53:33,977 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2924 states to 2924 states and 3511 transitions. [2022-11-20 20:53:33,978 INFO L78 Accepts]: Start accepts. Automaton has 2924 states and 3511 transitions. Word has length 85 [2022-11-20 20:53:33,978 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 20:53:33,979 INFO L495 AbstractCegarLoop]: Abstraction has 2924 states and 3511 transitions. [2022-11-20 20:53:33,979 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 30 states, 27 states have (on average 4.666666666666667) internal successors, (126), 25 states have internal predecessors, (126), 18 states have call successors, (26), 10 states have call predecessors, (26), 10 states have return successors, (25), 12 states have call predecessors, (25), 18 states have call successors, (25) [2022-11-20 20:53:33,979 INFO L276 IsEmpty]: Start isEmpty. Operand 2924 states and 3511 transitions. [2022-11-20 20:53:33,987 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 122 [2022-11-20 20:53:33,987 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 20:53:33,987 INFO L195 NwaCegarLoop]: trace histogram [6, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 20:53:34,004 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2022-11-20 20:53:34,196 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-20 20:53:34,197 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 20:53:34,197 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 20:53:34,197 INFO L85 PathProgramCache]: Analyzing trace with hash -207946092, now seen corresponding path program 1 times [2022-11-20 20:53:34,198 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-20 20:53:34,198 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [255493824] [2022-11-20 20:53:34,198 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:53:34,198 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 20:53:34,250 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:53:35,301 INFO L134 CoverageAnalysis]: Checked inductivity of 149 backedges. 55 proven. 55 refuted. 0 times theorem prover too weak. 39 trivial. 0 not checked. [2022-11-20 20:53:35,302 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-20 20:53:35,302 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [255493824] [2022-11-20 20:53:35,302 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [255493824] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-20 20:53:35,302 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1888052026] [2022-11-20 20:53:35,302 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:53:35,303 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-20 20:53:35,303 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 [2022-11-20 20:53:35,304 INFO L229 MonitoredProcess]: Starting monitored process 6 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-20 20:53:35,314 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2022-11-20 20:53:35,445 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:53:35,449 INFO L263 TraceCheckSpWp]: Trace formula consists of 476 conjuncts, 39 conjunts are in the unsatisfiable core [2022-11-20 20:53:35,453 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-20 20:53:36,197 INFO L134 CoverageAnalysis]: Checked inductivity of 149 backedges. 71 proven. 67 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2022-11-20 20:53:36,198 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-20 20:53:37,317 INFO L134 CoverageAnalysis]: Checked inductivity of 149 backedges. 72 proven. 32 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2022-11-20 20:53:37,317 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1888052026] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-20 20:53:37,317 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2017024703] [2022-11-20 20:53:37,320 INFO L159 IcfgInterpreter]: Started Sifa with 47 locations of interest [2022-11-20 20:53:37,321 INFO L166 IcfgInterpreter]: Building call graph [2022-11-20 20:53:37,321 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-20 20:53:37,322 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-20 20:53:37,322 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-20 20:53:40,730 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 132 for LOIs [2022-11-20 20:53:40,755 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 41 for LOIs [2022-11-20 20:53:41,164 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 37 for LOIs [2022-11-20 20:53:41,392 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 38 for LOIs [2022-11-20 20:53:41,398 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 22 for LOIs [2022-11-20 20:53:41,401 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 40 for LOIs [2022-11-20 20:53:41,406 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 44 for LOIs [2022-11-20 20:53:41,412 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-20 20:53:49,776 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '34450#(and (<= ~methaneLevelCritical~0 1) (<= 0 (+ |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 2147483648)) (= ~head~0.offset 0) (<= 1 ~systemActive~0) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~9#1|) (<= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 2147483647) (<= |#NULL.offset| 0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1|) (= |timeShift___utac_acc__Specification1_spec__1_~tmp~1#1| ~methaneLevelCritical~0) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~9#1|) (<= 0 ~head~0.base) (<= 0 ~methaneLevelCritical~0) (<= ~head~0.base 0) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 0)) (<= 0 |#NULL.offset|) (<= 0 |#StackHeapBarrier|) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp~1#1| 0)) (<= ~systemActive~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-20 20:53:49,776 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-20 20:53:49,776 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-20 20:53:49,776 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [19, 17, 17] total 44 [2022-11-20 20:53:49,776 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [68339071] [2022-11-20 20:53:49,777 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-20 20:53:49,781 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 44 states [2022-11-20 20:53:49,781 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-20 20:53:49,781 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 44 interpolants. [2022-11-20 20:53:49,783 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=672, Invalid=5334, Unknown=0, NotChecked=0, Total=6006 [2022-11-20 20:53:49,784 INFO L87 Difference]: Start difference. First operand 2924 states and 3511 transitions. Second operand has 44 states, 39 states have (on average 4.538461538461538) internal successors, (177), 40 states have internal predecessors, (177), 26 states have call successors, (42), 12 states have call predecessors, (42), 17 states have return successors, (42), 19 states have call predecessors, (42), 26 states have call successors, (42) [2022-11-20 20:53:55,190 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 20:53:55,191 INFO L93 Difference]: Finished difference Result 6728 states and 8313 transitions. [2022-11-20 20:53:55,191 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 63 states. [2022-11-20 20:53:55,192 INFO L78 Accepts]: Start accepts. Automaton has has 44 states, 39 states have (on average 4.538461538461538) internal successors, (177), 40 states have internal predecessors, (177), 26 states have call successors, (42), 12 states have call predecessors, (42), 17 states have return successors, (42), 19 states have call predecessors, (42), 26 states have call successors, (42) Word has length 121 [2022-11-20 20:53:55,192 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 20:53:55,213 INFO L225 Difference]: With dead ends: 6728 [2022-11-20 20:53:55,213 INFO L226 Difference]: Without dead ends: 3788 [2022-11-20 20:53:55,225 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 456 GetRequests, 297 SyntacticMatches, 26 SemanticMatches, 133 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 9419 ImplicationChecksByTransitivity, 11.4s TimeCoverageRelationStatistics Valid=2428, Invalid=15662, Unknown=0, NotChecked=0, Total=18090 [2022-11-20 20:53:55,226 INFO L413 NwaCegarLoop]: 105 mSDtfsCounter, 2283 mSDsluCounter, 1085 mSDsCounter, 0 mSdLazyCounter, 2530 mSolverCounterSat, 1346 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 2287 SdHoareTripleChecker+Valid, 1190 SdHoareTripleChecker+Invalid, 3876 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1346 IncrementalHoareTripleChecker+Valid, 2530 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.2s IncrementalHoareTripleChecker+Time [2022-11-20 20:53:55,227 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [2287 Valid, 1190 Invalid, 3876 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1346 Valid, 2530 Invalid, 0 Unknown, 0 Unchecked, 2.2s Time] [2022-11-20 20:53:55,231 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 3788 states. [2022-11-20 20:53:55,793 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 3788 to 2941. [2022-11-20 20:53:55,800 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2941 states, 2094 states have (on average 1.2196752626552054) internal successors, (2554), 2229 states have internal predecessors, (2554), 443 states have call successors, (443), 400 states have call predecessors, (443), 403 states have return successors, (504), 403 states have call predecessors, (504), 443 states have call successors, (504) [2022-11-20 20:53:55,810 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2941 states to 2941 states and 3501 transitions. [2022-11-20 20:53:55,811 INFO L78 Accepts]: Start accepts. Automaton has 2941 states and 3501 transitions. Word has length 121 [2022-11-20 20:53:55,812 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 20:53:55,813 INFO L495 AbstractCegarLoop]: Abstraction has 2941 states and 3501 transitions. [2022-11-20 20:53:55,813 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 44 states, 39 states have (on average 4.538461538461538) internal successors, (177), 40 states have internal predecessors, (177), 26 states have call successors, (42), 12 states have call predecessors, (42), 17 states have return successors, (42), 19 states have call predecessors, (42), 26 states have call successors, (42) [2022-11-20 20:53:55,813 INFO L276 IsEmpty]: Start isEmpty. Operand 2941 states and 3501 transitions. [2022-11-20 20:53:55,819 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 146 [2022-11-20 20:53:55,819 INFO L187 NwaCegarLoop]: Found error trace [2022-11-20 20:53:55,819 INFO L195 NwaCegarLoop]: trace histogram [7, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 20:53:55,835 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Forceful destruction successful, exit code 0 [2022-11-20 20:53:56,035 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,6 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-20 20:53:56,035 INFO L420 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-20 20:53:56,036 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-20 20:53:56,036 INFO L85 PathProgramCache]: Analyzing trace with hash -1410346348, now seen corresponding path program 1 times [2022-11-20 20:53:56,036 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-20 20:53:56,036 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [880497657] [2022-11-20 20:53:56,036 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:53:56,036 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-20 20:53:56,071 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:53:57,839 INFO L134 CoverageAnalysis]: Checked inductivity of 226 backedges. 29 proven. 127 refuted. 0 times theorem prover too weak. 70 trivial. 0 not checked. [2022-11-20 20:53:57,839 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-20 20:53:57,839 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [880497657] [2022-11-20 20:53:57,839 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [880497657] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-20 20:53:57,839 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1470664731] [2022-11-20 20:53:57,840 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-20 20:53:57,840 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-20 20:53:57,840 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 [2022-11-20 20:53:57,841 INFO L229 MonitoredProcess]: Starting monitored process 7 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-20 20:53:57,882 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Waiting until timeout for monitored process [2022-11-20 20:53:58,006 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-20 20:53:58,010 INFO L263 TraceCheckSpWp]: Trace formula consists of 541 conjuncts, 33 conjunts are in the unsatisfiable core [2022-11-20 20:53:58,014 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-20 20:53:58,216 INFO L134 CoverageAnalysis]: Checked inductivity of 226 backedges. 100 proven. 59 refuted. 0 times theorem prover too weak. 67 trivial. 0 not checked. [2022-11-20 20:53:58,216 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-20 20:53:58,640 INFO L134 CoverageAnalysis]: Checked inductivity of 226 backedges. 88 proven. 2 refuted. 0 times theorem prover too weak. 136 trivial. 0 not checked. [2022-11-20 20:53:58,640 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1470664731] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-20 20:53:58,641 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2099230966] [2022-11-20 20:53:58,651 INFO L159 IcfgInterpreter]: Started Sifa with 50 locations of interest [2022-11-20 20:53:58,652 INFO L166 IcfgInterpreter]: Building call graph [2022-11-20 20:53:58,653 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-20 20:53:58,655 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-20 20:53:58,656 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-20 20:54:01,375 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 39 for LOIs [2022-11-20 20:54:01,383 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 44 for LOIs [2022-11-20 20:54:01,720 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 58 for LOIs [2022-11-20 20:54:02,086 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 22 for LOIs [2022-11-20 20:54:02,088 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 38 for LOIs [2022-11-20 20:54:02,095 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 34 for LOIs [2022-11-20 20:54:02,097 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 30 for LOIs [2022-11-20 20:54:02,100 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-20 20:54:08,499 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '49957#(and (<= |timeShift___utac_acc__Specification1_spec__1_~tmp~1#1| 1) (<= ~methaneLevelCritical~0 1) (<= 0 ~systemActive~0) (<= 0 (+ |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 2147483648)) (= ~head~0.offset 0) (<= 0 |timeShift___utac_acc__Specification1_spec__1_~tmp~1#1|) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~9#1|) (<= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 2147483647) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1|) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~9#1|) (<= 0 ~methaneLevelCritical~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 0)) (<= 0 |#StackHeapBarrier|) (not (= |timeShift___utac_acc__Specification1_spec__1_~tmp~1#1| 0)) (<= ~systemActive~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-20 20:54:08,499 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-20 20:54:08,499 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-20 20:54:08,499 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [22, 7, 7] total 28 [2022-11-20 20:54:08,499 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1505337299] [2022-11-20 20:54:08,500 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-20 20:54:08,500 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 28 states [2022-11-20 20:54:08,500 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-20 20:54:08,501 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 28 interpolants. [2022-11-20 20:54:08,501 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=417, Invalid=4275, Unknown=0, NotChecked=0, Total=4692 [2022-11-20 20:54:08,502 INFO L87 Difference]: Start difference. First operand 2941 states and 3501 transitions. Second operand has 28 states, 25 states have (on average 6.12) internal successors, (153), 24 states have internal predecessors, (153), 13 states have call successors, (37), 8 states have call predecessors, (37), 11 states have return successors, (37), 12 states have call predecessors, (37), 13 states have call successors, (37) [2022-11-20 20:54:10,517 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-20 20:54:10,517 INFO L93 Difference]: Finished difference Result 3678 states and 4324 transitions. [2022-11-20 20:54:10,518 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 32 states. [2022-11-20 20:54:10,518 INFO L78 Accepts]: Start accepts. Automaton has has 28 states, 25 states have (on average 6.12) internal successors, (153), 24 states have internal predecessors, (153), 13 states have call successors, (37), 8 states have call predecessors, (37), 11 states have return successors, (37), 12 states have call predecessors, (37), 13 states have call successors, (37) Word has length 145 [2022-11-20 20:54:10,519 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-20 20:54:10,520 INFO L225 Difference]: With dead ends: 3678 [2022-11-20 20:54:10,520 INFO L226 Difference]: Without dead ends: 0 [2022-11-20 20:54:10,528 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 500 GetRequests, 403 SyntacticMatches, 3 SemanticMatches, 94 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3534 ImplicationChecksByTransitivity, 7.7s TimeCoverageRelationStatistics Valid=922, Invalid=8198, Unknown=0, NotChecked=0, Total=9120 [2022-11-20 20:54:10,528 INFO L413 NwaCegarLoop]: 65 mSDtfsCounter, 823 mSDsluCounter, 486 mSDsCounter, 0 mSdLazyCounter, 931 mSolverCounterSat, 442 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 826 SdHoareTripleChecker+Valid, 551 SdHoareTripleChecker+Invalid, 1373 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 442 IncrementalHoareTripleChecker+Valid, 931 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2022-11-20 20:54:10,529 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [826 Valid, 551 Invalid, 1373 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [442 Valid, 931 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2022-11-20 20:54:10,529 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-20 20:54:10,529 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-20 20:54:10,529 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-20 20:54:10,529 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-20 20:54:10,530 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 145 [2022-11-20 20:54:10,530 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-20 20:54:10,530 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-20 20:54:10,531 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 28 states, 25 states have (on average 6.12) internal successors, (153), 24 states have internal predecessors, (153), 13 states have call successors, (37), 8 states have call predecessors, (37), 11 states have return successors, (37), 12 states have call predecessors, (37), 13 states have call successors, (37) [2022-11-20 20:54:10,531 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-20 20:54:10,531 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-20 20:54:10,533 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-20 20:54:10,544 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Forceful destruction successful, exit code 0 [2022-11-20 20:54:10,735 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 7 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable11 [2022-11-20 20:54:10,737 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-20 20:55:46,596 WARN L233 SmtUtils]: Spent 1.51m on a formula simplification. DAG size of input: 480 DAG size of output: 478 (called from [L 182] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.or) [2022-11-20 20:56:17,760 INFO L895 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 851 858) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse1 (not (= 1 ~systemActive~0)))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1 (= |old(~pumpRunning~0)| 0)) (or .cse0 .cse1 (not (= 2 ~waterLevel~0))))) [2022-11-20 20:56:17,760 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 851 858) no Hoare annotation was computed. [2022-11-20 20:56:17,760 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 766 772) no Hoare annotation was computed. [2022-11-20 20:56:17,761 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 766 772) the Hoare annotation is: true [2022-11-20 20:56:17,762 INFO L895 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 186 197) the Hoare annotation is: (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (<= ~waterLevel~0 2))) (.cse5 (< ~waterLevel~0 2)) (.cse0 (not (= ~waterLevel~0 1))) (.cse1 (not (= ~pumpRunning~0 0))) (.cse3 (= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)) (.cse6 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse1 .cse3 .cse4 .cse5 .cse6) (or .cse2 .cse3 .cse4 .cse5) (or .cse0 .cse1 .cse3 .cse6))) [2022-11-20 20:56:17,762 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 186 197) no Hoare annotation was computed. [2022-11-20 20:56:17,762 INFO L902 garLoopResultBuilder]: At program point isMethaneLevelCriticalENTRY(lines 198 206) the Hoare annotation is: true [2022-11-20 20:56:17,762 INFO L899 garLoopResultBuilder]: For program point isMethaneLevelCriticalEXIT(lines 198 206) no Hoare annotation was computed. [2022-11-20 20:56:17,766 INFO L895 garLoopResultBuilder]: At program point L271(line 271) the Hoare annotation is: (let ((.cse1 (= |old(~pumpRunning~0)| 0))) (let ((.cse3 (= ~waterLevel~0 1)) (.cse10 (not (= |old(~waterLevel~0)| 1))) (.cse2 (= ~pumpRunning~0 0)) (.cse8 (<= ~waterLevel~0 |old(~waterLevel~0)|)) (.cse9 (not (= 0 ~systemActive~0))) (.cse5 (not .cse1)) (.cse0 (not (= 1 ~systemActive~0))) (.cse11 (= ~methaneLevelCritical~0 0)) (.cse6 (not (<= |old(~waterLevel~0)| 2))) (.cse7 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 .cse1 (and .cse2 (= |timeShift_processEnvironment_~tmp~7#1| 1) .cse3) (< 2 |old(~waterLevel~0)|) .cse4) (or .cse5 .cse6 (and .cse2 .cse7 .cse8) .cse9 .cse4) (or .cse5 .cse10 .cse0 (and .cse2 .cse3)) (or .cse5 (and .cse2 .cse7) .cse11 .cse0 .cse6 .cse4) (or .cse5 .cse10 (and .cse2 .cse8 (<= |old(~waterLevel~0)| ~waterLevel~0)) .cse9) (or .cse5 .cse0 (not .cse11) .cse6 (and .cse7 (= ~pumpRunning~0 1)) .cse4)))) [2022-11-20 20:56:17,766 INFO L899 garLoopResultBuilder]: For program point L271-1(line 271) no Hoare annotation was computed. [2022-11-20 20:56:17,767 INFO L899 garLoopResultBuilder]: For program point L746-1(lines 745 764) no Hoare annotation was computed. [2022-11-20 20:56:17,767 INFO L899 garLoopResultBuilder]: For program point L808(lines 808 816) no Hoare annotation was computed. [2022-11-20 20:56:17,768 INFO L895 garLoopResultBuilder]: At program point L804(lines 804 821) the Hoare annotation is: (let ((.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not (= 0 ~systemActive~0))) (.cse3 (not (= 1 ~systemActive~0))) (.cse4 (= ~pumpRunning~0 0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse6 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 .cse1 .cse2) (or .cse0 .cse1 .cse3 (and .cse4 (= ~waterLevel~0 1))) (or .cse0 .cse5 .cse2 .cse6) (or .cse3 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (or (and .cse4 (= |old(~waterLevel~0)| ~waterLevel~0)) (and (not .cse4) (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))))) .cse5 .cse6))) [2022-11-20 20:56:17,768 INFO L899 garLoopResultBuilder]: For program point L277(lines 277 283) no Hoare annotation was computed. [2022-11-20 20:56:17,769 INFO L895 garLoopResultBuilder]: At program point L661(line 661) the Hoare annotation is: (let ((.cse2 (not (= 0 ~systemActive~0))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse5 (not (= 1 ~systemActive~0))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse4 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 .cse1 .cse2) (or .cse0 .cse3 .cse2 .cse4) (or .cse0 .cse1 .cse5) (or .cse5 .cse3 .cse4))) [2022-11-20 20:56:17,769 INFO L895 garLoopResultBuilder]: At program point L273(lines 273 286) the Hoare annotation is: (let ((.cse15 (= ~methaneLevelCritical~0 0)) (.cse12 (= |old(~pumpRunning~0)| 0)) (.cse10 (= ~pumpRunning~0 0)) (.cse17 (<= ~waterLevel~0 |old(~waterLevel~0)|)) (.cse0 (= |timeShift___utac_acc__Specification1_spec__1_~tmp~1#1| 0))) (let ((.cse7 (not (= ~methaneLevelCritical~0 1))) (.cse1 (not (= 1 ~systemActive~0))) (.cse11 (= ~waterLevel~0 1)) (.cse8 (not .cse0)) (.cse16 (or (and (not (< 0 ~waterLevel~0)) .cse17) (and .cse10 .cse17))) (.cse14 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse6 (not (= |old(~waterLevel~0)| 1))) (.cse5 (not .cse12)) (.cse2 (not .cse15)) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse9 (not (= 0 ~systemActive~0))) (.cse4 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 .cse1 .cse2 (not (= |old(~pumpRunning~0)| 1)) .cse3 .cse4) (or .cse5 .cse6 .cse1 .cse7 .cse8) (or .cse0 .cse5 .cse6 .cse2 .cse9) (or .cse5 .cse6 .cse7 .cse9 .cse8) (or .cse1 (and .cse5 .cse10 (= |timeShift_processEnvironment_~tmp~7#1| 1) .cse11) (let ((.cse13 (= ~pumpRunning~0 1))) (and .cse12 (or (and .cse0 .cse13) (and .cse10 .cse8)) .cse14 (or (and .cse10 .cse2) (and .cse15 .cse13)))) .cse3 .cse4) (or .cse0 .cse5 .cse6 .cse1 .cse2) (or .cse5 .cse6 .cse1 (and .cse16 .cse11)) (or .cse5 .cse15 .cse3 .cse9 .cse8 .cse4) (or .cse5 .cse3 (and .cse16 .cse14) .cse9 .cse4) (or .cse5 .cse6 (and .cse10 .cse17 (<= |old(~waterLevel~0)| ~waterLevel~0)) .cse9) (or .cse0 .cse5 .cse2 .cse3 .cse9 .cse4)))) [2022-11-20 20:56:17,770 INFO L895 garLoopResultBuilder]: At program point L273-1(lines 265 289) the Hoare annotation is: (let ((.cse0 (= |timeShift___utac_acc__Specification1_spec__1_~tmp~1#1| 0)) (.cse17 (= ~methaneLevelCritical~0 0)) (.cse18 (= |old(~pumpRunning~0)| 0))) (let ((.cse1 (not .cse18)) (.cse3 (not .cse17)) (.cse10 (= 0 ~systemActive~0)) (.cse15 (= |timeShift___utac_acc__Specification1_spec__1_~tmp___0~0#1| 0)) (.cse19 (not .cse0))) (let ((.cse8 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse6 (not (= ~methaneLevelCritical~0 1))) (.cse2 (not (= |old(~waterLevel~0)| 1))) (.cse11 (= ~waterLevel~0 1)) (.cse9 (= ~pumpRunning~0 0)) (.cse12 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse7 (and .cse15 .cse19)) (.cse4 (not .cse10)) (.cse5 (not (= 1 ~systemActive~0))) (.cse16 (and (or .cse1 .cse17) (or .cse3 (not (= |old(~pumpRunning~0)| 1))))) (.cse13 (not (<= |old(~waterLevel~0)| 2))) (.cse14 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse1 .cse2 .cse5 .cse6 .cse7) (or .cse1 .cse2 (and .cse8 .cse9 .cse10 .cse11) .cse4) (or .cse1 (and .cse8 .cse9 .cse12 .cse10) .cse13 .cse4 .cse14) (or .cse15 .cse5 .cse16 .cse11 .cse13 .cse14) (or .cse1 .cse2 .cse6 .cse7 .cse4) (or .cse0 .cse1 .cse2 .cse5 .cse3) (or (and .cse9 .cse11 .cse4) .cse1 .cse2 .cse5) (or .cse5 (and .cse1 .cse9 (= |timeShift_processEnvironment_~tmp~7#1| 1) .cse11 .cse4) (and .cse0 .cse17 .cse18 .cse12 (= ~pumpRunning~0 1)) .cse13 (and .cse9 .cse18 .cse3 .cse12 .cse19) .cse14) (or .cse1 .cse17 .cse13 .cse7 .cse4 .cse14) (or .cse0 .cse1 .cse3 .cse13 .cse4 .cse14) (or .cse0 .cse5 .cse16 .cse3 .cse13 .cse14))))) [2022-11-20 20:56:17,770 INFO L895 garLoopResultBuilder]: At program point L814(line 814) the Hoare annotation is: (let ((.cse2 (not (= 0 ~systemActive~0))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse5 (not (= 1 ~systemActive~0))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse4 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 .cse1 .cse2) (or .cse0 .cse3 .cse2 .cse4) (or .cse0 .cse1 .cse5) (or .cse5 .cse3 .cse4))) [2022-11-20 20:56:17,770 INFO L895 garLoopResultBuilder]: At program point L810(line 810) the Hoare annotation is: (let ((.cse1 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (not (= 0 ~systemActive~0))) (.cse2 (not (<= 2 |old(~waterLevel~0)|))) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse4 (not (= |old(~waterLevel~0)| 1))) (.cse0 (not (= 1 ~systemActive~0)))) (and (or .cse0 .cse1 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) (not (= ~pumpRunning~0 0)) (= |timeShift_processEnvironment_~tmp~7#1| 1) (= ~waterLevel~0 1)) .cse2) (or .cse3 .cse4 .cse5) (or .cse3 .cse1 .cse5 .cse2) (or .cse3 .cse4 .cse0))) [2022-11-20 20:56:17,770 INFO L895 garLoopResultBuilder]: At program point L819(line 819) the Hoare annotation is: (let ((.cse2 (not (= 0 ~systemActive~0))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse5 (or (= ~pumpRunning~0 0) (not (< 0 ~waterLevel~0)))) (.cse6 (not (= 1 ~systemActive~0))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse4 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 .cse1 .cse2) (or .cse0 .cse3 .cse2 .cse4) (or (and .cse5 (= ~waterLevel~0 1)) .cse0 .cse1 .cse6) (or (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse5 (= |old(~waterLevel~0)| ~waterLevel~0)) .cse6 .cse3 .cse4))) [2022-11-20 20:56:17,771 INFO L895 garLoopResultBuilder]: At program point L819-1(lines 800 824) the Hoare annotation is: (let ((.cse1 (= |old(~pumpRunning~0)| 0))) (let ((.cse6 (not (= |old(~waterLevel~0)| 1))) (.cse3 (= ~waterLevel~0 1)) (.cse7 (not (= 0 ~systemActive~0))) (.cse2 (= ~pumpRunning~0 0)) (.cse5 (not .cse1)) (.cse0 (not (= 1 ~systemActive~0))) (.cse10 (= ~methaneLevelCritical~0 0)) (.cse8 (not (<= |old(~waterLevel~0)| 2))) (.cse9 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 .cse1 (and .cse2 (= |timeShift_processEnvironment_~tmp~7#1| 1) .cse3) (< 2 |old(~waterLevel~0)|) .cse4) (or .cse5 .cse6 .cse7) (or .cse5 .cse6 .cse0 (and .cse2 .cse3)) (or .cse5 .cse8 .cse7 .cse4) (or .cse5 (and .cse2 .cse9) .cse10 .cse0 .cse8 .cse4) (or .cse5 .cse0 (not .cse10) .cse8 (and .cse9 (= ~pumpRunning~0 1)) .cse4)))) [2022-11-20 20:56:17,771 INFO L899 garLoopResultBuilder]: For program point L753-1(lines 753 759) no Hoare annotation was computed. [2022-11-20 20:56:17,772 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 742 765) the Hoare annotation is: (let ((.cse1 (= ~pumpRunning~0 0))) (let ((.cse7 (not (= 1 ~systemActive~0))) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse6 (not (= |old(~waterLevel~0)| 1))) (.cse8 (and .cse1 (= ~waterLevel~0 1))) (.cse4 (not (= 0 ~systemActive~0)))) (and (or .cse0 (and .cse1 .cse2) .cse3 .cse4 .cse5) (or .cse0 .cse6 .cse7 .cse8) (or .cse7 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse2) .cse3 .cse5) (or .cse0 .cse6 .cse8 .cse4)))) [2022-11-20 20:56:17,772 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 742 765) no Hoare annotation was computed. [2022-11-20 20:56:17,772 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 661) no Hoare annotation was computed. [2022-11-20 20:56:17,772 INFO L902 garLoopResultBuilder]: At program point L66-1(lines 66 70) the Hoare annotation is: true [2022-11-20 20:56:17,773 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 52 81) no Hoare annotation was computed. [2022-11-20 20:56:17,773 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 52 81) the Hoare annotation is: true [2022-11-20 20:56:17,773 INFO L902 garLoopResultBuilder]: At program point L62-2(lines 62 76) the Hoare annotation is: true [2022-11-20 20:56:17,773 INFO L902 garLoopResultBuilder]: At program point L58(line 58) the Hoare annotation is: true [2022-11-20 20:56:17,773 INFO L899 garLoopResultBuilder]: For program point L58-1(line 58) no Hoare annotation was computed. [2022-11-20 20:56:17,773 INFO L902 garLoopResultBuilder]: At program point L77(lines 52 81) the Hoare annotation is: true [2022-11-20 20:56:17,774 INFO L899 garLoopResultBuilder]: For program point L73(line 73) no Hoare annotation was computed. [2022-11-20 20:56:17,774 INFO L899 garLoopResultBuilder]: For program point L66(lines 66 70) no Hoare annotation was computed. [2022-11-20 20:56:17,774 INFO L895 garLoopResultBuilder]: At program point L700(line 700) the Hoare annotation is: (let ((.cse3 (= 0 ~systemActive~0))) (let ((.cse5 (= 1 ~systemActive~0)) (.cse4 (= ~waterLevel~0 1)) (.cse6 (not .cse3)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse1 (<= 2 ~waterLevel~0) .cse5 .cse2 (<= ~waterLevel~0 2) .cse6) (and .cse0 .cse1 .cse5 .cse2 .cse4 .cse6) (and .cse0 (= 2 ~waterLevel~0) .cse1 .cse2 .cse3)))) [2022-11-20 20:56:17,774 INFO L895 garLoopResultBuilder]: At program point L725(lines 678 727) the Hoare annotation is: (let ((.cse5 (= 1 ~systemActive~0)) (.cse4 (= ~waterLevel~0 1)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (= 0 ~systemActive~0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and (= 2 ~waterLevel~0) .cse1 .cse5 .cse2 (let ((.cse6 (= ~methaneLevelCritical~0 0))) (or (and .cse0 (not .cse6)) (and .cse6 (= ~pumpRunning~0 1))))) (and .cse0 .cse1 .cse5 .cse2 .cse4) (and .cse0 .cse1 (<= 2 ~waterLevel~0) .cse2 (<= ~waterLevel~0 2) .cse3))) [2022-11-20 20:56:17,774 INFO L899 garLoopResultBuilder]: For program point L688(lines 688 694) no Hoare annotation was computed. [2022-11-20 20:56:17,774 INFO L899 garLoopResultBuilder]: For program point L688-1(lines 688 694) no Hoare annotation was computed. [2022-11-20 20:56:17,775 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-20 20:56:17,775 INFO L899 garLoopResultBuilder]: For program point L957(lines 957 963) no Hoare annotation was computed. [2022-11-20 20:56:17,776 INFO L895 garLoopResultBuilder]: At program point L957-1(lines 957 963) the Hoare annotation is: (let ((.cse0 (let ((.cse1 (= ~pumpRunning~0 0)) (.cse2 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse1 .cse2 .cse3 (or (< 1 ~waterLevel~0) (= 0 ~systemActive~0))) (and .cse1 .cse2 (= 1 ~systemActive~0) .cse3))))) (or (and .cse0 (= ~waterLevel~0 1)) (and (<= 2 ~waterLevel~0) (<= ~waterLevel~0 2) .cse0))) [2022-11-20 20:56:17,776 INFO L895 garLoopResultBuilder]: At program point L140(lines 140 147) the Hoare annotation is: (let ((.cse0 (select |#memory_int| 1))) (and (= (select |#length| 15) 25) (= 9 (select |#length| 5)) (= (select |#length| 9) 21) (= 30 (select |#length| 7)) (= 1 (select |#valid| 5)) (= (select |#length| 3) 12) (= (select |#valid| 15) 1) (= ~pumpRunning~0 0) (= (select |#valid| 9) 1) (= (select |#length| 12) 25) (= (select |#valid| 11) 1) (= ~methaneLevelCritical~0 0) (= 30 (select |#length| 4)) (= 31 (select |#length| 2)) (= ~head~0.offset 0) (= |ULTIMATE.start_main_~tmp~0#1| 1) (= 2 (select |#length| 1)) (= (select |#length| 8) 9) (= 1 |ULTIMATE.start_valid_product_~retValue_acc~13#1|) (= (select |#valid| 3) 1) (= (select |#valid| 7) 1) (= 30 (select |#length| 13)) (= 1 ~systemActive~0) (= 30 (select |#length| 10)) (= (select |#valid| 12) 1) (= (select |#valid| 4) 1) (= (select |#valid| 1) 1) (= (select |#length| 6) 21) (= (select |#valid| 14) 1) (= 9 (select |#length| 14)) (= (select |#valid| 0) 0) (= ~head~0.base 0) (= (select |#valid| 2) 1) (= |#NULL.offset| 0) (= 9 (select |#length| 11)) (= ~waterLevel~0 1) (= (select .cse0 0) 48) (= |ULTIMATE.start_valid_product_#res#1| |ULTIMATE.start_valid_product_~retValue_acc~13#1|) (= (select |#valid| 6) 1) (= (select .cse0 1) 0) (= (select |#valid| 10) 1) (= (select |#valid| 8) 1) (= (select |#valid| 13) 1) (< 0 |#StackHeapBarrier|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))) [2022-11-20 20:56:17,777 INFO L902 garLoopResultBuilder]: At program point L140-2(lines 140 147) the Hoare annotation is: true [2022-11-20 20:56:17,777 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-20 20:56:17,777 INFO L902 garLoopResultBuilder]: At program point L731(lines 668 735) the Hoare annotation is: true [2022-11-20 20:56:17,777 INFO L899 garLoopResultBuilder]: For program point L698(lines 698 704) no Hoare annotation was computed. [2022-11-20 20:56:17,777 INFO L899 garLoopResultBuilder]: For program point L698-1(lines 698 704) no Hoare annotation was computed. [2022-11-20 20:56:17,777 INFO L895 garLoopResultBuilder]: At program point L690(line 690) the Hoare annotation is: (let ((.cse6 (= 1 ~systemActive~0)) (.cse4 (= ~waterLevel~0 1)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse5 (<= 2 ~waterLevel~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse7 (<= ~waterLevel~0 2)) (.cse3 (= 0 ~systemActive~0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse1 .cse5 .cse6 .cse2 .cse7 (let ((.cse8 (= ~methaneLevelCritical~0 0))) (or (and .cse0 (not .cse8)) (and .cse8 (= ~pumpRunning~0 1))))) (and .cse0 .cse1 .cse6 .cse2 .cse4) (and .cse0 .cse1 .cse5 .cse2 .cse7 .cse3))) [2022-11-20 20:56:17,778 INFO L895 garLoopResultBuilder]: At program point L959(line 959) the Hoare annotation is: (let ((.cse0 (not (= ~pumpRunning~0 0)))) (and (or (< 1 |old(~waterLevel~0)|) .cse0) (= |ULTIMATE.start_main_~tmp~0#1| 1) (<= 2 ~waterLevel~0) (= 1 ~systemActive~0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0) (<= ~waterLevel~0 2) (or .cse0 (= ~methaneLevelCritical~0 0) (not (= |isMethaneLevelCritical_#res| 0))))) [2022-11-20 20:56:17,778 INFO L895 garLoopResultBuilder]: At program point L728(lines 677 729) the Hoare annotation is: false [2022-11-20 20:56:17,778 INFO L899 garLoopResultBuilder]: For program point L716(lines 716 722) no Hoare annotation was computed. [2022-11-20 20:56:17,778 INFO L895 garLoopResultBuilder]: At program point L716-2(lines 708 723) the Hoare annotation is: (let ((.cse5 (= 1 ~systemActive~0)) (.cse4 (= ~waterLevel~0 1)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (= 0 ~systemActive~0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and (= 2 ~waterLevel~0) .cse1 .cse5 .cse2) (and .cse0 .cse1 .cse5 .cse2 .cse4) (and .cse0 .cse1 (<= 2 ~waterLevel~0) .cse2 (<= ~waterLevel~0 2) .cse3))) [2022-11-20 20:56:17,778 INFO L899 garLoopResultBuilder]: For program point L679(lines 678 727) no Hoare annotation was computed. [2022-11-20 20:56:17,779 INFO L895 garLoopResultBuilder]: At program point L708(lines 708 723) the Hoare annotation is: (let ((.cse5 (= 1 ~systemActive~0)) (.cse4 (= ~waterLevel~0 1)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (= 0 ~systemActive~0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and (= 2 ~waterLevel~0) .cse1 .cse5 .cse2) (and .cse0 .cse1 .cse5 .cse2 .cse4) (and .cse0 .cse1 (<= 2 ~waterLevel~0) .cse2 (<= ~waterLevel~0 2) .cse3))) [2022-11-20 20:56:17,779 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 774 798) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= 1 ~systemActive~0)))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2) (or .cse0 .cse1 .cse2 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2)))) [2022-11-20 20:56:17,779 INFO L895 garLoopResultBuilder]: At program point L793(line 793) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1) (or .cse0 .cse1 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2)))) [2022-11-20 20:56:17,779 INFO L899 garLoopResultBuilder]: For program point L793-1(lines 774 798) no Hoare annotation was computed. [2022-11-20 20:56:17,780 INFO L895 garLoopResultBuilder]: At program point L864(line 864) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1) (or .cse0 .cse1 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~6#1| 1))))) [2022-11-20 20:56:17,781 INFO L895 garLoopResultBuilder]: At program point L864-1(line 864) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1) (or .cse0 .cse1 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2) (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~6#1| 1) (= |processEnvironment__wrappee__highWaterSensor_isMethaneAlarm_#t~ret42#1| ~methaneLevelCritical~0))))) [2022-11-20 20:56:17,781 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 774 798) no Hoare annotation was computed. [2022-11-20 20:56:17,782 INFO L895 garLoopResultBuilder]: At program point L788(line 788) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or (and (= ~pumpRunning~0 0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~6#1| 0)) (not (= ~waterLevel~0 1)) .cse0 .cse1) (or .cse0 .cse1 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2)))) [2022-11-20 20:56:17,782 INFO L899 garLoopResultBuilder]: For program point L782(lines 782 790) no Hoare annotation was computed. [2022-11-20 20:56:17,782 INFO L895 garLoopResultBuilder]: At program point L778(lines 778 795) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= 1 ~systemActive~0)))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2) (or .cse0 .cse1 .cse2 (not (<= ~waterLevel~0 2)) (< ~waterLevel~0 2)))) [2022-11-20 20:56:17,782 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 174 185) no Hoare annotation was computed. [2022-11-20 20:56:17,785 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 174 185) the Hoare annotation is: (let ((.cse2 (not (= 1 ~systemActive~0))) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse0 (not (= ~pumpRunning~0 0))) (.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse4 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 .cse1 .cse2 (= ~waterLevel~0 1)) (or (let ((.cse3 (= ~methaneLevelCritical~0 0))) (and (or .cse0 .cse3) (or (not .cse3) (not (= ~pumpRunning~0 1))))) .cse2 .cse4 .cse5 (not (<= 2 |old(~waterLevel~0)|))) (or (let ((.cse6 (not (= 0 ~systemActive~0)))) (and (or .cse0 (< |old(~waterLevel~0)| 2) .cse5 .cse6) (or .cse0 .cse1 .cse6))) .cse4))) [2022-11-20 20:56:17,789 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-20 20:56:17,792 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-20 20:56:17,855 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 20.11 08:56:17 BoogieIcfgContainer [2022-11-20 20:56:17,871 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-20 20:56:17,871 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-20 20:56:17,872 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-20 20:56:17,872 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-20 20:56:17,873 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 20.11 08:52:17" (3/4) ... [2022-11-20 20:56:17,876 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-20 20:56:17,881 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-11-20 20:56:17,882 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-20 20:56:17,882 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-20 20:56:17,882 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2022-11-20 20:56:17,882 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-20 20:56:17,882 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-20 20:56:17,883 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-20 20:56:17,884 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-20 20:56:17,891 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 49 nodes and edges [2022-11-20 20:56:17,891 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 14 nodes and edges [2022-11-20 20:56:17,892 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 6 nodes and edges [2022-11-20 20:56:17,892 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-20 20:56:17,893 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-20 20:56:17,919 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((((((((((((((((((((((((((((((((unknown-#length-unknown[15] == 25 && 9 == unknown-#length-unknown[5]) && unknown-#length-unknown[9] == 21) && 30 == unknown-#length-unknown[7]) && 1 == \valid[5]) && unknown-#length-unknown[3] == 12) && \valid[15] == 1) && pumpRunning == 0) && \valid[9] == 1) && unknown-#length-unknown[12] == 25) && \valid[11] == 1) && methaneLevelCritical == 0) && 30 == unknown-#length-unknown[4]) && 31 == unknown-#length-unknown[2]) && head == 0) && tmp == 1) && 2 == unknown-#length-unknown[1]) && unknown-#length-unknown[8] == 9) && 1 == retValue_acc) && \valid[3] == 1) && \valid[7] == 1) && 30 == unknown-#length-unknown[13]) && 1 == systemActive) && 30 == unknown-#length-unknown[10]) && \valid[12] == 1) && \valid[4] == 1) && \valid[1] == 1) && unknown-#length-unknown[6] == 21) && \valid[14] == 1) && 9 == unknown-#length-unknown[14]) && \valid[0] == 0) && head == 0) && \valid[2] == 1) && #NULL == 0) && 9 == unknown-#length-unknown[11]) && waterLevel == 1) && unknown-#memory_int-unknown[1][0] == 48) && \result == retValue_acc) && \valid[6] == 1) && unknown-#memory_int-unknown[1][1] == 0) && \valid[10] == 1) && \valid[8] == 1) && \valid[13] == 1) && 0 < unknown-#StackHeapBarrier-unknown) && cleanupTimeShifts == 4) && #NULL == 0 [2022-11-20 20:56:17,920 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1))) && (((!(1 == systemActive) || (pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || !(0 == systemActive)) [2022-11-20 20:56:17,921 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(0 == systemActive)) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && (((!(1 == systemActive) || (pumpRunning == \old(pumpRunning) && ((pumpRunning == 0 && \old(waterLevel) == waterLevel) || (!(pumpRunning == 0) && \old(waterLevel) == waterLevel + 1)))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-11-20 20:56:17,921 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(1 == systemActive) || \old(pumpRunning) == 0) || ((pumpRunning == 0 && tmp == 1) && waterLevel == 1)) || 2 < \old(waterLevel)) || !(2 <= \old(waterLevel))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(0 == systemActive))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || methaneLevelCritical == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1)) || !(2 <= \old(waterLevel))) [2022-11-20 20:56:17,922 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(1 == systemActive)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || waterLevel < 2) [2022-11-20 20:56:17,922 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((tmp == 0 || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(tmp == 0))) && ((((tmp == 0 || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 1)) || !(0 == systemActive)) || !(tmp == 0))) && ((((!(1 == systemActive) || (((!(\old(pumpRunning) == 0) && pumpRunning == 0) && tmp == 1) && waterLevel == 1)) || (((\old(pumpRunning) == 0 && ((tmp == 0 && pumpRunning == 1) || (pumpRunning == 0 && !(tmp == 0)))) && \old(waterLevel) == waterLevel) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1)))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((tmp == 0 || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((!(0 < waterLevel) && waterLevel <= \old(waterLevel)) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && waterLevel == 1))) && (((((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(tmp == 0)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || (((!(0 < waterLevel) && waterLevel <= \old(waterLevel)) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && \old(waterLevel) == waterLevel)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == 0 && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel)) || !(0 == systemActive))) && (((((tmp == 0 || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel))) [2022-11-20 20:56:17,922 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((tmp == 0 || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 0)) || !(0 == systemActive)) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || (tmp___0 == 0 && !(tmp == 0)))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && 0 == systemActive) && waterLevel == 1)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || (((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && \old(waterLevel) == waterLevel) && 0 == systemActive)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && (((((tmp___0 == 0 || !(1 == systemActive)) || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 1)) || (tmp___0 == 0 && !(tmp == 0))) || !(0 == systemActive))) && ((((tmp == 0 || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive))) && (((((!(1 == systemActive) || ((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && tmp == 1) && waterLevel == 1) && !(0 == systemActive))) || ((((tmp == 0 && methaneLevelCritical == 0) && \old(pumpRunning) == 0) && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(\old(waterLevel) <= 2)) || ((((pumpRunning == 0 && \old(pumpRunning) == 0) && !(methaneLevelCritical == 0)) && \old(waterLevel) == waterLevel) && !(tmp == 0))) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) || !(\old(waterLevel) <= 2)) || (tmp___0 == 0 && !(tmp == 0))) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && (((((tmp == 0 || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && (((((tmp == 0 || !(1 == systemActive)) || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-11-20 20:56:17,923 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || waterLevel < 2) || ((pumpRunning == 0 && tmp == 1) && aux-isMethaneLevelCritical()-aux == methaneLevelCritical)) [2022-11-20 20:56:17,924 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(0 == systemActive)) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive))) && ((!(1 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-11-20 20:56:17,955 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/witness.graphml [2022-11-20 20:56:17,956 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-20 20:56:17,956 INFO L158 Benchmark]: Toolchain (without parser) took 242284.78ms. Allocated memory was 125.8MB in the beginning and 1.2GB in the end (delta: 1.1GB). Free memory was 86.7MB in the beginning and 474.8MB in the end (delta: -388.1MB). Peak memory consumption was 717.1MB. Max. memory is 16.1GB. [2022-11-20 20:56:17,957 INFO L158 Benchmark]: CDTParser took 0.32ms. Allocated memory is still 125.8MB. Free memory was 95.8MB in the beginning and 95.7MB in the end (delta: 134.2kB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-20 20:56:17,957 INFO L158 Benchmark]: CACSL2BoogieTranslator took 539.47ms. Allocated memory is still 125.8MB. Free memory was 86.2MB in the beginning and 67.3MB in the end (delta: 18.9MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2022-11-20 20:56:17,958 INFO L158 Benchmark]: Boogie Procedure Inliner took 49.39ms. Allocated memory is still 125.8MB. Free memory was 67.3MB in the beginning and 64.8MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-20 20:56:17,958 INFO L158 Benchmark]: Boogie Preprocessor took 62.18ms. Allocated memory is still 125.8MB. Free memory was 64.8MB in the beginning and 63.6MB in the end (delta: 1.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-20 20:56:17,958 INFO L158 Benchmark]: RCFGBuilder took 811.68ms. Allocated memory is still 125.8MB. Free memory was 63.2MB in the beginning and 92.9MB in the end (delta: -29.8MB). Peak memory consumption was 30.7MB. Max. memory is 16.1GB. [2022-11-20 20:56:17,959 INFO L158 Benchmark]: TraceAbstraction took 240730.41ms. Allocated memory was 125.8MB in the beginning and 1.2GB in the end (delta: 1.1GB). Free memory was 92.2MB in the beginning and 481.0MB in the end (delta: -388.9MB). Peak memory consumption was 757.8MB. Max. memory is 16.1GB. [2022-11-20 20:56:17,959 INFO L158 Benchmark]: Witness Printer took 84.28ms. Allocated memory is still 1.2GB. Free memory was 481.0MB in the beginning and 474.8MB in the end (delta: 6.3MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-11-20 20:56:17,961 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.32ms. Allocated memory is still 125.8MB. Free memory was 95.8MB in the beginning and 95.7MB in the end (delta: 134.2kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 539.47ms. Allocated memory is still 125.8MB. Free memory was 86.2MB in the beginning and 67.3MB in the end (delta: 18.9MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 49.39ms. Allocated memory is still 125.8MB. Free memory was 67.3MB in the beginning and 64.8MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 62.18ms. Allocated memory is still 125.8MB. Free memory was 64.8MB in the beginning and 63.6MB in the end (delta: 1.3MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 811.68ms. Allocated memory is still 125.8MB. Free memory was 63.2MB in the beginning and 92.9MB in the end (delta: -29.8MB). Peak memory consumption was 30.7MB. Max. memory is 16.1GB. * TraceAbstraction took 240730.41ms. Allocated memory was 125.8MB in the beginning and 1.2GB in the end (delta: 1.1GB). Free memory was 92.2MB in the beginning and 481.0MB in the end (delta: -388.9MB). Peak memory consumption was 757.8MB. Max. memory is 16.1GB. * Witness Printer took 84.28ms. Allocated memory is still 1.2GB. Free memory was 481.0MB in the beginning and 474.8MB in the end (delta: 6.3MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 661]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 65 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 240.6s, OverallIterations: 12, TraceHistogramMax: 7, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 27.7s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 127.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 7239 SdHoareTripleChecker+Valid, 11.0s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 7197 mSDsluCounter, 5508 SdHoareTripleChecker+Invalid, 9.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 4680 mSDsCounter, 4342 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 11286 IncrementalHoareTripleChecker+Invalid, 15628 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 4342 mSolverCounterUnsat, 828 mSDtfsCounter, 11286 mSolverCounterSat, 0.2s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 1923 GetRequests, 1239 SyntacticMatches, 61 SemanticMatches, 623 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 30363 ImplicationChecksByTransitivity, 66.0s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=2941occurred in iteration=11, InterpolantAutomatonStates: 336, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 2.2s AutomataMinimizationTime, 12 MinimizatonAttempts, 2900 StatesRemovedByMinimization, 9 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 38 LocationsWithAnnotation, 5709 PreInvPairs, 6340 NumberOfFragments, 2493 HoareAnnotationTreeSize, 5709 FomulaSimplifications, 58997 FormulaSimplificationTreeSizeReduction, 97.2s HoareSimplificationTime, 38 FomulaSimplificationsInter, 1152504 FormulaSimplificationTreeSizeReductionInter, 29.5s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.2s SsaConstructionTime, 0.6s SatisfiabilityAnalysisTime, 11.9s InterpolantComputationTime, 1151 NumberOfCodeBlocks, 1151 NumberOfCodeBlocksAsserted, 18 NumberOfCheckSat, 1618 ConstructedInterpolants, 0 QuantifiedInterpolants, 6753 SizeOfPredicates, 77 NumberOfNonLiveVariables, 2094 ConjunctsInSsa, 197 ConjunctsInUnsatCore, 24 InterpolantComputations, 6 PerfectInterpolantSequences, 1008/1427 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: OVERALL_TIME: 2.5s, ICFG_INTERPRETER_ENTERED_PROCEDURES: 4, DAG_INTERPRETER_EARLY_EXIT_QUERIES_NONTRIVIAL: 24, DAG_INTERPRETER_EARLY_EXITS: 3, TOOLS_POST_APPLICATIONS: 23, TOOLS_POST_TIME: 0.9s, TOOLS_POST_CALL_APPLICATIONS: 9, TOOLS_POST_CALL_TIME: 1.0s, TOOLS_POST_RETURN_APPLICATIONS: 6, TOOLS_POST_RETURN_TIME: 0.3s, TOOLS_QUANTIFIERELIM_APPLICATIONS: 38, TOOLS_QUANTIFIERELIM_TIME: 2.2s, TOOLS_QUANTIFIERELIM_MAX_TIME: 0.7s, FLUID_QUERY_TIME: 0.0s, FLUID_QUERIES: 62, FLUID_YES_ANSWERS: 0, DOMAIN_JOIN_APPLICATIONS: 3, DOMAIN_JOIN_TIME: 0.1s, DOMAIN_ALPHA_APPLICATIONS: 0, DOMAIN_ALPHA_TIME: 0.0s, DOMAIN_WIDEN_APPLICATIONS: 0, DOMAIN_WIDEN_TIME: 0.0s, DOMAIN_ISSUBSETEQ_APPLICATIONS: 0, DOMAIN_ISSUBSETEQ_TIME: 0.0s, DOMAIN_ISBOTTOM_APPLICATIONS: 24, DOMAIN_ISBOTTOM_TIME: 0.1s, LOOP_SUMMARIZER_APPLICATIONS: 0, LOOP_SUMMARIZER_CACHE_MISSES: 0, LOOP_SUMMARIZER_OVERALL_TIME: 0.0s, LOOP_SUMMARIZER_NEW_COMPUTATION_TIME: 0.0s, LOOP_SUMMARIZER_FIXPOINT_ITERATIONS: 0, CALL_SUMMARIZER_APPLICATIONS: 6, CALL_SUMMARIZER_CACHE_MISSES: 3, CALL_SUMMARIZER_OVERALL_TIME: 0.1s, CALL_SUMMARIZER_NEW_COMPUTATION_TIME: 0.1s, PROCEDURE_GRAPH_BUILDER_TIME: 0.0s, PATH_EXPR_TIME: 0.0s, REGEX_TO_DAG_TIME: 0.0s, DAG_COMPRESSION_TIME: 0.0s, DAG_COMPRESSION_PROCESSED_NODES: 286, DAG_COMPRESSION_RETAINED_NODES: 94, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 52]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 140]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 661]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(0 == systemActive)) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive))) && ((!(1 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 140]: Loop Invariant Derived loop invariant: ((((((((((((((((((((((((((((((((((((((((((((unknown-#length-unknown[15] == 25 && 9 == unknown-#length-unknown[5]) && unknown-#length-unknown[9] == 21) && 30 == unknown-#length-unknown[7]) && 1 == \valid[5]) && unknown-#length-unknown[3] == 12) && \valid[15] == 1) && pumpRunning == 0) && \valid[9] == 1) && unknown-#length-unknown[12] == 25) && \valid[11] == 1) && methaneLevelCritical == 0) && 30 == unknown-#length-unknown[4]) && 31 == unknown-#length-unknown[2]) && head == 0) && tmp == 1) && 2 == unknown-#length-unknown[1]) && unknown-#length-unknown[8] == 9) && 1 == retValue_acc) && \valid[3] == 1) && \valid[7] == 1) && 30 == unknown-#length-unknown[13]) && 1 == systemActive) && 30 == unknown-#length-unknown[10]) && \valid[12] == 1) && \valid[4] == 1) && \valid[1] == 1) && unknown-#length-unknown[6] == 21) && \valid[14] == 1) && 9 == unknown-#length-unknown[14]) && \valid[0] == 0) && head == 0) && \valid[2] == 1) && #NULL == 0) && 9 == unknown-#length-unknown[11]) && waterLevel == 1) && unknown-#memory_int-unknown[1][0] == 48) && \result == retValue_acc) && \valid[6] == 1) && unknown-#memory_int-unknown[1][1] == 0) && \valid[10] == 1) && \valid[8] == 1) && \valid[13] == 1) && 0 < unknown-#StackHeapBarrier-unknown) && cleanupTimeShifts == 4) && #NULL == 0 - InvariantResult [Line: 742]: Loop Invariant Derived loop invariant: ((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1))) && (((!(1 == systemActive) || (pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (pumpRunning == 0 && waterLevel == 1)) || !(0 == systemActive)) - InvariantResult [Line: 864]: Loop Invariant Derived loop invariant: ((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || waterLevel < 2) || ((pumpRunning == 0 && tmp == 1) && aux-isMethaneLevelCritical()-aux == methaneLevelCritical)) - InvariantResult [Line: 678]: Loop Invariant Derived loop invariant: ((((((pumpRunning == 0 && tmp == 1) && splverifierCounter == 0) && 0 == systemActive) && waterLevel == 1) || ((((2 == waterLevel && tmp == 1) && 1 == systemActive) && splverifierCounter == 0) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1)))) || ((((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && splverifierCounter == 0) && waterLevel == 1)) || (((((pumpRunning == 0 && tmp == 1) && 2 <= waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && 0 == systemActive) - InvariantResult [Line: 957]: Loop Invariant Derived loop invariant: (((((pumpRunning == 0 && tmp == 1) && splverifierCounter == 0) && (1 < waterLevel || 0 == systemActive)) || (((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && splverifierCounter == 0)) && waterLevel == 1) || ((2 <= waterLevel && waterLevel <= 2) && ((((pumpRunning == 0 && tmp == 1) && splverifierCounter == 0) && (1 < waterLevel || 0 == systemActive)) || (((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && splverifierCounter == 0))) - InvariantResult [Line: 273]: Loop Invariant Derived loop invariant: ((((((((((((((tmp == 0 || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(tmp == 0))) && ((((tmp == 0 || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 1)) || !(0 == systemActive)) || !(tmp == 0))) && ((((!(1 == systemActive) || (((!(\old(pumpRunning) == 0) && pumpRunning == 0) && tmp == 1) && waterLevel == 1)) || (((\old(pumpRunning) == 0 && ((tmp == 0 && pumpRunning == 1) || (pumpRunning == 0 && !(tmp == 0)))) && \old(waterLevel) == waterLevel) && ((pumpRunning == 0 && !(methaneLevelCritical == 0)) || (methaneLevelCritical == 0 && pumpRunning == 1)))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((tmp == 0 || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((!(0 < waterLevel) && waterLevel <= \old(waterLevel)) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && waterLevel == 1))) && (((((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(tmp == 0)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || (((!(0 < waterLevel) && waterLevel <= \old(waterLevel)) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && \old(waterLevel) == waterLevel)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || ((pumpRunning == 0 && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel)) || !(0 == systemActive))) && (((((tmp == 0 || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 708]: Loop Invariant Derived loop invariant: ((((((pumpRunning == 0 && tmp == 1) && splverifierCounter == 0) && 0 == systemActive) && waterLevel == 1) || (((2 == waterLevel && tmp == 1) && 1 == systemActive) && splverifierCounter == 0)) || ((((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && splverifierCounter == 0) && waterLevel == 1)) || (((((pumpRunning == 0 && tmp == 1) && 2 <= waterLevel) && splverifierCounter == 0) && waterLevel <= 2) && 0 == systemActive) - InvariantResult [Line: 668]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 778]: Loop Invariant Derived loop invariant: (((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(1 == systemActive)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(waterLevel <= 2)) || waterLevel < 2) - InvariantResult [Line: 62]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 804]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(0 == systemActive)) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && (((!(1 == systemActive) || (pumpRunning == \old(pumpRunning) && ((pumpRunning == 0 && \old(waterLevel) == waterLevel) || (!(pumpRunning == 0) && \old(waterLevel) == waterLevel + 1)))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 677]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 265]: Loop Invariant Derived loop invariant: ((((((((((((((tmp == 0 || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 0)) || !(0 == systemActive)) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || (tmp___0 == 0 && !(tmp == 0)))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || (((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && 0 == systemActive) && waterLevel == 1)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || (((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && \old(waterLevel) == waterLevel) && 0 == systemActive)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && (((((tmp___0 == 0 || !(1 == systemActive)) || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || waterLevel == 1) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 1)) || (tmp___0 == 0 && !(tmp == 0))) || !(0 == systemActive))) && ((((tmp == 0 || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((((pumpRunning == 0 && waterLevel == 1) && !(0 == systemActive)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive))) && (((((!(1 == systemActive) || ((((!(\old(pumpRunning) == 0) && pumpRunning == 0) && tmp == 1) && waterLevel == 1) && !(0 == systemActive))) || ((((tmp == 0 && methaneLevelCritical == 0) && \old(pumpRunning) == 0) && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(\old(waterLevel) <= 2)) || ((((pumpRunning == 0 && \old(pumpRunning) == 0) && !(methaneLevelCritical == 0)) && \old(waterLevel) == waterLevel) && !(tmp == 0))) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) || !(\old(waterLevel) <= 2)) || (tmp___0 == 0 && !(tmp == 0))) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && (((((tmp == 0 || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && (((((tmp == 0 || !(1 == systemActive)) || ((!(\old(pumpRunning) == 0) || methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)))) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 800]: Loop Invariant Derived loop invariant: ((((((((!(1 == systemActive) || \old(pumpRunning) == 0) || ((pumpRunning == 0 && tmp == 1) && waterLevel == 1)) || 2 < \old(waterLevel)) || !(2 <= \old(waterLevel))) && ((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(0 == systemActive))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (pumpRunning == 0 && waterLevel == 1))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || methaneLevelCritical == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1)) || !(2 <= \old(waterLevel))) RESULT: Ultimate proved your program to be correct! [2022-11-20 20:56:18,015 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_c6bf6998-419b-4f11-aaff-52c5bf4f4c26/bin/utaipan-6cKwYrpEi9/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE