./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product41.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 4e7fbc69 Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/bin/utaipan-Q6hlc19bkW/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/bin/utaipan-Q6hlc19bkW/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/bin/utaipan-Q6hlc19bkW/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/bin/utaipan-Q6hlc19bkW/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product41.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/bin/utaipan-Q6hlc19bkW/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/bin/utaipan-Q6hlc19bkW --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 6e630fd4f7f92b97a7712eadcda02cdabe0d357899fc48fb3e7885213e7a8b80 --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-4e7fbc6 [2022-11-23 14:27:12,152 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-23 14:27:12,155 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-23 14:27:12,191 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-23 14:27:12,191 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-23 14:27:12,195 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-23 14:27:12,197 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-23 14:27:12,201 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-23 14:27:12,204 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-23 14:27:12,210 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-23 14:27:12,212 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-23 14:27:12,214 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-23 14:27:12,215 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-23 14:27:12,220 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-23 14:27:12,222 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-23 14:27:12,224 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-23 14:27:12,226 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-23 14:27:12,227 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-23 14:27:12,228 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-23 14:27:12,236 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-23 14:27:12,237 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-23 14:27:12,240 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-23 14:27:12,242 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-23 14:27:12,243 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-23 14:27:12,251 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-23 14:27:12,252 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-23 14:27:12,252 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-23 14:27:12,253 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-23 14:27:12,254 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-23 14:27:12,255 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-23 14:27:12,256 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-23 14:27:12,257 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-23 14:27:12,259 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-23 14:27:12,261 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-23 14:27:12,263 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-23 14:27:12,263 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-23 14:27:12,264 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-23 14:27:12,265 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-23 14:27:12,265 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-23 14:27:12,267 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-23 14:27:12,267 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-23 14:27:12,268 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/bin/utaipan-Q6hlc19bkW/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-23 14:27:12,307 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-23 14:27:12,308 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-23 14:27:12,308 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-23 14:27:12,308 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-23 14:27:12,309 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-23 14:27:12,309 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-23 14:27:12,309 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-23 14:27:12,311 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-23 14:27:12,312 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-23 14:27:12,312 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-23 14:27:12,313 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-23 14:27:12,313 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-23 14:27:12,313 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-23 14:27:12,314 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-23 14:27:12,314 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-23 14:27:12,314 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-23 14:27:12,314 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-23 14:27:12,314 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-23 14:27:12,316 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-23 14:27:12,316 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-23 14:27:12,316 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-23 14:27:12,316 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-23 14:27:12,317 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-23 14:27:12,317 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-23 14:27:12,317 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-23 14:27:12,317 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-23 14:27:12,318 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-23 14:27:12,318 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-23 14:27:12,318 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-23 14:27:12,318 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-23 14:27:12,318 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-23 14:27:12,319 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-23 14:27:12,319 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-23 14:27:12,319 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-23 14:27:12,319 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-23 14:27:12,320 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-23 14:27:12,320 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-23 14:27:12,320 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-23 14:27:12,320 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-23 14:27:12,320 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-23 14:27:12,321 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-23 14:27:12,321 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/bin/utaipan-Q6hlc19bkW/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/bin/utaipan-Q6hlc19bkW Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 6e630fd4f7f92b97a7712eadcda02cdabe0d357899fc48fb3e7885213e7a8b80 [2022-11-23 14:27:12,629 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-23 14:27:12,661 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-23 14:27:12,664 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-23 14:27:12,665 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-23 14:27:12,665 INFO L275 PluginConnector]: CDTParser initialized [2022-11-23 14:27:12,667 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/bin/utaipan-Q6hlc19bkW/../../sv-benchmarks/c/product-lines/minepump_spec5_product41.cil.c [2022-11-23 14:27:15,576 INFO L500 CDTParser]: Created temporary CDT project at NULL [2022-11-23 14:27:15,819 INFO L351 CDTParser]: Found 1 translation units. [2022-11-23 14:27:15,820 INFO L172 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/sv-benchmarks/c/product-lines/minepump_spec5_product41.cil.c [2022-11-23 14:27:15,831 INFO L394 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/bin/utaipan-Q6hlc19bkW/data/eaf50c0cc/f5864052816c4073981712e63d0d51c4/FLAG32265b01e [2022-11-23 14:27:15,846 INFO L402 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/bin/utaipan-Q6hlc19bkW/data/eaf50c0cc/f5864052816c4073981712e63d0d51c4 [2022-11-23 14:27:15,848 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-23 14:27:15,850 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-23 14:27:15,851 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-23 14:27:15,852 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-23 14:27:15,857 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-23 14:27:15,858 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 23.11 02:27:15" (1/1) ... [2022-11-23 14:27:15,860 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@464c6f07 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:15, skipping insertion in model container [2022-11-23 14:27:15,860 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 23.11 02:27:15" (1/1) ... [2022-11-23 14:27:15,868 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-23 14:27:15,912 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-23 14:27:16,182 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/sv-benchmarks/c/product-lines/minepump_spec5_product41.cil.c[18234,18247] [2022-11-23 14:27:16,191 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-23 14:27:16,212 INFO L203 MainTranslator]: Completed pre-run [2022-11-23 14:27:16,327 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/sv-benchmarks/c/product-lines/minepump_spec5_product41.cil.c[18234,18247] [2022-11-23 14:27:16,328 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-23 14:27:16,352 INFO L208 MainTranslator]: Completed translation [2022-11-23 14:27:16,353 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:16 WrapperNode [2022-11-23 14:27:16,353 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-23 14:27:16,355 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-23 14:27:16,355 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-23 14:27:16,355 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-23 14:27:16,362 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:16" (1/1) ... [2022-11-23 14:27:16,383 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:16" (1/1) ... [2022-11-23 14:27:16,424 INFO L138 Inliner]: procedures = 55, calls = 98, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 195 [2022-11-23 14:27:16,424 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-23 14:27:16,425 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-23 14:27:16,425 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-23 14:27:16,425 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-23 14:27:16,442 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:16" (1/1) ... [2022-11-23 14:27:16,443 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:16" (1/1) ... [2022-11-23 14:27:16,447 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:16" (1/1) ... [2022-11-23 14:27:16,453 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:16" (1/1) ... [2022-11-23 14:27:16,457 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:16" (1/1) ... [2022-11-23 14:27:16,466 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:16" (1/1) ... [2022-11-23 14:27:16,477 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:16" (1/1) ... [2022-11-23 14:27:16,478 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:16" (1/1) ... [2022-11-23 14:27:16,481 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-23 14:27:16,482 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-23 14:27:16,482 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-23 14:27:16,482 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-23 14:27:16,483 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:16" (1/1) ... [2022-11-23 14:27:16,498 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-23 14:27:16,511 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/bin/utaipan-Q6hlc19bkW/z3 [2022-11-23 14:27:16,525 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/bin/utaipan-Q6hlc19bkW/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-23 14:27:16,554 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/bin/utaipan-Q6hlc19bkW/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-23 14:27:16,569 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-23 14:27:16,569 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-23 14:27:16,570 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-23 14:27:16,570 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-23 14:27:16,570 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-23 14:27:16,570 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-23 14:27:16,570 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-23 14:27:16,570 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-23 14:27:16,570 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-23 14:27:16,571 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-11-23 14:27:16,571 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-11-23 14:27:16,571 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-23 14:27:16,571 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-23 14:27:16,571 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-23 14:27:16,571 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-23 14:27:16,571 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-23 14:27:16,650 INFO L235 CfgBuilder]: Building ICFG [2022-11-23 14:27:16,652 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-23 14:27:16,980 INFO L276 CfgBuilder]: Performing block encoding [2022-11-23 14:27:17,175 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-23 14:27:17,176 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-23 14:27:17,178 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 23.11 02:27:17 BoogieIcfgContainer [2022-11-23 14:27:17,178 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-23 14:27:17,181 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-23 14:27:17,181 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-23 14:27:17,184 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-23 14:27:17,184 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 23.11 02:27:15" (1/3) ... [2022-11-23 14:27:17,185 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@76323911 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 23.11 02:27:17, skipping insertion in model container [2022-11-23 14:27:17,185 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:16" (2/3) ... [2022-11-23 14:27:17,186 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@76323911 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 23.11 02:27:17, skipping insertion in model container [2022-11-23 14:27:17,186 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 23.11 02:27:17" (3/3) ... [2022-11-23 14:27:17,187 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product41.cil.c [2022-11-23 14:27:17,212 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-23 14:27:17,212 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-23 14:27:17,290 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-23 14:27:17,299 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@33a070de, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-23 14:27:17,300 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-23 14:27:17,305 INFO L276 IsEmpty]: Start isEmpty. Operand has 51 states, 33 states have (on average 1.4242424242424243) internal successors, (47), 39 states have internal predecessors, (47), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-11-23 14:27:17,315 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2022-11-23 14:27:17,315 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:27:17,316 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:27:17,317 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:27:17,325 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:27:17,326 INFO L85 PathProgramCache]: Analyzing trace with hash 403795968, now seen corresponding path program 1 times [2022-11-23 14:27:17,336 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:27:17,337 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1999469973] [2022-11-23 14:27:17,338 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:27:17,338 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:27:17,467 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:27:17,537 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-23 14:27:17,537 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:27:17,538 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1999469973] [2022-11-23 14:27:17,539 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1999469973] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 14:27:17,539 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 14:27:17,539 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-23 14:27:17,541 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1252262222] [2022-11-23 14:27:17,541 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 14:27:17,546 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-23 14:27:17,546 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:27:17,574 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-23 14:27:17,575 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-23 14:27:17,578 INFO L87 Difference]: Start difference. First operand has 51 states, 33 states have (on average 1.4242424242424243) internal successors, (47), 39 states have internal predecessors, (47), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-23 14:27:17,657 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:27:17,658 INFO L93 Difference]: Finished difference Result 100 states and 135 transitions. [2022-11-23 14:27:17,674 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-23 14:27:17,675 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 21 [2022-11-23 14:27:17,676 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:27:17,685 INFO L225 Difference]: With dead ends: 100 [2022-11-23 14:27:17,685 INFO L226 Difference]: Without dead ends: 46 [2022-11-23 14:27:17,688 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-23 14:27:17,699 INFO L413 NwaCegarLoop]: 49 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 15 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 49 SdHoareTripleChecker+Invalid, 16 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 15 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-23 14:27:17,700 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 49 Invalid, 16 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 15 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-23 14:27:17,716 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 46 states. [2022-11-23 14:27:17,735 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 46 to 46. [2022-11-23 14:27:17,736 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 46 states, 30 states have (on average 1.3) internal successors, (39), 35 states have internal predecessors, (39), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-23 14:27:17,741 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 46 states to 46 states and 58 transitions. [2022-11-23 14:27:17,743 INFO L78 Accepts]: Start accepts. Automaton has 46 states and 58 transitions. Word has length 21 [2022-11-23 14:27:17,743 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:27:17,743 INFO L495 AbstractCegarLoop]: Abstraction has 46 states and 58 transitions. [2022-11-23 14:27:17,744 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-23 14:27:17,744 INFO L276 IsEmpty]: Start isEmpty. Operand 46 states and 58 transitions. [2022-11-23 14:27:17,746 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2022-11-23 14:27:17,746 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:27:17,746 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:27:17,747 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-23 14:27:17,747 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:27:17,748 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:27:17,748 INFO L85 PathProgramCache]: Analyzing trace with hash 2120210632, now seen corresponding path program 1 times [2022-11-23 14:27:17,748 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:27:17,748 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1016135791] [2022-11-23 14:27:17,749 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:27:17,749 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:27:17,787 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:27:17,938 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-23 14:27:17,939 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:27:17,939 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1016135791] [2022-11-23 14:27:17,939 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1016135791] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 14:27:17,940 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 14:27:17,940 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-23 14:27:17,940 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [628159978] [2022-11-23 14:27:17,940 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 14:27:17,942 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-23 14:27:17,942 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:27:17,943 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-23 14:27:17,943 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-23 14:27:17,943 INFO L87 Difference]: Start difference. First operand 46 states and 58 transitions. Second operand has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-23 14:27:18,002 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:27:18,002 INFO L93 Difference]: Finished difference Result 69 states and 87 transitions. [2022-11-23 14:27:18,003 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-23 14:27:18,003 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 22 [2022-11-23 14:27:18,003 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:27:18,004 INFO L225 Difference]: With dead ends: 69 [2022-11-23 14:27:18,004 INFO L226 Difference]: Without dead ends: 38 [2022-11-23 14:27:18,005 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-23 14:27:18,006 INFO L413 NwaCegarLoop]: 35 mSDtfsCounter, 7 mSDsluCounter, 26 mSDsCounter, 0 mSdLazyCounter, 21 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 10 SdHoareTripleChecker+Valid, 61 SdHoareTripleChecker+Invalid, 21 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 21 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-23 14:27:18,007 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [10 Valid, 61 Invalid, 21 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 21 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-23 14:27:18,008 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 38 states. [2022-11-23 14:27:18,014 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 38 to 38. [2022-11-23 14:27:18,014 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 38 states, 25 states have (on average 1.32) internal successors, (33), 30 states have internal predecessors, (33), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-11-23 14:27:18,015 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 38 states to 38 states and 47 transitions. [2022-11-23 14:27:18,015 INFO L78 Accepts]: Start accepts. Automaton has 38 states and 47 transitions. Word has length 22 [2022-11-23 14:27:18,015 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:27:18,016 INFO L495 AbstractCegarLoop]: Abstraction has 38 states and 47 transitions. [2022-11-23 14:27:18,016 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-23 14:27:18,016 INFO L276 IsEmpty]: Start isEmpty. Operand 38 states and 47 transitions. [2022-11-23 14:27:18,017 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2022-11-23 14:27:18,017 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:27:18,017 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:27:18,018 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-23 14:27:18,018 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:27:18,018 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:27:18,019 INFO L85 PathProgramCache]: Analyzing trace with hash 1586864102, now seen corresponding path program 1 times [2022-11-23 14:27:18,019 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:27:18,019 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [298756395] [2022-11-23 14:27:18,019 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:27:18,020 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:27:18,053 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:27:18,145 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-23 14:27:18,145 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:27:18,146 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [298756395] [2022-11-23 14:27:18,146 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [298756395] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 14:27:18,146 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 14:27:18,147 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-23 14:27:18,147 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [436709236] [2022-11-23 14:27:18,147 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 14:27:18,148 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-23 14:27:18,148 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:27:18,148 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-23 14:27:18,149 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-23 14:27:18,149 INFO L87 Difference]: Start difference. First operand 38 states and 47 transitions. Second operand has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-23 14:27:18,185 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:27:18,185 INFO L93 Difference]: Finished difference Result 74 states and 93 transitions. [2022-11-23 14:27:18,185 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-23 14:27:18,186 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 24 [2022-11-23 14:27:18,186 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:27:18,187 INFO L225 Difference]: With dead ends: 74 [2022-11-23 14:27:18,187 INFO L226 Difference]: Without dead ends: 38 [2022-11-23 14:27:18,188 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-23 14:27:18,189 INFO L413 NwaCegarLoop]: 33 mSDtfsCounter, 34 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 13 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 34 SdHoareTripleChecker+Valid, 33 SdHoareTripleChecker+Invalid, 13 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 13 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-23 14:27:18,190 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [34 Valid, 33 Invalid, 13 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 13 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-23 14:27:18,191 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 38 states. [2022-11-23 14:27:18,197 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 38 to 38. [2022-11-23 14:27:18,198 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 38 states, 25 states have (on average 1.28) internal successors, (32), 30 states have internal predecessors, (32), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-11-23 14:27:18,199 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 38 states to 38 states and 46 transitions. [2022-11-23 14:27:18,199 INFO L78 Accepts]: Start accepts. Automaton has 38 states and 46 transitions. Word has length 24 [2022-11-23 14:27:18,200 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:27:18,201 INFO L495 AbstractCegarLoop]: Abstraction has 38 states and 46 transitions. [2022-11-23 14:27:18,201 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-23 14:27:18,201 INFO L276 IsEmpty]: Start isEmpty. Operand 38 states and 46 transitions. [2022-11-23 14:27:18,202 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2022-11-23 14:27:18,202 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:27:18,202 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:27:18,203 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-23 14:27:18,203 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:27:18,203 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:27:18,204 INFO L85 PathProgramCache]: Analyzing trace with hash 42707982, now seen corresponding path program 1 times [2022-11-23 14:27:18,204 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:27:18,204 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [471361275] [2022-11-23 14:27:18,204 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:27:18,205 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:27:18,236 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:27:18,726 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-23 14:27:18,727 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:27:18,727 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [471361275] [2022-11-23 14:27:18,727 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [471361275] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 14:27:18,728 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 14:27:18,729 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-23 14:27:18,729 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1448375853] [2022-11-23 14:27:18,729 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 14:27:18,730 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-23 14:27:18,730 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:27:18,731 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-23 14:27:18,731 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=8, Invalid=12, Unknown=0, NotChecked=0, Total=20 [2022-11-23 14:27:18,732 INFO L87 Difference]: Start difference. First operand 38 states and 46 transitions. Second operand has 5 states, 5 states have (on average 4.2) internal successors, (21), 5 states have internal predecessors, (21), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-23 14:27:18,903 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:27:18,903 INFO L93 Difference]: Finished difference Result 119 states and 147 transitions. [2022-11-23 14:27:18,904 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-23 14:27:18,904 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 4.2) internal successors, (21), 5 states have internal predecessors, (21), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 27 [2022-11-23 14:27:18,904 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:27:18,910 INFO L225 Difference]: With dead ends: 119 [2022-11-23 14:27:18,910 INFO L226 Difference]: Without dead ends: 83 [2022-11-23 14:27:18,913 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=13, Invalid=17, Unknown=0, NotChecked=0, Total=30 [2022-11-23 14:27:18,914 INFO L413 NwaCegarLoop]: 55 mSDtfsCounter, 68 mSDsluCounter, 84 mSDsCounter, 0 mSdLazyCounter, 42 mSolverCounterSat, 20 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 70 SdHoareTripleChecker+Valid, 139 SdHoareTripleChecker+Invalid, 62 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 20 IncrementalHoareTripleChecker+Valid, 42 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-23 14:27:18,915 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [70 Valid, 139 Invalid, 62 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [20 Valid, 42 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-23 14:27:18,915 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 83 states. [2022-11-23 14:27:18,939 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 83 to 68. [2022-11-23 14:27:18,939 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 68 states, 46 states have (on average 1.2608695652173914) internal successors, (58), 52 states have internal predecessors, (58), 12 states have call successors, (12), 9 states have call predecessors, (12), 9 states have return successors, (12), 11 states have call predecessors, (12), 12 states have call successors, (12) [2022-11-23 14:27:18,942 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 68 states to 68 states and 82 transitions. [2022-11-23 14:27:18,942 INFO L78 Accepts]: Start accepts. Automaton has 68 states and 82 transitions. Word has length 27 [2022-11-23 14:27:18,943 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:27:18,943 INFO L495 AbstractCegarLoop]: Abstraction has 68 states and 82 transitions. [2022-11-23 14:27:18,943 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 4.2) internal successors, (21), 5 states have internal predecessors, (21), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-23 14:27:18,944 INFO L276 IsEmpty]: Start isEmpty. Operand 68 states and 82 transitions. [2022-11-23 14:27:18,950 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-11-23 14:27:18,950 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:27:18,950 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:27:18,951 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-23 14:27:18,951 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:27:18,952 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:27:18,952 INFO L85 PathProgramCache]: Analyzing trace with hash 868809498, now seen corresponding path program 1 times [2022-11-23 14:27:18,952 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:27:18,953 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [969423386] [2022-11-23 14:27:18,953 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:27:18,953 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:27:18,978 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:27:19,327 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-23 14:27:19,328 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:27:19,328 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [969423386] [2022-11-23 14:27:19,328 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [969423386] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 14:27:19,329 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 14:27:19,329 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-11-23 14:27:19,330 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [595453717] [2022-11-23 14:27:19,330 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 14:27:19,331 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-23 14:27:19,332 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:27:19,333 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-23 14:27:19,335 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=39, Unknown=0, NotChecked=0, Total=56 [2022-11-23 14:27:19,336 INFO L87 Difference]: Start difference. First operand 68 states and 82 transitions. Second operand has 8 states, 7 states have (on average 3.142857142857143) internal successors, (22), 7 states have internal predecessors, (22), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-23 14:27:19,803 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:27:19,803 INFO L93 Difference]: Finished difference Result 183 states and 220 transitions. [2022-11-23 14:27:19,804 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2022-11-23 14:27:19,805 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 3.142857142857143) internal successors, (22), 7 states have internal predecessors, (22), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 30 [2022-11-23 14:27:19,806 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:27:19,810 INFO L225 Difference]: With dead ends: 183 [2022-11-23 14:27:19,810 INFO L226 Difference]: Without dead ends: 147 [2022-11-23 14:27:19,817 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 4 SyntacticMatches, 1 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 30 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=67, Invalid=143, Unknown=0, NotChecked=0, Total=210 [2022-11-23 14:27:19,821 INFO L413 NwaCegarLoop]: 66 mSDtfsCounter, 162 mSDsluCounter, 152 mSDsCounter, 0 mSdLazyCounter, 222 mSolverCounterSat, 72 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 165 SdHoareTripleChecker+Valid, 218 SdHoareTripleChecker+Invalid, 294 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 72 IncrementalHoareTripleChecker+Valid, 222 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-23 14:27:19,822 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [165 Valid, 218 Invalid, 294 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [72 Valid, 222 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-23 14:27:19,823 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 147 states. [2022-11-23 14:27:19,853 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 147 to 134. [2022-11-23 14:27:19,854 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 134 states, 90 states have (on average 1.2444444444444445) internal successors, (112), 103 states have internal predecessors, (112), 24 states have call successors, (24), 18 states have call predecessors, (24), 19 states have return successors, (25), 22 states have call predecessors, (25), 24 states have call successors, (25) [2022-11-23 14:27:19,855 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 134 states to 134 states and 161 transitions. [2022-11-23 14:27:19,855 INFO L78 Accepts]: Start accepts. Automaton has 134 states and 161 transitions. Word has length 30 [2022-11-23 14:27:19,856 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:27:19,856 INFO L495 AbstractCegarLoop]: Abstraction has 134 states and 161 transitions. [2022-11-23 14:27:19,856 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 3.142857142857143) internal successors, (22), 7 states have internal predecessors, (22), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-23 14:27:19,856 INFO L276 IsEmpty]: Start isEmpty. Operand 134 states and 161 transitions. [2022-11-23 14:27:19,857 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-11-23 14:27:19,857 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:27:19,857 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:27:19,857 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-23 14:27:19,858 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:27:19,858 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:27:19,858 INFO L85 PathProgramCache]: Analyzing trace with hash -1291627812, now seen corresponding path program 1 times [2022-11-23 14:27:19,858 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:27:19,859 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1710977796] [2022-11-23 14:27:19,859 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:27:19,859 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:27:19,879 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:27:19,990 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-23 14:27:19,991 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:27:19,991 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1710977796] [2022-11-23 14:27:19,991 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1710977796] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 14:27:19,991 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 14:27:19,991 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-23 14:27:19,992 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [167247387] [2022-11-23 14:27:19,992 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 14:27:19,992 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-23 14:27:19,993 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:27:19,994 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-23 14:27:19,994 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-23 14:27:19,994 INFO L87 Difference]: Start difference. First operand 134 states and 161 transitions. Second operand has 6 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-11-23 14:27:20,143 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:27:20,143 INFO L93 Difference]: Finished difference Result 313 states and 382 transitions. [2022-11-23 14:27:20,144 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-11-23 14:27:20,144 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) Word has length 30 [2022-11-23 14:27:20,145 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:27:20,148 INFO L225 Difference]: With dead ends: 313 [2022-11-23 14:27:20,148 INFO L226 Difference]: Without dead ends: 181 [2022-11-23 14:27:20,150 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-11-23 14:27:20,155 INFO L413 NwaCegarLoop]: 46 mSDtfsCounter, 20 mSDsluCounter, 145 mSDsCounter, 0 mSdLazyCounter, 102 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 21 SdHoareTripleChecker+Valid, 191 SdHoareTripleChecker+Invalid, 105 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 102 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-23 14:27:20,158 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [21 Valid, 191 Invalid, 105 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 102 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-23 14:27:20,160 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 181 states. [2022-11-23 14:27:20,215 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 181 to 171. [2022-11-23 14:27:20,217 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 171 states, 115 states have (on average 1.208695652173913) internal successors, (139), 129 states have internal predecessors, (139), 30 states have call successors, (30), 23 states have call predecessors, (30), 25 states have return successors, (34), 30 states have call predecessors, (34), 30 states have call successors, (34) [2022-11-23 14:27:20,222 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 171 states to 171 states and 203 transitions. [2022-11-23 14:27:20,222 INFO L78 Accepts]: Start accepts. Automaton has 171 states and 203 transitions. Word has length 30 [2022-11-23 14:27:20,223 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:27:20,223 INFO L495 AbstractCegarLoop]: Abstraction has 171 states and 203 transitions. [2022-11-23 14:27:20,223 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 1 states have call successors, (3) [2022-11-23 14:27:20,223 INFO L276 IsEmpty]: Start isEmpty. Operand 171 states and 203 transitions. [2022-11-23 14:27:20,227 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2022-11-23 14:27:20,227 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:27:20,227 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:27:20,227 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-23 14:27:20,228 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:27:20,228 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:27:20,228 INFO L85 PathProgramCache]: Analyzing trace with hash 238055912, now seen corresponding path program 1 times [2022-11-23 14:27:20,228 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:27:20,230 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1410784305] [2022-11-23 14:27:20,230 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:27:20,230 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:27:20,260 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:27:20,414 INFO L134 CoverageAnalysis]: Checked inductivity of 22 backedges. 15 proven. 1 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2022-11-23 14:27:20,414 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:27:20,414 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1410784305] [2022-11-23 14:27:20,414 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1410784305] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-23 14:27:20,415 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [353629401] [2022-11-23 14:27:20,416 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:27:20,416 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 14:27:20,416 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/bin/utaipan-Q6hlc19bkW/z3 [2022-11-23 14:27:20,421 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-23 14:27:20,457 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-23 14:27:20,539 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:27:20,542 INFO L263 TraceCheckSpWp]: Trace formula consists of 308 conjuncts, 22 conjunts are in the unsatisfiable core [2022-11-23 14:27:20,548 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-23 14:27:20,664 INFO L134 CoverageAnalysis]: Checked inductivity of 22 backedges. 21 proven. 1 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-23 14:27:20,664 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-23 14:27:20,855 INFO L134 CoverageAnalysis]: Checked inductivity of 22 backedges. 15 proven. 1 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2022-11-23 14:27:20,856 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [353629401] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-23 14:27:20,856 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [713206323] [2022-11-23 14:27:20,894 INFO L159 IcfgInterpreter]: Started Sifa with 31 locations of interest [2022-11-23 14:27:20,894 INFO L166 IcfgInterpreter]: Building call graph [2022-11-23 14:27:20,899 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-23 14:27:20,910 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-23 14:27:20,911 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-23 14:27:25,085 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 140 for LOIs [2022-11-23 14:27:25,115 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 32 for LOIs [2022-11-23 14:27:25,456 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 56 for LOIs [2022-11-23 14:27:25,472 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-23 14:27:30,896 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '2526#(and (<= 1 ~pumpRunning~0) (<= |old(~waterLevel~0)| 2147483647) (<= 0 |timeShift_isMethaneAlarm_~retValue_acc~4#1|) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| 2147483647) (<= 1 |timeShift_processEnvironment_~tmp~2#1|) (<= |timeShift_isHighWaterLevel_#res#1| 1) (<= |timeShift_isMethaneLevelCritical_~retValue_acc~0#1| 0) (<= 0 |timeShift_isHighWaterLevel_~tmp~4#1|) (<= 0 |timeShift_isMethaneLevelCritical_#res#1|) (<= ~pumpRunning~0 1) (<= 2 |timeShift_getWaterLevel_~retValue_acc~1#1|) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1| 1) (= ~methaneLevelCritical~0 0) (= ~head~0.offset 0) (<= 1 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1|) (<= 2 ~waterLevel~0) (<= |timeShift_isMethaneLevelCritical_#res#1| 0) (<= 1 |timeShift_isHighWaterLevel_~tmp___0~1#1|) (<= |timeShift_isHighWaterSensorDry_~retValue_acc~2#1| 0) (<= 0 |timeShift_isHighWaterSensorDry_#res#1|) (<= |timeShift_activatePump_~tmp~3#1| 0) (<= |timeShift_processEnvironment_~tmp~2#1| 1) (= 1 ~systemActive~0) (= |old(~pumpRunning~0)| 0) (<= |timeShift_isMethaneAlarm_#res#1| 0) (<= 2 |old(~waterLevel~0)|) (<= ~waterLevel~0 2147483647) (<= |timeShift_getWaterLevel_#res#1| 2147483647) (<= 2 |timeShift_getWaterLevel_#res#1|) (= ~head~0.base 0) (<= |timeShift_isHighWaterLevel_~retValue_acc~6#1| 1) (= |#NULL.offset| 0) (<= 0 |timeShift_isHighWaterSensorDry_~retValue_acc~2#1|) (<= |timeShift_isHighWaterSensorDry_#res#1| 0) (<= 1 |timeShift_isHighWaterLevel_~retValue_acc~6#1|) (<= 0 |timeShift_isMethaneAlarm_#res#1|) (<= 2 |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1|) (<= 0 |timeShift_activatePump_~tmp~3#1|) (<= |timeShift_isMethaneAlarm_~retValue_acc~4#1| 0) (<= |timeShift_isHighWaterLevel_~tmp___0~1#1| 1) (<= 0 |timeShift_isMethaneLevelCritical_~retValue_acc~0#1|) (<= 1 |timeShift_isHighWaterLevel_#res#1|) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (<= |timeShift_getWaterLevel_~retValue_acc~1#1| 2147483647) (= ~cleanupTimeShifts~0 4) (<= |timeShift_isHighWaterLevel_~tmp~4#1| 0) (= |#NULL.base| 0) (= |old(~switchedOnBeforeTS~0)| 0))' at error location [2022-11-23 14:27:30,896 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-23 14:27:30,897 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-23 14:27:30,897 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [6, 6, 6] total 8 [2022-11-23 14:27:30,897 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1211188539] [2022-11-23 14:27:30,897 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-23 14:27:30,898 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-23 14:27:30,898 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:27:30,898 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-23 14:27:30,899 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=119, Invalid=751, Unknown=0, NotChecked=0, Total=870 [2022-11-23 14:27:30,899 INFO L87 Difference]: Start difference. First operand 171 states and 203 transitions. Second operand has 8 states, 8 states have (on average 5.5) internal successors, (44), 8 states have internal predecessors, (44), 3 states have call successors, (8), 3 states have call predecessors, (8), 3 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) [2022-11-23 14:27:31,398 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:27:31,398 INFO L93 Difference]: Finished difference Result 513 states and 623 transitions. [2022-11-23 14:27:31,399 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-11-23 14:27:31,399 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 5.5) internal successors, (44), 8 states have internal predecessors, (44), 3 states have call successors, (8), 3 states have call predecessors, (8), 3 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) Word has length 50 [2022-11-23 14:27:31,399 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:27:31,401 INFO L225 Difference]: With dead ends: 513 [2022-11-23 14:27:31,402 INFO L226 Difference]: Without dead ends: 344 [2022-11-23 14:27:31,403 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 162 GetRequests, 129 SyntacticMatches, 0 SemanticMatches, 33 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 288 ImplicationChecksByTransitivity, 5.6s TimeCoverageRelationStatistics Valid=161, Invalid=1029, Unknown=0, NotChecked=0, Total=1190 [2022-11-23 14:27:31,404 INFO L413 NwaCegarLoop]: 85 mSDtfsCounter, 159 mSDsluCounter, 210 mSDsCounter, 0 mSdLazyCounter, 255 mSolverCounterSat, 79 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 160 SdHoareTripleChecker+Valid, 295 SdHoareTripleChecker+Invalid, 334 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 79 IncrementalHoareTripleChecker+Valid, 255 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-23 14:27:31,404 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [160 Valid, 295 Invalid, 334 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [79 Valid, 255 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-23 14:27:31,405 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 344 states. [2022-11-23 14:27:31,444 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 344 to 251. [2022-11-23 14:27:31,449 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 251 states, 169 states have (on average 1.1893491124260356) internal successors, (201), 189 states have internal predecessors, (201), 41 states have call successors, (41), 35 states have call predecessors, (41), 40 states have return successors, (53), 40 states have call predecessors, (53), 41 states have call successors, (53) [2022-11-23 14:27:31,451 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 251 states to 251 states and 295 transitions. [2022-11-23 14:27:31,451 INFO L78 Accepts]: Start accepts. Automaton has 251 states and 295 transitions. Word has length 50 [2022-11-23 14:27:31,452 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:27:31,452 INFO L495 AbstractCegarLoop]: Abstraction has 251 states and 295 transitions. [2022-11-23 14:27:31,452 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 5.5) internal successors, (44), 8 states have internal predecessors, (44), 3 states have call successors, (8), 3 states have call predecessors, (8), 3 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) [2022-11-23 14:27:31,453 INFO L276 IsEmpty]: Start isEmpty. Operand 251 states and 295 transitions. [2022-11-23 14:27:31,455 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2022-11-23 14:27:31,455 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:27:31,457 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:27:31,471 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-23 14:27:31,666 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 14:27:31,666 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:27:31,667 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:27:31,667 INFO L85 PathProgramCache]: Analyzing trace with hash 1378066669, now seen corresponding path program 1 times [2022-11-23 14:27:31,667 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:27:31,667 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [272912209] [2022-11-23 14:27:31,667 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:27:31,668 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:27:31,685 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:27:31,888 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 1 proven. 16 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-11-23 14:27:31,888 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:27:31,889 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [272912209] [2022-11-23 14:27:31,889 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [272912209] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-23 14:27:31,889 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1051492696] [2022-11-23 14:27:31,889 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:27:31,889 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 14:27:31,889 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/bin/utaipan-Q6hlc19bkW/z3 [2022-11-23 14:27:31,890 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-23 14:27:31,913 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-23 14:27:31,981 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:27:31,983 INFO L263 TraceCheckSpWp]: Trace formula consists of 282 conjuncts, 13 conjunts are in the unsatisfiable core [2022-11-23 14:27:31,985 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-23 14:27:32,036 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 10 proven. 1 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2022-11-23 14:27:32,037 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-23 14:27:32,122 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 7 proven. 1 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2022-11-23 14:27:32,122 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1051492696] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-23 14:27:32,122 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1322600048] [2022-11-23 14:27:32,128 INFO L159 IcfgInterpreter]: Started Sifa with 34 locations of interest [2022-11-23 14:27:32,129 INFO L166 IcfgInterpreter]: Building call graph [2022-11-23 14:27:32,129 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-23 14:27:32,129 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-23 14:27:32,129 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-23 14:27:35,662 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 144 for LOIs [2022-11-23 14:27:35,686 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 56 for LOIs [2022-11-23 14:27:36,308 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 30 for LOIs [2022-11-23 14:27:36,311 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 55 for LOIs [2022-11-23 14:27:36,318 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-23 14:27:42,234 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '4072#(and (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| |timeShift_getWaterLevel_#res#1|) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1| 0)) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~0#1|) (<= ~pumpRunning~0 2147483647) (= ~methaneLevelCritical~0 0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| ~waterLevel~0) (<= 0 (+ 2147483648 |old(~pumpRunning~0)|)) (= ~head~0.offset 0) (<= |old(~switchedOnBeforeTS~0)| 2147483647) (<= |old(~pumpRunning~0)| 2147483647) (= 1 ~systemActive~0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| |timeShift_getWaterLevel_#res#1|) (<= 0 (+ |old(~switchedOnBeforeTS~0)| 2147483648)) (= ~head~0.base 0) (<= 0 (+ ~pumpRunning~0 2147483648)) (= |#NULL.offset| 0) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| 2)) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (<= |timeShift_getWaterLevel_~retValue_acc~1#1| 2147483647) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0) (<= 0 (+ |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| 2147483648)))' at error location [2022-11-23 14:27:42,235 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-23 14:27:42,235 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-23 14:27:42,235 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 6, 6] total 13 [2022-11-23 14:27:42,235 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [724430903] [2022-11-23 14:27:42,235 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-23 14:27:42,236 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 13 states [2022-11-23 14:27:42,236 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:27:42,236 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 13 interpolants. [2022-11-23 14:27:42,237 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=186, Invalid=1296, Unknown=0, NotChecked=0, Total=1482 [2022-11-23 14:27:42,237 INFO L87 Difference]: Start difference. First operand 251 states and 295 transitions. Second operand has 13 states, 11 states have (on average 5.0) internal successors, (55), 11 states have internal predecessors, (55), 4 states have call successors, (10), 3 states have call predecessors, (10), 5 states have return successors, (13), 6 states have call predecessors, (13), 4 states have call successors, (13) [2022-11-23 14:27:43,051 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:27:43,051 INFO L93 Difference]: Finished difference Result 413 states and 493 transitions. [2022-11-23 14:27:43,052 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 22 states. [2022-11-23 14:27:43,052 INFO L78 Accepts]: Start accepts. Automaton has has 13 states, 11 states have (on average 5.0) internal successors, (55), 11 states have internal predecessors, (55), 4 states have call successors, (10), 3 states have call predecessors, (10), 5 states have return successors, (13), 6 states have call predecessors, (13), 4 states have call successors, (13) Word has length 52 [2022-11-23 14:27:43,052 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:27:43,053 INFO L225 Difference]: With dead ends: 413 [2022-11-23 14:27:43,053 INFO L226 Difference]: Without dead ends: 0 [2022-11-23 14:27:43,055 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 191 GetRequests, 137 SyntacticMatches, 0 SemanticMatches, 54 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 889 ImplicationChecksByTransitivity, 6.4s TimeCoverageRelationStatistics Valid=387, Invalid=2693, Unknown=0, NotChecked=0, Total=3080 [2022-11-23 14:27:43,057 INFO L413 NwaCegarLoop]: 46 mSDtfsCounter, 277 mSDsluCounter, 157 mSDsCounter, 0 mSdLazyCounter, 363 mSolverCounterSat, 155 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 279 SdHoareTripleChecker+Valid, 203 SdHoareTripleChecker+Invalid, 518 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 155 IncrementalHoareTripleChecker+Valid, 363 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-23 14:27:43,057 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [279 Valid, 203 Invalid, 518 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [155 Valid, 363 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-23 14:27:43,058 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-23 14:27:43,058 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-23 14:27:43,058 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-23 14:27:43,058 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-23 14:27:43,058 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 52 [2022-11-23 14:27:43,058 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:27:43,059 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-23 14:27:43,059 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 13 states, 11 states have (on average 5.0) internal successors, (55), 11 states have internal predecessors, (55), 4 states have call successors, (10), 3 states have call predecessors, (10), 5 states have return successors, (13), 6 states have call predecessors, (13), 4 states have call successors, (13) [2022-11-23 14:27:43,059 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-23 14:27:43,059 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-23 14:27:43,061 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-23 14:27:43,079 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-23 14:27:43,267 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 14:27:43,269 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-23 14:27:46,125 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 337 343) no Hoare annotation was computed. [2022-11-23 14:27:46,125 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 337 343) the Hoare annotation is: true [2022-11-23 14:27:46,125 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 134 145) the Hoare annotation is: true [2022-11-23 14:27:46,126 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 134 145) no Hoare annotation was computed. [2022-11-23 14:27:46,126 INFO L895 garLoopResultBuilder]: At program point L353(lines 353 361) the Hoare annotation is: (let ((.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (= ~pumpRunning~0 0)) (.cse3 (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (and (or .cse0 .cse1 (= |old(~switchedOnBeforeTS~0)| 0)) (or .cse1 (not (= |old(~waterLevel~0)| 2)) (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse2 (= 2 ~waterLevel~0) .cse3)) (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1 (and (< 0 (+ |timeShift_processEnvironment_~tmp~2#1| 1)) .cse2 (<= |timeShift_processEnvironment_~tmp~2#1| 0) (= ~waterLevel~0 1) .cse3)))) [2022-11-23 14:27:46,126 INFO L895 garLoopResultBuilder]: At program point L349(lines 349 366) the Hoare annotation is: (let ((.cse3 (= ~waterLevel~0 1)) (.cse2 (= ~pumpRunning~0 0)) (.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse1 (not (= 1 ~systemActive~0))) (.cse5 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (and (or .cse0 (not (= |old(~pumpRunning~0)| 0)) (not (= |old(~waterLevel~0)| 1)) .cse1 (and .cse2 .cse3 .cse4)) (or .cse1 (not (= |old(~waterLevel~0)| 2)) (and .cse5 (or (and (not .cse2) .cse3) (and .cse2 (= 2 ~waterLevel~0))) .cse4)) (or .cse0 .cse1 (and .cse5 .cse4) (= |old(~switchedOnBeforeTS~0)| 0)))) [2022-11-23 14:27:46,127 INFO L899 garLoopResultBuilder]: For program point L85(lines 85 91) no Hoare annotation was computed. [2022-11-23 14:27:46,127 INFO L899 garLoopResultBuilder]: For program point L317-2(lines 313 335) no Hoare annotation was computed. [2022-11-23 14:27:46,127 INFO L895 garLoopResultBuilder]: At program point L82(line 82) the Hoare annotation is: (let ((.cse3 (= ~waterLevel~0 1)) (.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse5 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse2 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| ~waterLevel~0)) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse1 (not (= 1 ~systemActive~0)))) (and (or .cse0 (not (= |old(~pumpRunning~0)| 0)) (not (= |old(~waterLevel~0)| 1)) .cse1 (and (< 0 (+ |timeShift_processEnvironment_~tmp~2#1| 1)) (= ~pumpRunning~0 0) .cse2 (<= |timeShift_processEnvironment_~tmp~2#1| 0) .cse3 .cse4)) (or (and (not (= ~switchedOnBeforeTS~0 0)) .cse5 .cse2 .cse3 .cse4) .cse1 (not (= |old(~waterLevel~0)| 2))) (or .cse0 (and .cse5 .cse2 .cse4) .cse1 (= |old(~switchedOnBeforeTS~0)| 0)))) [2022-11-23 14:27:46,127 INFO L899 garLoopResultBuilder]: For program point L82-1(line 82) no Hoare annotation was computed. [2022-11-23 14:27:46,127 INFO L895 garLoopResultBuilder]: At program point L359(line 359) the Hoare annotation is: (let ((.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (< 0 (+ |timeShift_processEnvironment_~tmp~2#1| 1))) (.cse3 (= ~pumpRunning~0 0)) (.cse4 (<= |timeShift_processEnvironment_~tmp~2#1| 0)) (.cse5 (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (and (or .cse0 .cse1 (= |old(~switchedOnBeforeTS~0)| 0)) (or .cse1 (and .cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse3 (= 2 ~waterLevel~0) .cse4 .cse5) (not (= |old(~waterLevel~0)| 2))) (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1 (and .cse2 .cse3 .cse4 (= ~waterLevel~0 1) .cse5)))) [2022-11-23 14:27:46,128 INFO L895 garLoopResultBuilder]: At program point L950(line 950) the Hoare annotation is: (let ((.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or .cse0 .cse1 (= |old(~switchedOnBeforeTS~0)| 0)) (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1) (or .cse1 (not (= |old(~waterLevel~0)| 2))))) [2022-11-23 14:27:46,128 INFO L895 garLoopResultBuilder]: At program point L364(line 364) the Hoare annotation is: (let ((.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse3 (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (and (or .cse0 (not (= |old(~pumpRunning~0)| 0)) (not (= |old(~waterLevel~0)| 1)) .cse1) (or .cse0 .cse1 (and .cse2 .cse3) (= |old(~switchedOnBeforeTS~0)| 0)) (or .cse1 (not (= |old(~waterLevel~0)| 2)) (and (not (= ~switchedOnBeforeTS~0 0)) .cse2 (= ~waterLevel~0 1) .cse3)))) [2022-11-23 14:27:46,128 INFO L895 garLoopResultBuilder]: At program point L364-1(lines 345 369) the Hoare annotation is: (let ((.cse7 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse5 (= ~waterLevel~0 1)) (.cse6 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse8 (= 1 ~systemActive~0))) (let ((.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse4 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse1 (not .cse8)) (.cse2 (not (= |old(~waterLevel~0)| 2))) (.cse3 (and (not (= ~switchedOnBeforeTS~0 0)) .cse7 .cse8 .cse5 .cse6))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse0 (not (= |old(~pumpRunning~0)| 0)) (not (= |old(~waterLevel~0)| 1)) .cse1 (and (< 0 (+ |timeShift_processEnvironment_~tmp~2#1| 1)) (= ~pumpRunning~0 0) (<= |timeShift_processEnvironment_~tmp~2#1| 0) .cse5 .cse6)) (or .cse0 .cse1 (and .cse7 .cse6) .cse4) (or .cse1 .cse2 (and (= 2 ~waterLevel~0) (or .cse7 (= ~pumpRunning~0 1))) .cse3)))) [2022-11-23 14:27:46,129 INFO L895 garLoopResultBuilder]: At program point L67(line 67) the Hoare annotation is: (let ((.cse2 (not (= |old(~waterLevel~0)| 2))) (.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse1 (not (= 1 ~systemActive~0))) (.cse5 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse6 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (= ~waterLevel~0 1)) (.cse3 (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 (not (= |old(~pumpRunning~0)| 0)) (not (= |old(~waterLevel~0)| 1)) .cse1 (and (= ~pumpRunning~0 0) .cse4 .cse3)) (or .cse1 (and .cse5 .cse6) .cse2) (or .cse0 .cse1 (and .cse5 (or .cse6 .cse4) .cse3) (= |old(~switchedOnBeforeTS~0)| 0)))) [2022-11-23 14:27:46,129 INFO L895 garLoopResultBuilder]: At program point L67-1(line 67) the Hoare annotation is: (let ((.cse5 (not (= |old(~waterLevel~0)| 2))) (.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse6 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse7 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse2 (= ~waterLevel~0 1)) (.cse3 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse4 (= |timeShift___utac_acc__Specification5_spec__2_#t~ret4#1| ~pumpRunning~0)) (.cse1 (not (= 1 ~systemActive~0)))) (and (or .cse0 (not (= |old(~pumpRunning~0)| 0)) (not (= |old(~waterLevel~0)| 1)) .cse1 (and (= ~pumpRunning~0 0) .cse2 .cse3 .cse4)) (or .cse0 .cse1 .cse5 .cse3) (or (and .cse6 .cse7 .cse4) .cse1 .cse5) (or .cse0 (and .cse6 (or .cse7 .cse2) .cse3 .cse4) .cse1 (= |old(~switchedOnBeforeTS~0)| 0)))) [2022-11-23 14:27:46,129 INFO L899 garLoopResultBuilder]: For program point L84(lines 84 94) no Hoare annotation was computed. [2022-11-23 14:27:46,129 INFO L899 garLoopResultBuilder]: For program point L80(lines 80 97) no Hoare annotation was computed. [2022-11-23 14:27:46,130 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 310 336) the Hoare annotation is: (let ((.cse2 (not (= |old(~waterLevel~0)| 2))) (.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse1 (not (= 1 ~systemActive~0))) (.cse5 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse6 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (= ~waterLevel~0 1)) (.cse3 (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 (not (= |old(~pumpRunning~0)| 0)) (not (= |old(~waterLevel~0)| 1)) .cse1 (and (= ~pumpRunning~0 0) .cse4 .cse3)) (or .cse1 (and .cse5 .cse6) .cse2) (or .cse0 .cse1 (and .cse5 (or .cse6 .cse4) .cse3) (= |old(~switchedOnBeforeTS~0)| 0)))) [2022-11-23 14:27:46,130 INFO L895 garLoopResultBuilder]: At program point L80-1(lines 72 100) the Hoare annotation is: (let ((.cse5 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse2 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| ~waterLevel~0)) (.cse3 (= ~waterLevel~0 1)) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse9 (= 1 ~systemActive~0))) (let ((.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse6 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse1 (not .cse9)) (.cse7 (and (not (= ~switchedOnBeforeTS~0 0)) .cse5 .cse2 .cse9 .cse3 .cse4)) (.cse8 (not (= |old(~waterLevel~0)| 2)))) (and (or .cse0 (not (= |old(~pumpRunning~0)| 0)) (not (= |old(~waterLevel~0)| 1)) .cse1 (and (< 0 (+ |timeShift_processEnvironment_~tmp~2#1| 1)) (= ~pumpRunning~0 0) .cse2 (<= |timeShift_processEnvironment_~tmp~2#1| 0) .cse3 .cse4)) (or .cse0 (and .cse5 .cse2 .cse4) .cse1 .cse6) (or .cse0 .cse1 .cse7 .cse8 .cse6) (or .cse1 .cse7 .cse8 (and (= 2 ~waterLevel~0) (or .cse5 (= ~pumpRunning~0 1)) (= |timeShift___utac_acc__Specification5_spec__3_~tmp~0#1| 2)))))) [2022-11-23 14:27:46,130 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 310 336) no Hoare annotation was computed. [2022-11-23 14:27:46,130 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 950) no Hoare annotation was computed. [2022-11-23 14:27:46,131 INFO L895 garLoopResultBuilder]: At program point L324-1(lines 324 330) the Hoare annotation is: (let ((.cse7 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse5 (= ~waterLevel~0 1)) (.cse6 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse8 (= 1 ~systemActive~0))) (let ((.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse4 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse1 (not .cse8)) (.cse2 (not (= |old(~waterLevel~0)| 2))) (.cse3 (and (not (= ~switchedOnBeforeTS~0 0)) .cse7 .cse8 .cse5 .cse6))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse0 (not (= |old(~pumpRunning~0)| 0)) (not (= |old(~waterLevel~0)| 1)) .cse1 (and (< 0 (+ |timeShift_processEnvironment_~tmp~2#1| 1)) (= ~pumpRunning~0 0) (<= |timeShift_processEnvironment_~tmp~2#1| 0) .cse5 .cse6)) (or .cse0 .cse1 (and .cse7 .cse6) .cse4) (or .cse1 .cse2 (and (= 2 ~waterLevel~0) (or .cse7 (= ~pumpRunning~0 1))) .cse3)))) [2022-11-23 14:27:46,131 INFO L899 garLoopResultBuilder]: For program point L225(line 225) no Hoare annotation was computed. [2022-11-23 14:27:46,131 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 204 233) no Hoare annotation was computed. [2022-11-23 14:27:46,131 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 204 233) the Hoare annotation is: true [2022-11-23 14:27:46,131 INFO L899 garLoopResultBuilder]: For program point L218(lines 218 222) no Hoare annotation was computed. [2022-11-23 14:27:46,131 INFO L902 garLoopResultBuilder]: At program point L218-1(lines 218 222) the Hoare annotation is: true [2022-11-23 14:27:46,132 INFO L902 garLoopResultBuilder]: At program point L214-2(lines 214 228) the Hoare annotation is: true [2022-11-23 14:27:46,132 INFO L902 garLoopResultBuilder]: At program point L210(line 210) the Hoare annotation is: true [2022-11-23 14:27:46,132 INFO L899 garLoopResultBuilder]: For program point L210-1(line 210) no Hoare annotation was computed. [2022-11-23 14:27:46,132 INFO L902 garLoopResultBuilder]: At program point L229(lines 204 233) the Hoare annotation is: true [2022-11-23 14:27:46,132 INFO L902 garLoopResultBuilder]: At program point L291-2(lines 291 298) the Hoare annotation is: true [2022-11-23 14:27:46,132 INFO L899 garLoopResultBuilder]: For program point L510(lines 510 516) no Hoare annotation was computed. [2022-11-23 14:27:46,132 INFO L899 garLoopResultBuilder]: For program point L510-1(lines 510 516) no Hoare annotation was computed. [2022-11-23 14:27:46,133 INFO L902 garLoopResultBuilder]: At program point L539(lines 480 543) the Hoare annotation is: true [2022-11-23 14:27:46,133 INFO L895 garLoopResultBuilder]: At program point L502(line 502) the Hoare annotation is: (let ((.cse2 (= ~waterLevel~0 1)) (.cse4 (not (= ~pumpRunning~0 0))) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse0 .cse1 .cse2) (and (= 2 ~waterLevel~0) .cse0 .cse1) (and .cse4 .cse0 .cse1 .cse3))) [2022-11-23 14:27:46,133 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-23 14:27:46,133 INFO L895 garLoopResultBuilder]: At program point L536(lines 489 537) the Hoare annotation is: false [2022-11-23 14:27:46,133 INFO L899 garLoopResultBuilder]: For program point L491(lines 490 535) no Hoare annotation was computed. [2022-11-23 14:27:46,133 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-23 14:27:46,134 INFO L895 garLoopResultBuilder]: At program point L512(line 512) the Hoare annotation is: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (or (and .cse0 .cse1 (= ~waterLevel~0 1) .cse2) (and (= 2 ~waterLevel~0) .cse0 .cse1) (and (not (= ~pumpRunning~0 0)) .cse0 .cse1 .cse2))) [2022-11-23 14:27:46,134 INFO L895 garLoopResultBuilder]: At program point L533(lines 490 535) the Hoare annotation is: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (or (and .cse0 .cse1 (= ~waterLevel~0 1) .cse2) (and (= 2 ~waterLevel~0) .cse0 .cse1) (and (not (= ~pumpRunning~0 0)) .cse0 .cse1 .cse2))) [2022-11-23 14:27:46,134 INFO L899 garLoopResultBuilder]: For program point L500(lines 500 506) no Hoare annotation was computed. [2022-11-23 14:27:46,134 INFO L899 garLoopResultBuilder]: For program point L500-1(lines 500 506) no Hoare annotation was computed. [2022-11-23 14:27:46,134 INFO L895 garLoopResultBuilder]: At program point L526-2(lines 520 531) the Hoare annotation is: (let ((.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse2 (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (or (and .cse0 .cse1 (= ~waterLevel~0 1) .cse2) (and (= 2 ~waterLevel~0) .cse0 .cse1) (and (not (= ~pumpRunning~0 0)) .cse0 .cse1 .cse2))) [2022-11-23 14:27:46,135 INFO L895 garLoopResultBuilder]: At program point L291(lines 291 298) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1) (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) [2022-11-23 14:27:46,135 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 122 133) no Hoare annotation was computed. [2022-11-23 14:27:46,135 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 122 133) the Hoare annotation is: (let ((.cse0 (not (= |old(~waterLevel~0)| 1))) (.cse3 (not (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (.cse2 (= ~waterLevel~0 1)) (.cse1 (not (= 1 ~systemActive~0))) (.cse4 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or (= ~pumpRunning~0 0) .cse0 .cse1 .cse2) (or .cse1 .cse3 .cse4 .cse2 (= ~switchedOnBeforeTS~0 0)) (or .cse0 .cse1 .cse3 .cse2) (or .cse1 (not (= |old(~waterLevel~0)| 2)) .cse4))) [2022-11-23 14:27:46,135 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 415 423) no Hoare annotation was computed. [2022-11-23 14:27:46,135 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 415 423) the Hoare annotation is: true [2022-11-23 14:27:46,139 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:27:46,141 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-23 14:27:46,165 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 23.11 02:27:46 BoogieIcfgContainer [2022-11-23 14:27:46,166 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-23 14:27:46,166 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-23 14:27:46,166 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-23 14:27:46,167 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-23 14:27:46,167 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 23.11 02:27:17" (3/4) ... [2022-11-23 14:27:46,170 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-23 14:27:46,175 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-23 14:27:46,176 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-23 14:27:46,176 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-23 14:27:46,176 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-23 14:27:46,176 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-23 14:27:46,176 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-11-23 14:27:46,183 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 50 nodes and edges [2022-11-23 14:27:46,183 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2022-11-23 14:27:46,184 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 6 nodes and edges [2022-11-23 14:27:46,184 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-23 14:27:46,185 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-23 14:27:46,211 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((pumpRunning == 0 && waterLevel == 1) && pumpRunning == switchedOnBeforeTS) && aux-isPumpRunning()-aux == pumpRunning)) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || !(\old(waterLevel) == 2)) || pumpRunning == switchedOnBeforeTS)) && ((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && aux-isPumpRunning()-aux == pumpRunning) || !(1 == systemActive)) || !(\old(waterLevel) == 2))) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || (((pumpRunning == \old(pumpRunning) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && pumpRunning == switchedOnBeforeTS) && aux-isPumpRunning()-aux == pumpRunning)) || !(1 == systemActive)) || \old(switchedOnBeforeTS) == 0) [2022-11-23 14:27:46,212 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || !(\old(waterLevel) == 2)) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == \old(pumpRunning)) && 1 == systemActive) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS)) || \old(switchedOnBeforeTS) == 0) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || ((((0 < tmp + 1 && pumpRunning == 0) && tmp <= 0) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS))) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || (pumpRunning == \old(pumpRunning) && pumpRunning == switchedOnBeforeTS)) || \old(switchedOnBeforeTS) == 0)) && (((!(1 == systemActive) || !(\old(waterLevel) == 2)) || (2 == waterLevel && (pumpRunning == \old(pumpRunning) || pumpRunning == 1))) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == \old(pumpRunning)) && 1 == systemActive) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS)) [2022-11-23 14:27:46,212 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((((0 < tmp + 1 && pumpRunning == 0) && tmp == waterLevel) && tmp <= 0) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS)) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || ((pumpRunning == \old(pumpRunning) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(1 == systemActive)) || \old(switchedOnBeforeTS) == 0)) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || (((((!(switchedOnBeforeTS == 0) && pumpRunning == \old(pumpRunning)) && tmp == waterLevel) && 1 == systemActive) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) == 2)) || \old(switchedOnBeforeTS) == 0)) && (((!(1 == systemActive) || (((((!(switchedOnBeforeTS == 0) && pumpRunning == \old(pumpRunning)) && tmp == waterLevel) && 1 == systemActive) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) == 2)) || ((2 == waterLevel && (pumpRunning == \old(pumpRunning) || pumpRunning == 1)) && tmp == 2)) [2022-11-23 14:27:46,213 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || ((pumpRunning == 0 && waterLevel == 1) && pumpRunning == switchedOnBeforeTS)) && ((!(1 == systemActive) || !(\old(waterLevel) == 2)) || ((pumpRunning == \old(pumpRunning) && ((!(pumpRunning == 0) && waterLevel == 1) || (pumpRunning == 0 && 2 == waterLevel))) && pumpRunning == switchedOnBeforeTS))) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || (pumpRunning == \old(pumpRunning) && pumpRunning == switchedOnBeforeTS)) || \old(switchedOnBeforeTS) == 0) [2022-11-23 14:27:46,213 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || \old(switchedOnBeforeTS) == 0) && ((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) == 1)) || !(1 == systemActive))) && (!(1 == systemActive) || !(\old(waterLevel) == 2)) [2022-11-23 14:27:46,213 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || !(\old(waterLevel) == 2)) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == \old(pumpRunning)) && 1 == systemActive) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS)) || \old(switchedOnBeforeTS) == 0) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || ((((0 < tmp + 1 && pumpRunning == 0) && tmp <= 0) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS))) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || (pumpRunning == \old(pumpRunning) && pumpRunning == switchedOnBeforeTS)) || \old(switchedOnBeforeTS) == 0)) && (((!(1 == systemActive) || !(\old(waterLevel) == 2)) || (2 == waterLevel && (pumpRunning == \old(pumpRunning) || pumpRunning == 1))) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == \old(pumpRunning)) && 1 == systemActive) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS)) [2022-11-23 14:27:46,214 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || \old(switchedOnBeforeTS) == 0) && ((!(1 == systemActive) || !(\old(waterLevel) == 2)) || (((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && 2 == waterLevel) && pumpRunning == switchedOnBeforeTS))) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || ((((0 < tmp + 1 && pumpRunning == 0) && tmp <= 0) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS)) [2022-11-23 14:27:46,235 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/bin/utaipan-Q6hlc19bkW/witness.graphml [2022-11-23 14:27:46,235 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-23 14:27:46,236 INFO L158 Benchmark]: Toolchain (without parser) took 30386.03ms. Allocated memory was 151.0MB in the beginning and 360.7MB in the end (delta: 209.7MB). Free memory was 108.5MB in the beginning and 225.8MB in the end (delta: -117.3MB). Peak memory consumption was 95.3MB. Max. memory is 16.1GB. [2022-11-23 14:27:46,236 INFO L158 Benchmark]: CDTParser took 0.23ms. Allocated memory is still 151.0MB. Free memory was 97.7MB in the beginning and 97.5MB in the end (delta: 159.4kB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-23 14:27:46,236 INFO L158 Benchmark]: CACSL2BoogieTranslator took 502.54ms. Allocated memory is still 151.0MB. Free memory was 108.5MB in the beginning and 89.7MB in the end (delta: 18.8MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2022-11-23 14:27:46,237 INFO L158 Benchmark]: Boogie Procedure Inliner took 69.64ms. Allocated memory is still 151.0MB. Free memory was 89.7MB in the beginning and 87.4MB in the end (delta: 2.2MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-23 14:27:46,237 INFO L158 Benchmark]: Boogie Preprocessor took 56.02ms. Allocated memory is still 151.0MB. Free memory was 87.4MB in the beginning and 85.8MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-23 14:27:46,237 INFO L158 Benchmark]: RCFGBuilder took 696.96ms. Allocated memory was 151.0MB in the beginning and 207.6MB in the end (delta: 56.6MB). Free memory was 85.8MB in the beginning and 176.5MB in the end (delta: -90.7MB). Peak memory consumption was 33.4MB. Max. memory is 16.1GB. [2022-11-23 14:27:46,238 INFO L158 Benchmark]: TraceAbstraction took 28985.03ms. Allocated memory was 207.6MB in the beginning and 360.7MB in the end (delta: 153.1MB). Free memory was 175.6MB in the beginning and 231.1MB in the end (delta: -55.5MB). Peak memory consumption was 217.1MB. Max. memory is 16.1GB. [2022-11-23 14:27:46,238 INFO L158 Benchmark]: Witness Printer took 69.05ms. Allocated memory is still 360.7MB. Free memory was 231.1MB in the beginning and 225.8MB in the end (delta: 5.2MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-23 14:27:46,240 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.23ms. Allocated memory is still 151.0MB. Free memory was 97.7MB in the beginning and 97.5MB in the end (delta: 159.4kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 502.54ms. Allocated memory is still 151.0MB. Free memory was 108.5MB in the beginning and 89.7MB in the end (delta: 18.8MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 69.64ms. Allocated memory is still 151.0MB. Free memory was 89.7MB in the beginning and 87.4MB in the end (delta: 2.2MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 56.02ms. Allocated memory is still 151.0MB. Free memory was 87.4MB in the beginning and 85.8MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 696.96ms. Allocated memory was 151.0MB in the beginning and 207.6MB in the end (delta: 56.6MB). Free memory was 85.8MB in the beginning and 176.5MB in the end (delta: -90.7MB). Peak memory consumption was 33.4MB. Max. memory is 16.1GB. * TraceAbstraction took 28985.03ms. Allocated memory was 207.6MB in the beginning and 360.7MB in the end (delta: 153.1MB). Free memory was 175.6MB in the beginning and 231.1MB in the end (delta: -55.5MB). Peak memory consumption was 217.1MB. Max. memory is 16.1GB. * Witness Printer took 69.05ms. Allocated memory is still 360.7MB. Free memory was 231.1MB in the beginning and 225.8MB in the end (delta: 5.2MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 950]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 51 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 28.9s, OverallIterations: 8, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 2.4s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 2.9s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 739 SdHoareTripleChecker+Valid, 1.2s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 727 mSDsluCounter, 1189 SdHoareTripleChecker+Invalid, 1.0s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 774 mSDsCounter, 330 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1033 IncrementalHoareTripleChecker+Invalid, 1363 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 330 mSolverCounterUnsat, 415 mSDtfsCounter, 1033 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 397 GetRequests, 283 SyntacticMatches, 1 SemanticMatches, 113 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1211 ImplicationChecksByTransitivity, 12.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=251occurred in iteration=7, InterpolantAutomatonStates: 69, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.2s AutomataMinimizationTime, 8 MinimizatonAttempts, 131 StatesRemovedByMinimization, 4 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 30 LocationsWithAnnotation, 519 PreInvPairs, 611 NumberOfFragments, 1311 HoareAnnotationTreeSize, 519 FomulaSimplifications, 2735 FormulaSimplificationTreeSizeReduction, 0.2s HoareSimplificationTime, 30 FomulaSimplificationsInter, 7352 FormulaSimplificationTreeSizeReductionInter, 2.6s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 2.1s InterpolantComputationTime, 358 NumberOfCodeBlocks, 358 NumberOfCodeBlocksAsserted, 10 NumberOfCheckSat, 448 ConstructedInterpolants, 0 QuantifiedInterpolants, 1163 SizeOfPredicates, 12 NumberOfNonLiveVariables, 590 ConjunctsInSsa, 35 ConjunctsInUnsatCore, 12 InterpolantComputations, 6 PerfectInterpolantSequences, 120/141 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 480]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 204]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 214]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 345]: Loop Invariant Derived loop invariant: ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || !(\old(waterLevel) == 2)) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == \old(pumpRunning)) && 1 == systemActive) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS)) || \old(switchedOnBeforeTS) == 0) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || ((((0 < tmp + 1 && pumpRunning == 0) && tmp <= 0) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS))) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || (pumpRunning == \old(pumpRunning) && pumpRunning == switchedOnBeforeTS)) || \old(switchedOnBeforeTS) == 0)) && (((!(1 == systemActive) || !(\old(waterLevel) == 2)) || (2 == waterLevel && (pumpRunning == \old(pumpRunning) || pumpRunning == 1))) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == \old(pumpRunning)) && 1 == systemActive) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS)) - InvariantResult [Line: 490]: Loop Invariant Derived loop invariant: ((((1 == systemActive && splverifierCounter == 0) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS) || ((2 == waterLevel && 1 == systemActive) && splverifierCounter == 0)) || (((!(pumpRunning == 0) && 1 == systemActive) && splverifierCounter == 0) && pumpRunning == switchedOnBeforeTS) - InvariantResult [Line: 72]: Loop Invariant Derived loop invariant: ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((((0 < tmp + 1 && pumpRunning == 0) && tmp == waterLevel) && tmp <= 0) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS)) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || ((pumpRunning == \old(pumpRunning) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(1 == systemActive)) || \old(switchedOnBeforeTS) == 0)) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || (((((!(switchedOnBeforeTS == 0) && pumpRunning == \old(pumpRunning)) && tmp == waterLevel) && 1 == systemActive) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) == 2)) || \old(switchedOnBeforeTS) == 0)) && (((!(1 == systemActive) || (((((!(switchedOnBeforeTS == 0) && pumpRunning == \old(pumpRunning)) && tmp == waterLevel) && 1 == systemActive) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) == 2)) || ((2 == waterLevel && (pumpRunning == \old(pumpRunning) || pumpRunning == 1)) && tmp == 2)) - InvariantResult [Line: 291]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 291]: Loop Invariant Derived loop invariant: ((pumpRunning == 0 && 1 == systemActive) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS - InvariantResult [Line: 353]: Loop Invariant Derived loop invariant: (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || \old(switchedOnBeforeTS) == 0) && ((!(1 == systemActive) || !(\old(waterLevel) == 2)) || (((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && 2 == waterLevel) && pumpRunning == switchedOnBeforeTS))) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || ((((0 < tmp + 1 && pumpRunning == 0) && tmp <= 0) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS)) - InvariantResult [Line: 67]: Loop Invariant Derived loop invariant: ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((pumpRunning == 0 && waterLevel == 1) && pumpRunning == switchedOnBeforeTS) && aux-isPumpRunning()-aux == pumpRunning)) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || !(\old(waterLevel) == 2)) || pumpRunning == switchedOnBeforeTS)) && ((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel) && aux-isPumpRunning()-aux == pumpRunning) || !(1 == systemActive)) || !(\old(waterLevel) == 2))) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || (((pumpRunning == \old(pumpRunning) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && pumpRunning == switchedOnBeforeTS) && aux-isPumpRunning()-aux == pumpRunning)) || !(1 == systemActive)) || \old(switchedOnBeforeTS) == 0) - InvariantResult [Line: 349]: Loop Invariant Derived loop invariant: (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || ((pumpRunning == 0 && waterLevel == 1) && pumpRunning == switchedOnBeforeTS)) && ((!(1 == systemActive) || !(\old(waterLevel) == 2)) || ((pumpRunning == \old(pumpRunning) && ((!(pumpRunning == 0) && waterLevel == 1) || (pumpRunning == 0 && 2 == waterLevel))) && pumpRunning == switchedOnBeforeTS))) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || (pumpRunning == \old(pumpRunning) && pumpRunning == switchedOnBeforeTS)) || \old(switchedOnBeforeTS) == 0) - InvariantResult [Line: 324]: Loop Invariant Derived loop invariant: ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || !(\old(waterLevel) == 2)) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == \old(pumpRunning)) && 1 == systemActive) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS)) || \old(switchedOnBeforeTS) == 0) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || ((((0 < tmp + 1 && pumpRunning == 0) && tmp <= 0) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS))) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || (pumpRunning == \old(pumpRunning) && pumpRunning == switchedOnBeforeTS)) || \old(switchedOnBeforeTS) == 0)) && (((!(1 == systemActive) || !(\old(waterLevel) == 2)) || (2 == waterLevel && (pumpRunning == \old(pumpRunning) || pumpRunning == 1))) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == \old(pumpRunning)) && 1 == systemActive) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS)) - InvariantResult [Line: 489]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 950]: Loop Invariant Derived loop invariant: (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || \old(switchedOnBeforeTS) == 0) && ((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) == 1)) || !(1 == systemActive))) && (!(1 == systemActive) || !(\old(waterLevel) == 2)) RESULT: Ultimate proved your program to be correct! [2022-11-23 14:27:46,271 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_06687745-cbf3-42c5-8051-85fd9a9a29ca/bin/utaipan-Q6hlc19bkW/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE