./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product44.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 4e7fbc69 Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product44.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash f18c518732faf536b365bed3360055c2f4eb753a861011ef1bbe74f5b721db8d --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-4e7fbc6 [2022-11-23 15:11:15,789 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-23 15:11:15,791 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-23 15:11:15,833 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-23 15:11:15,834 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-23 15:11:15,837 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-23 15:11:15,840 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-23 15:11:15,843 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-23 15:11:15,846 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-23 15:11:15,851 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-23 15:11:15,852 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-23 15:11:15,853 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-23 15:11:15,853 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-23 15:11:15,854 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-23 15:11:15,855 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-23 15:11:15,856 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-23 15:11:15,857 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-23 15:11:15,858 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-23 15:11:15,859 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-23 15:11:15,861 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-23 15:11:15,862 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-23 15:11:15,867 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-23 15:11:15,868 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-23 15:11:15,869 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-23 15:11:15,872 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-23 15:11:15,873 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-23 15:11:15,873 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-23 15:11:15,874 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-23 15:11:15,875 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-23 15:11:15,876 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-23 15:11:15,876 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-23 15:11:15,877 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-23 15:11:15,877 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-23 15:11:15,882 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-23 15:11:15,885 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-23 15:11:15,885 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-23 15:11:15,886 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-23 15:11:15,886 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-23 15:11:15,887 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-23 15:11:15,890 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-23 15:11:15,891 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-23 15:11:15,892 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-23 15:11:15,934 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-23 15:11:15,934 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-23 15:11:15,935 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-23 15:11:15,935 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-23 15:11:15,936 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-23 15:11:15,936 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-23 15:11:15,937 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-23 15:11:15,937 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-23 15:11:15,937 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-23 15:11:15,937 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-23 15:11:15,938 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-23 15:11:15,938 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-23 15:11:15,939 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-23 15:11:15,939 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-23 15:11:15,939 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-23 15:11:15,939 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-23 15:11:15,939 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-23 15:11:15,940 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-23 15:11:15,940 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-23 15:11:15,941 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-23 15:11:15,941 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-23 15:11:15,941 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-23 15:11:15,941 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-23 15:11:15,941 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-23 15:11:15,942 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-23 15:11:15,942 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-23 15:11:15,942 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-23 15:11:15,943 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-23 15:11:15,943 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-23 15:11:15,943 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-23 15:11:15,943 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-23 15:11:15,944 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-23 15:11:15,944 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-23 15:11:15,944 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-23 15:11:15,944 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-23 15:11:15,945 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-23 15:11:15,945 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-23 15:11:15,945 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-23 15:11:15,945 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-23 15:11:15,945 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-23 15:11:15,946 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-23 15:11:15,946 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> f18c518732faf536b365bed3360055c2f4eb753a861011ef1bbe74f5b721db8d [2022-11-23 15:11:16,267 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-23 15:11:16,305 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-23 15:11:16,307 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-23 15:11:16,309 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-23 15:11:16,309 INFO L275 PluginConnector]: CDTParser initialized [2022-11-23 15:11:16,311 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/../../sv-benchmarks/c/product-lines/minepump_spec5_product44.cil.c [2022-11-23 15:11:19,383 INFO L500 CDTParser]: Created temporary CDT project at NULL [2022-11-23 15:11:19,690 INFO L351 CDTParser]: Found 1 translation units. [2022-11-23 15:11:19,699 INFO L172 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/sv-benchmarks/c/product-lines/minepump_spec5_product44.cil.c [2022-11-23 15:11:19,715 INFO L394 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/data/d611cddef/6e08aff0b01c4d1abe9c5f5141ca7399/FLAG59fda268f [2022-11-23 15:11:19,733 INFO L402 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/data/d611cddef/6e08aff0b01c4d1abe9c5f5141ca7399 [2022-11-23 15:11:19,736 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-23 15:11:19,739 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-23 15:11:19,742 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-23 15:11:19,743 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-23 15:11:19,750 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-23 15:11:19,751 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 23.11 03:11:19" (1/1) ... [2022-11-23 15:11:19,753 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@61bfc164 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:11:19, skipping insertion in model container [2022-11-23 15:11:19,753 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 23.11 03:11:19" (1/1) ... [2022-11-23 15:11:19,761 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-23 15:11:19,809 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-23 15:11:20,076 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/sv-benchmarks/c/product-lines/minepump_spec5_product44.cil.c[18005,18018] [2022-11-23 15:11:20,083 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-23 15:11:20,095 INFO L203 MainTranslator]: Completed pre-run [2022-11-23 15:11:20,162 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/sv-benchmarks/c/product-lines/minepump_spec5_product44.cil.c[18005,18018] [2022-11-23 15:11:20,165 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-23 15:11:20,183 INFO L208 MainTranslator]: Completed translation [2022-11-23 15:11:20,184 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:11:20 WrapperNode [2022-11-23 15:11:20,184 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-23 15:11:20,185 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-23 15:11:20,185 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-23 15:11:20,185 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-23 15:11:20,193 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:11:20" (1/1) ... [2022-11-23 15:11:20,206 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:11:20" (1/1) ... [2022-11-23 15:11:20,236 INFO L138 Inliner]: procedures = 57, calls = 101, calls flagged for inlining = 27, calls inlined = 24, statements flattened = 205 [2022-11-23 15:11:20,236 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-23 15:11:20,237 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-23 15:11:20,237 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-23 15:11:20,237 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-23 15:11:20,249 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:11:20" (1/1) ... [2022-11-23 15:11:20,250 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:11:20" (1/1) ... [2022-11-23 15:11:20,264 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:11:20" (1/1) ... [2022-11-23 15:11:20,267 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:11:20" (1/1) ... [2022-11-23 15:11:20,271 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:11:20" (1/1) ... [2022-11-23 15:11:20,290 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:11:20" (1/1) ... [2022-11-23 15:11:20,292 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:11:20" (1/1) ... [2022-11-23 15:11:20,293 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:11:20" (1/1) ... [2022-11-23 15:11:20,295 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-23 15:11:20,296 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-23 15:11:20,297 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-23 15:11:20,297 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-23 15:11:20,298 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:11:20" (1/1) ... [2022-11-23 15:11:20,307 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-23 15:11:20,319 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/z3 [2022-11-23 15:11:20,344 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-23 15:11:20,353 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-23 15:11:20,402 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-23 15:11:20,402 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-23 15:11:20,402 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-23 15:11:20,403 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-23 15:11:20,403 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-23 15:11:20,403 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-23 15:11:20,403 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-23 15:11:20,403 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-23 15:11:20,404 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-23 15:11:20,404 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-11-23 15:11:20,404 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-11-23 15:11:20,404 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-23 15:11:20,404 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-23 15:11:20,405 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-23 15:11:20,405 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-23 15:11:20,405 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-23 15:11:20,502 INFO L235 CfgBuilder]: Building ICFG [2022-11-23 15:11:20,504 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-23 15:11:20,864 INFO L276 CfgBuilder]: Performing block encoding [2022-11-23 15:11:21,083 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-23 15:11:21,084 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-23 15:11:21,086 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 23.11 03:11:21 BoogieIcfgContainer [2022-11-23 15:11:21,087 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-23 15:11:21,090 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-23 15:11:21,090 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-23 15:11:21,094 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-23 15:11:21,094 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 23.11 03:11:19" (1/3) ... [2022-11-23 15:11:21,096 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@47381d0d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 23.11 03:11:21, skipping insertion in model container [2022-11-23 15:11:21,096 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 03:11:20" (2/3) ... [2022-11-23 15:11:21,098 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@47381d0d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 23.11 03:11:21, skipping insertion in model container [2022-11-23 15:11:21,098 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 23.11 03:11:21" (3/3) ... [2022-11-23 15:11:21,103 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product44.cil.c [2022-11-23 15:11:21,123 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-23 15:11:21,124 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-23 15:11:21,239 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-23 15:11:21,249 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@68f68dc9, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-23 15:11:21,250 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-23 15:11:21,255 INFO L276 IsEmpty]: Start isEmpty. Operand has 51 states, 33 states have (on average 1.4242424242424243) internal successors, (47), 39 states have internal predecessors, (47), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2022-11-23 15:11:21,263 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2022-11-23 15:11:21,264 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 15:11:21,264 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 15:11:21,265 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 15:11:21,269 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 15:11:21,269 INFO L85 PathProgramCache]: Analyzing trace with hash -1325256327, now seen corresponding path program 1 times [2022-11-23 15:11:21,278 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 15:11:21,279 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [867916290] [2022-11-23 15:11:21,279 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:11:21,280 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 15:11:21,414 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:11:21,524 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-23 15:11:21,525 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 15:11:21,525 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [867916290] [2022-11-23 15:11:21,526 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [867916290] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 15:11:21,527 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 15:11:21,527 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-23 15:11:21,529 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1578160317] [2022-11-23 15:11:21,530 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 15:11:21,535 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-23 15:11:21,536 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 15:11:21,589 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-23 15:11:21,591 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-23 15:11:21,594 INFO L87 Difference]: Start difference. First operand has 51 states, 33 states have (on average 1.4242424242424243) internal successors, (47), 39 states have internal predecessors, (47), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-23 15:11:21,703 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 15:11:21,704 INFO L93 Difference]: Finished difference Result 100 states and 135 transitions. [2022-11-23 15:11:21,706 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-23 15:11:21,708 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 21 [2022-11-23 15:11:21,708 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 15:11:21,716 INFO L225 Difference]: With dead ends: 100 [2022-11-23 15:11:21,717 INFO L226 Difference]: Without dead ends: 46 [2022-11-23 15:11:21,725 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-23 15:11:21,729 INFO L413 NwaCegarLoop]: 49 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 15 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 49 SdHoareTripleChecker+Invalid, 16 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 15 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-23 15:11:21,730 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 49 Invalid, 16 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 15 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-23 15:11:21,747 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 46 states. [2022-11-23 15:11:21,773 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 46 to 46. [2022-11-23 15:11:21,774 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 46 states, 30 states have (on average 1.3) internal successors, (39), 35 states have internal predecessors, (39), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-23 15:11:21,779 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 46 states to 46 states and 58 transitions. [2022-11-23 15:11:21,782 INFO L78 Accepts]: Start accepts. Automaton has 46 states and 58 transitions. Word has length 21 [2022-11-23 15:11:21,782 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 15:11:21,783 INFO L495 AbstractCegarLoop]: Abstraction has 46 states and 58 transitions. [2022-11-23 15:11:21,783 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-23 15:11:21,784 INFO L276 IsEmpty]: Start isEmpty. Operand 46 states and 58 transitions. [2022-11-23 15:11:21,787 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2022-11-23 15:11:21,787 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 15:11:21,788 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 15:11:21,788 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-23 15:11:21,788 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 15:11:21,789 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 15:11:21,790 INFO L85 PathProgramCache]: Analyzing trace with hash 1801005259, now seen corresponding path program 1 times [2022-11-23 15:11:21,790 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 15:11:21,790 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1611282115] [2022-11-23 15:11:21,791 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:11:21,791 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 15:11:21,826 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:11:21,976 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-23 15:11:21,976 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 15:11:21,977 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1611282115] [2022-11-23 15:11:21,977 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1611282115] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 15:11:21,977 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 15:11:21,978 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-23 15:11:21,978 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [156130535] [2022-11-23 15:11:21,978 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 15:11:21,980 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-23 15:11:21,981 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 15:11:21,982 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-23 15:11:21,983 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-23 15:11:21,983 INFO L87 Difference]: Start difference. First operand 46 states and 58 transitions. Second operand has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-23 15:11:22,051 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 15:11:22,053 INFO L93 Difference]: Finished difference Result 69 states and 87 transitions. [2022-11-23 15:11:22,055 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-23 15:11:22,056 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 22 [2022-11-23 15:11:22,056 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 15:11:22,057 INFO L225 Difference]: With dead ends: 69 [2022-11-23 15:11:22,058 INFO L226 Difference]: Without dead ends: 38 [2022-11-23 15:11:22,059 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-23 15:11:22,062 INFO L413 NwaCegarLoop]: 35 mSDtfsCounter, 7 mSDsluCounter, 26 mSDsCounter, 0 mSdLazyCounter, 21 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 10 SdHoareTripleChecker+Valid, 61 SdHoareTripleChecker+Invalid, 21 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 21 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-23 15:11:22,065 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [10 Valid, 61 Invalid, 21 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 21 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-23 15:11:22,066 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 38 states. [2022-11-23 15:11:22,072 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 38 to 38. [2022-11-23 15:11:22,075 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 38 states, 25 states have (on average 1.32) internal successors, (33), 30 states have internal predecessors, (33), 7 states have call successors, (7), 5 states have call predecessors, (7), 5 states have return successors, (7), 6 states have call predecessors, (7), 7 states have call successors, (7) [2022-11-23 15:11:22,077 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 38 states to 38 states and 47 transitions. [2022-11-23 15:11:22,079 INFO L78 Accepts]: Start accepts. Automaton has 38 states and 47 transitions. Word has length 22 [2022-11-23 15:11:22,079 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 15:11:22,079 INFO L495 AbstractCegarLoop]: Abstraction has 38 states and 47 transitions. [2022-11-23 15:11:22,080 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-23 15:11:22,080 INFO L276 IsEmpty]: Start isEmpty. Operand 38 states and 47 transitions. [2022-11-23 15:11:22,081 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2022-11-23 15:11:22,082 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 15:11:22,082 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 15:11:22,082 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-23 15:11:22,083 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 15:11:22,083 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 15:11:22,083 INFO L85 PathProgramCache]: Analyzing trace with hash 1801776207, now seen corresponding path program 1 times [2022-11-23 15:11:22,084 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 15:11:22,084 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1875668850] [2022-11-23 15:11:22,084 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:11:22,084 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 15:11:22,126 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:11:22,392 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-23 15:11:22,393 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 15:11:22,393 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1875668850] [2022-11-23 15:11:22,393 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1875668850] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 15:11:22,395 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 15:11:22,395 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-11-23 15:11:22,395 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1882970454] [2022-11-23 15:11:22,396 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 15:11:22,396 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-23 15:11:22,397 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 15:11:22,398 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-23 15:11:22,398 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2022-11-23 15:11:22,399 INFO L87 Difference]: Start difference. First operand 38 states and 47 transitions. Second operand has 8 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 6 states have internal predecessors, (18), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-23 15:11:22,846 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 15:11:22,846 INFO L93 Difference]: Finished difference Result 145 states and 181 transitions. [2022-11-23 15:11:22,847 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2022-11-23 15:11:22,847 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 6 states have internal predecessors, (18), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 24 [2022-11-23 15:11:22,848 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 15:11:22,849 INFO L225 Difference]: With dead ends: 145 [2022-11-23 15:11:22,849 INFO L226 Difference]: Without dead ends: 109 [2022-11-23 15:11:22,850 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 19 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 15 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 30 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=59, Invalid=213, Unknown=0, NotChecked=0, Total=272 [2022-11-23 15:11:22,851 INFO L413 NwaCegarLoop]: 69 mSDtfsCounter, 77 mSDsluCounter, 220 mSDsCounter, 0 mSdLazyCounter, 339 mSolverCounterSat, 19 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 79 SdHoareTripleChecker+Valid, 289 SdHoareTripleChecker+Invalid, 358 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 19 IncrementalHoareTripleChecker+Valid, 339 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-23 15:11:22,851 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [79 Valid, 289 Invalid, 358 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [19 Valid, 339 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-23 15:11:22,853 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 109 states. [2022-11-23 15:11:22,866 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 109 to 76. [2022-11-23 15:11:22,867 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 76 states, 50 states have (on average 1.26) internal successors, (63), 56 states have internal predecessors, (63), 13 states have call successors, (13), 12 states have call predecessors, (13), 12 states have return successors, (15), 12 states have call predecessors, (15), 13 states have call successors, (15) [2022-11-23 15:11:22,868 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 76 states to 76 states and 91 transitions. [2022-11-23 15:11:22,868 INFO L78 Accepts]: Start accepts. Automaton has 76 states and 91 transitions. Word has length 24 [2022-11-23 15:11:22,869 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 15:11:22,869 INFO L495 AbstractCegarLoop]: Abstraction has 76 states and 91 transitions. [2022-11-23 15:11:22,869 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 6 states have internal predecessors, (18), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-23 15:11:22,869 INFO L276 IsEmpty]: Start isEmpty. Operand 76 states and 91 transitions. [2022-11-23 15:11:22,870 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2022-11-23 15:11:22,870 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 15:11:22,871 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 15:11:22,871 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-23 15:11:22,871 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 15:11:22,872 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 15:11:22,872 INFO L85 PathProgramCache]: Analyzing trace with hash 735581937, now seen corresponding path program 1 times [2022-11-23 15:11:22,872 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 15:11:22,873 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1636258126] [2022-11-23 15:11:22,873 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:11:22,873 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 15:11:22,890 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:11:23,158 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-23 15:11:23,158 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 15:11:23,158 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1636258126] [2022-11-23 15:11:23,159 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1636258126] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 15:11:23,159 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 15:11:23,159 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-23 15:11:23,159 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [45866312] [2022-11-23 15:11:23,159 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 15:11:23,160 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-23 15:11:23,160 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 15:11:23,160 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-23 15:11:23,161 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=8, Invalid=12, Unknown=0, NotChecked=0, Total=20 [2022-11-23 15:11:23,161 INFO L87 Difference]: Start difference. First operand 76 states and 91 transitions. Second operand has 5 states, 5 states have (on average 4.2) internal successors, (21), 5 states have internal predecessors, (21), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-23 15:11:23,309 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 15:11:23,309 INFO L93 Difference]: Finished difference Result 228 states and 284 transitions. [2022-11-23 15:11:23,310 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-11-23 15:11:23,310 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 4.2) internal successors, (21), 5 states have internal predecessors, (21), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 27 [2022-11-23 15:11:23,310 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 15:11:23,312 INFO L225 Difference]: With dead ends: 228 [2022-11-23 15:11:23,312 INFO L226 Difference]: Without dead ends: 154 [2022-11-23 15:11:23,313 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=12, Invalid=18, Unknown=0, NotChecked=0, Total=30 [2022-11-23 15:11:23,314 INFO L413 NwaCegarLoop]: 52 mSDtfsCounter, 73 mSDsluCounter, 108 mSDsCounter, 0 mSdLazyCounter, 71 mSolverCounterSat, 12 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 75 SdHoareTripleChecker+Valid, 160 SdHoareTripleChecker+Invalid, 83 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 12 IncrementalHoareTripleChecker+Valid, 71 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-23 15:11:23,315 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [75 Valid, 160 Invalid, 83 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [12 Valid, 71 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-23 15:11:23,316 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 154 states. [2022-11-23 15:11:23,336 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 154 to 118. [2022-11-23 15:11:23,337 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 118 states, 79 states have (on average 1.2658227848101267) internal successors, (100), 88 states have internal predecessors, (100), 19 states have call successors, (19), 17 states have call predecessors, (19), 19 states have return successors, (25), 17 states have call predecessors, (25), 19 states have call successors, (25) [2022-11-23 15:11:23,339 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 118 states to 118 states and 144 transitions. [2022-11-23 15:11:23,339 INFO L78 Accepts]: Start accepts. Automaton has 118 states and 144 transitions. Word has length 27 [2022-11-23 15:11:23,341 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 15:11:23,341 INFO L495 AbstractCegarLoop]: Abstraction has 118 states and 144 transitions. [2022-11-23 15:11:23,341 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 4.2) internal successors, (21), 5 states have internal predecessors, (21), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-23 15:11:23,341 INFO L276 IsEmpty]: Start isEmpty. Operand 118 states and 144 transitions. [2022-11-23 15:11:23,343 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2022-11-23 15:11:23,343 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 15:11:23,343 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 15:11:23,343 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-23 15:11:23,343 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 15:11:23,344 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 15:11:23,344 INFO L85 PathProgramCache]: Analyzing trace with hash -1743544795, now seen corresponding path program 1 times [2022-11-23 15:11:23,344 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 15:11:23,344 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [391069576] [2022-11-23 15:11:23,345 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:11:23,345 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 15:11:23,361 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:11:23,646 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-23 15:11:23,647 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 15:11:23,647 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [391069576] [2022-11-23 15:11:23,647 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [391069576] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 15:11:23,647 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 15:11:23,648 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-11-23 15:11:23,648 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2039727517] [2022-11-23 15:11:23,648 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 15:11:23,648 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-23 15:11:23,649 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 15:11:23,649 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-23 15:11:23,650 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2022-11-23 15:11:23,650 INFO L87 Difference]: Start difference. First operand 118 states and 144 transitions. Second operand has 8 states, 7 states have (on average 3.142857142857143) internal successors, (22), 7 states have internal predecessors, (22), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-23 15:11:24,195 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 15:11:24,195 INFO L93 Difference]: Finished difference Result 289 states and 352 transitions. [2022-11-23 15:11:24,196 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2022-11-23 15:11:24,196 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 3.142857142857143) internal successors, (22), 7 states have internal predecessors, (22), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 30 [2022-11-23 15:11:24,197 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 15:11:24,199 INFO L225 Difference]: With dead ends: 289 [2022-11-23 15:11:24,199 INFO L226 Difference]: Without dead ends: 212 [2022-11-23 15:11:24,200 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 19 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 31 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=68, Invalid=142, Unknown=0, NotChecked=0, Total=210 [2022-11-23 15:11:24,201 INFO L413 NwaCegarLoop]: 66 mSDtfsCounter, 140 mSDsluCounter, 170 mSDsCounter, 0 mSdLazyCounter, 217 mSolverCounterSat, 64 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 145 SdHoareTripleChecker+Valid, 236 SdHoareTripleChecker+Invalid, 281 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 64 IncrementalHoareTripleChecker+Valid, 217 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-23 15:11:24,201 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [145 Valid, 236 Invalid, 281 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [64 Valid, 217 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-23 15:11:24,202 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 212 states. [2022-11-23 15:11:24,248 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 212 to 161. [2022-11-23 15:11:24,250 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 161 states, 107 states have (on average 1.2523364485981308) internal successors, (134), 121 states have internal predecessors, (134), 26 states have call successors, (26), 23 states have call predecessors, (26), 27 states have return successors, (34), 24 states have call predecessors, (34), 26 states have call successors, (34) [2022-11-23 15:11:24,253 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 161 states to 161 states and 194 transitions. [2022-11-23 15:11:24,253 INFO L78 Accepts]: Start accepts. Automaton has 161 states and 194 transitions. Word has length 30 [2022-11-23 15:11:24,254 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 15:11:24,254 INFO L495 AbstractCegarLoop]: Abstraction has 161 states and 194 transitions. [2022-11-23 15:11:24,255 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 3.142857142857143) internal successors, (22), 7 states have internal predecessors, (22), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-23 15:11:24,255 INFO L276 IsEmpty]: Start isEmpty. Operand 161 states and 194 transitions. [2022-11-23 15:11:24,264 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2022-11-23 15:11:24,265 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 15:11:24,265 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 15:11:24,265 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-23 15:11:24,266 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 15:11:24,266 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 15:11:24,266 INFO L85 PathProgramCache]: Analyzing trace with hash 521581281, now seen corresponding path program 1 times [2022-11-23 15:11:24,266 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 15:11:24,267 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2123519086] [2022-11-23 15:11:24,267 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:11:24,267 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 15:11:24,300 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:11:24,697 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 2 proven. 11 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2022-11-23 15:11:24,697 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 15:11:24,698 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2123519086] [2022-11-23 15:11:24,698 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2123519086] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-23 15:11:24,698 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1290728631] [2022-11-23 15:11:24,698 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:11:24,699 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 15:11:24,699 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/z3 [2022-11-23 15:11:24,702 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-23 15:11:24,730 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-23 15:11:24,811 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:11:24,814 INFO L263 TraceCheckSpWp]: Trace formula consists of 270 conjuncts, 22 conjunts are in the unsatisfiable core [2022-11-23 15:11:24,820 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-23 15:11:25,016 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 18 proven. 1 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-23 15:11:25,017 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-23 15:11:25,183 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 12 proven. 1 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2022-11-23 15:11:25,183 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1290728631] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-23 15:11:25,183 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1281847149] [2022-11-23 15:11:25,203 INFO L159 IcfgInterpreter]: Started Sifa with 28 locations of interest [2022-11-23 15:11:25,203 INFO L166 IcfgInterpreter]: Building call graph [2022-11-23 15:11:25,207 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-23 15:11:25,212 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-23 15:11:25,213 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-23 15:11:27,734 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 52 for LOIs [2022-11-23 15:11:28,053 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 22 for LOIs [2022-11-23 15:11:28,055 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-23 15:11:32,301 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '2376#(and (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~2#1| 0)) (<= ~pumpRunning~0 2147483647) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1| 2)) (= ~methaneLevelCritical~0 0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| ~waterLevel~0) (= ~head~0.offset 0) (= |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1| |timeShift_getWaterLevel_#res#1|) (= |timeShift_getWaterLevel_~retValue_acc~1#1| |timeShift_getWaterLevel_#res#1|) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~2#1|) (<= 1 |old(~waterLevel~0)|) (= ~head~0.base 0) (<= 0 (+ ~pumpRunning~0 2147483648)) (= |#NULL.offset| 0) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (<= |timeShift_getWaterLevel_~retValue_acc~1#1| 2147483647) (<= 0 ~waterLevel~0) (<= ~systemActive~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-23 15:11:32,301 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-23 15:11:32,301 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-23 15:11:32,301 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 17 [2022-11-23 15:11:32,302 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1312050544] [2022-11-23 15:11:32,302 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-23 15:11:32,302 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 17 states [2022-11-23 15:11:32,303 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 15:11:32,303 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 17 interpolants. [2022-11-23 15:11:32,304 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=204, Invalid=1436, Unknown=0, NotChecked=0, Total=1640 [2022-11-23 15:11:32,304 INFO L87 Difference]: Start difference. First operand 161 states and 194 transitions. Second operand has 17 states, 17 states have (on average 4.0) internal successors, (68), 17 states have internal predecessors, (68), 6 states have call successors, (11), 5 states have call predecessors, (11), 4 states have return successors, (9), 6 states have call predecessors, (9), 6 states have call successors, (9) [2022-11-23 15:11:34,437 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 15:11:34,437 INFO L93 Difference]: Finished difference Result 603 states and 779 transitions. [2022-11-23 15:11:34,438 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 39 states. [2022-11-23 15:11:34,438 INFO L78 Accepts]: Start accepts. Automaton has has 17 states, 17 states have (on average 4.0) internal successors, (68), 17 states have internal predecessors, (68), 6 states have call successors, (11), 5 states have call predecessors, (11), 4 states have return successors, (9), 6 states have call predecessors, (9), 6 states have call successors, (9) Word has length 44 [2022-11-23 15:11:34,438 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 15:11:34,443 INFO L225 Difference]: With dead ends: 603 [2022-11-23 15:11:34,443 INFO L226 Difference]: Without dead ends: 509 [2022-11-23 15:11:34,446 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 187 GetRequests, 118 SyntacticMatches, 0 SemanticMatches, 69 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1528 ImplicationChecksByTransitivity, 5.5s TimeCoverageRelationStatistics Valid=620, Invalid=4350, Unknown=0, NotChecked=0, Total=4970 [2022-11-23 15:11:34,447 INFO L413 NwaCegarLoop]: 92 mSDtfsCounter, 428 mSDsluCounter, 428 mSDsCounter, 0 mSdLazyCounter, 1045 mSolverCounterSat, 310 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 434 SdHoareTripleChecker+Valid, 520 SdHoareTripleChecker+Invalid, 1355 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 310 IncrementalHoareTripleChecker+Valid, 1045 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.9s IncrementalHoareTripleChecker+Time [2022-11-23 15:11:34,447 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [434 Valid, 520 Invalid, 1355 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [310 Valid, 1045 Invalid, 0 Unknown, 0 Unchecked, 0.9s Time] [2022-11-23 15:11:34,449 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 509 states. [2022-11-23 15:11:34,499 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 509 to 337. [2022-11-23 15:11:34,500 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 337 states, 224 states have (on average 1.21875) internal successors, (273), 254 states have internal predecessors, (273), 53 states have call successors, (53), 49 states have call predecessors, (53), 59 states have return successors, (90), 51 states have call predecessors, (90), 53 states have call successors, (90) [2022-11-23 15:11:34,502 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 337 states to 337 states and 416 transitions. [2022-11-23 15:11:34,503 INFO L78 Accepts]: Start accepts. Automaton has 337 states and 416 transitions. Word has length 44 [2022-11-23 15:11:34,503 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 15:11:34,503 INFO L495 AbstractCegarLoop]: Abstraction has 337 states and 416 transitions. [2022-11-23 15:11:34,504 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 17 states, 17 states have (on average 4.0) internal successors, (68), 17 states have internal predecessors, (68), 6 states have call successors, (11), 5 states have call predecessors, (11), 4 states have return successors, (9), 6 states have call predecessors, (9), 6 states have call successors, (9) [2022-11-23 15:11:34,504 INFO L276 IsEmpty]: Start isEmpty. Operand 337 states and 416 transitions. [2022-11-23 15:11:34,506 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 51 [2022-11-23 15:11:34,506 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 15:11:34,506 INFO L195 NwaCegarLoop]: trace histogram [4, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 15:11:34,518 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-23 15:11:34,713 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 15:11:34,714 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 15:11:34,714 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 15:11:34,714 INFO L85 PathProgramCache]: Analyzing trace with hash -1816178952, now seen corresponding path program 1 times [2022-11-23 15:11:34,714 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 15:11:34,714 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1292012145] [2022-11-23 15:11:34,715 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:11:34,715 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 15:11:34,726 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:11:34,904 INFO L134 CoverageAnalysis]: Checked inductivity of 29 backedges. 18 proven. 2 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2022-11-23 15:11:34,904 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 15:11:34,905 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1292012145] [2022-11-23 15:11:34,905 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1292012145] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-23 15:11:34,905 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [715541360] [2022-11-23 15:11:34,905 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:11:34,905 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 15:11:34,906 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/z3 [2022-11-23 15:11:34,907 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-23 15:11:34,915 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-23 15:11:34,997 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:11:34,999 INFO L263 TraceCheckSpWp]: Trace formula consists of 284 conjuncts, 23 conjunts are in the unsatisfiable core [2022-11-23 15:11:35,002 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-23 15:11:35,270 INFO L134 CoverageAnalysis]: Checked inductivity of 29 backedges. 21 proven. 8 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-23 15:11:35,270 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-23 15:11:35,499 INFO L134 CoverageAnalysis]: Checked inductivity of 29 backedges. 15 proven. 5 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2022-11-23 15:11:35,499 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [715541360] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-23 15:11:35,499 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [667984262] [2022-11-23 15:11:35,502 INFO L159 IcfgInterpreter]: Started Sifa with 28 locations of interest [2022-11-23 15:11:35,502 INFO L166 IcfgInterpreter]: Building call graph [2022-11-23 15:11:35,503 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-23 15:11:35,503 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-23 15:11:35,503 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-23 15:11:36,840 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 29 for LOIs [2022-11-23 15:11:37,132 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 20 for LOIs [2022-11-23 15:11:37,134 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-23 15:11:40,788 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '4247#(and (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~2#1| 0)) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1| 2)) (= ~methaneLevelCritical~0 0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| ~waterLevel~0) (<= 0 (+ 2147483648 |old(~pumpRunning~0)|)) (= ~head~0.offset 0) (= |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1| |timeShift_getWaterLevel_#res#1|) (<= |old(~pumpRunning~0)| 2147483647) (= |timeShift_getWaterLevel_~retValue_acc~1#1| |timeShift_getWaterLevel_#res#1|) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~2#1|) (= ~head~0.base 0) (<= 0 (+ |timeShift_getWaterLevel_~retValue_acc~1#1| 2147483648)) (= |#NULL.offset| 0) (<= 0 (+ |timeShift___utac_acc__Specification5_spec__3_~tmp___0~2#1| 2147483648)) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~2#1| 2147483647) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (<= |timeShift_getWaterLevel_~retValue_acc~1#1| 2147483647) (<= ~systemActive~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-23 15:11:40,789 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-23 15:11:40,789 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-23 15:11:40,789 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 12, 7] total 20 [2022-11-23 15:11:40,789 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1629690829] [2022-11-23 15:11:40,789 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-23 15:11:40,790 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 20 states [2022-11-23 15:11:40,790 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 15:11:40,791 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 20 interpolants. [2022-11-23 15:11:40,792 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=222, Invalid=1670, Unknown=0, NotChecked=0, Total=1892 [2022-11-23 15:11:40,792 INFO L87 Difference]: Start difference. First operand 337 states and 416 transitions. Second operand has 20 states, 18 states have (on average 4.722222222222222) internal successors, (85), 17 states have internal predecessors, (85), 8 states have call successors, (16), 6 states have call predecessors, (16), 9 states have return successors, (14), 11 states have call predecessors, (14), 8 states have call successors, (14) [2022-11-23 15:11:42,505 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 15:11:42,506 INFO L93 Difference]: Finished difference Result 941 states and 1190 transitions. [2022-11-23 15:11:42,511 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 50 states. [2022-11-23 15:11:42,511 INFO L78 Accepts]: Start accepts. Automaton has has 20 states, 18 states have (on average 4.722222222222222) internal successors, (85), 17 states have internal predecessors, (85), 8 states have call successors, (16), 6 states have call predecessors, (16), 9 states have return successors, (14), 11 states have call predecessors, (14), 8 states have call successors, (14) Word has length 50 [2022-11-23 15:11:42,512 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 15:11:42,516 INFO L225 Difference]: With dead ends: 941 [2022-11-23 15:11:42,516 INFO L226 Difference]: Without dead ends: 702 [2022-11-23 15:11:42,520 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 205 GetRequests, 124 SyntacticMatches, 0 SemanticMatches, 81 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2108 ImplicationChecksByTransitivity, 4.6s TimeCoverageRelationStatistics Valid=786, Invalid=6020, Unknown=0, NotChecked=0, Total=6806 [2022-11-23 15:11:42,520 INFO L413 NwaCegarLoop]: 53 mSDtfsCounter, 313 mSDsluCounter, 352 mSDsCounter, 0 mSdLazyCounter, 1007 mSolverCounterSat, 209 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 319 SdHoareTripleChecker+Valid, 405 SdHoareTripleChecker+Invalid, 1216 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 209 IncrementalHoareTripleChecker+Valid, 1007 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2022-11-23 15:11:42,521 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [319 Valid, 405 Invalid, 1216 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [209 Valid, 1007 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2022-11-23 15:11:42,522 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 702 states. [2022-11-23 15:11:42,625 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 702 to 550. [2022-11-23 15:11:42,627 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 550 states, 361 states have (on average 1.1966759002770082) internal successors, (432), 408 states have internal predecessors, (432), 89 states have call successors, (89), 85 states have call predecessors, (89), 99 states have return successors, (151), 87 states have call predecessors, (151), 89 states have call successors, (151) [2022-11-23 15:11:42,630 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 550 states to 550 states and 672 transitions. [2022-11-23 15:11:42,630 INFO L78 Accepts]: Start accepts. Automaton has 550 states and 672 transitions. Word has length 50 [2022-11-23 15:11:42,630 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 15:11:42,631 INFO L495 AbstractCegarLoop]: Abstraction has 550 states and 672 transitions. [2022-11-23 15:11:42,631 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 20 states, 18 states have (on average 4.722222222222222) internal successors, (85), 17 states have internal predecessors, (85), 8 states have call successors, (16), 6 states have call predecessors, (16), 9 states have return successors, (14), 11 states have call predecessors, (14), 8 states have call successors, (14) [2022-11-23 15:11:42,631 INFO L276 IsEmpty]: Start isEmpty. Operand 550 states and 672 transitions. [2022-11-23 15:11:42,633 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2022-11-23 15:11:42,633 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 15:11:42,633 INFO L195 NwaCegarLoop]: trace histogram [4, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 15:11:42,647 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-23 15:11:42,840 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable6 [2022-11-23 15:11:42,840 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 15:11:42,840 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 15:11:42,841 INFO L85 PathProgramCache]: Analyzing trace with hash -2091136722, now seen corresponding path program 1 times [2022-11-23 15:11:42,841 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 15:11:42,841 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1983372964] [2022-11-23 15:11:42,841 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:11:42,841 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 15:11:42,859 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:11:43,573 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 6 proven. 14 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-23 15:11:43,573 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 15:11:43,573 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1983372964] [2022-11-23 15:11:43,574 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1983372964] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-23 15:11:43,574 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1208759595] [2022-11-23 15:11:43,574 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:11:43,574 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 15:11:43,574 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/z3 [2022-11-23 15:11:43,579 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-23 15:11:43,584 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-11-23 15:11:43,668 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:11:43,670 INFO L263 TraceCheckSpWp]: Trace formula consists of 284 conjuncts, 43 conjunts are in the unsatisfiable core [2022-11-23 15:11:43,673 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-23 15:11:44,231 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 15 proven. 6 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2022-11-23 15:11:44,231 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-23 15:11:44,623 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 10 proven. 2 refuted. 0 times theorem prover too weak. 16 trivial. 0 not checked. [2022-11-23 15:11:44,623 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1208759595] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-23 15:11:44,624 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1777980996] [2022-11-23 15:11:44,626 INFO L159 IcfgInterpreter]: Started Sifa with 28 locations of interest [2022-11-23 15:11:44,626 INFO L166 IcfgInterpreter]: Building call graph [2022-11-23 15:11:44,627 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-23 15:11:44,627 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-23 15:11:44,627 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-23 15:11:46,386 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 52 for LOIs [2022-11-23 15:11:46,646 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 39 for LOIs [2022-11-23 15:11:46,651 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-23 15:11:50,583 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '6994#(and (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~2#1| 0)) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1| 2)) (= ~methaneLevelCritical~0 0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| ~waterLevel~0) (= ~head~0.offset 0) (= |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1| |timeShift_getWaterLevel_#res#1|) (= |old(~pumpRunning~0)| 0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| |timeShift_getWaterLevel_#res#1|) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~2#1| 1) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~2#1|) (= ~head~0.base 0) (<= 0 (+ |timeShift_getWaterLevel_~retValue_acc~1#1| 2147483648)) (= |#NULL.offset| 0) (<= 0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~2#1|) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (<= |timeShift_getWaterLevel_~retValue_acc~1#1| 2147483647) (<= ~systemActive~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-23 15:11:50,583 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-23 15:11:50,583 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-23 15:11:50,583 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [14, 14, 11] total 30 [2022-11-23 15:11:50,584 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [411953951] [2022-11-23 15:11:50,584 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-23 15:11:50,584 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 30 states [2022-11-23 15:11:50,584 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 15:11:50,585 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 30 interpolants. [2022-11-23 15:11:50,586 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=356, Invalid=2400, Unknown=0, NotChecked=0, Total=2756 [2022-11-23 15:11:50,586 INFO L87 Difference]: Start difference. First operand 550 states and 672 transitions. Second operand has 30 states, 27 states have (on average 2.3333333333333335) internal successors, (63), 25 states have internal predecessors, (63), 8 states have call successors, (14), 7 states have call predecessors, (14), 9 states have return successors, (13), 8 states have call predecessors, (13), 8 states have call successors, (13) [2022-11-23 15:11:52,630 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 15:11:52,630 INFO L93 Difference]: Finished difference Result 1210 states and 1512 transitions. [2022-11-23 15:11:52,632 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 41 states. [2022-11-23 15:11:52,632 INFO L78 Accepts]: Start accepts. Automaton has has 30 states, 27 states have (on average 2.3333333333333335) internal successors, (63), 25 states have internal predecessors, (63), 8 states have call successors, (14), 7 states have call predecessors, (14), 9 states have return successors, (13), 8 states have call predecessors, (13), 8 states have call successors, (13) Word has length 49 [2022-11-23 15:11:52,633 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 15:11:52,638 INFO L225 Difference]: With dead ends: 1210 [2022-11-23 15:11:52,638 INFO L226 Difference]: Without dead ends: 798 [2022-11-23 15:11:52,642 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 199 GetRequests, 109 SyntacticMatches, 6 SemanticMatches, 84 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2687 ImplicationChecksByTransitivity, 5.6s TimeCoverageRelationStatistics Valid=1031, Invalid=6279, Unknown=0, NotChecked=0, Total=7310 [2022-11-23 15:11:52,642 INFO L413 NwaCegarLoop]: 52 mSDtfsCounter, 324 mSDsluCounter, 417 mSDsCounter, 0 mSdLazyCounter, 899 mSolverCounterSat, 192 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 327 SdHoareTripleChecker+Valid, 469 SdHoareTripleChecker+Invalid, 1091 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 192 IncrementalHoareTripleChecker+Valid, 899 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2022-11-23 15:11:52,643 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [327 Valid, 469 Invalid, 1091 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [192 Valid, 899 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2022-11-23 15:11:52,644 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 798 states. [2022-11-23 15:11:52,786 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 798 to 551. [2022-11-23 15:11:52,787 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 551 states, 363 states have (on average 1.1955922865013775) internal successors, (434), 408 states have internal predecessors, (434), 89 states have call successors, (89), 85 states have call predecessors, (89), 98 states have return successors, (150), 88 states have call predecessors, (150), 89 states have call successors, (150) [2022-11-23 15:11:52,792 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 551 states to 551 states and 673 transitions. [2022-11-23 15:11:52,793 INFO L78 Accepts]: Start accepts. Automaton has 551 states and 673 transitions. Word has length 49 [2022-11-23 15:11:52,793 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 15:11:52,793 INFO L495 AbstractCegarLoop]: Abstraction has 551 states and 673 transitions. [2022-11-23 15:11:52,793 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 30 states, 27 states have (on average 2.3333333333333335) internal successors, (63), 25 states have internal predecessors, (63), 8 states have call successors, (14), 7 states have call predecessors, (14), 9 states have return successors, (13), 8 states have call predecessors, (13), 8 states have call successors, (13) [2022-11-23 15:11:52,794 INFO L276 IsEmpty]: Start isEmpty. Operand 551 states and 673 transitions. [2022-11-23 15:11:52,795 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2022-11-23 15:11:52,795 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 15:11:52,795 INFO L195 NwaCegarLoop]: trace histogram [4, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 15:11:52,802 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2022-11-23 15:11:53,001 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable7 [2022-11-23 15:11:53,002 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 15:11:53,002 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 15:11:53,002 INFO L85 PathProgramCache]: Analyzing trace with hash -1095342392, now seen corresponding path program 1 times [2022-11-23 15:11:53,002 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 15:11:53,002 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [295297302] [2022-11-23 15:11:53,002 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:11:53,003 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 15:11:53,016 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:11:53,529 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 4 proven. 12 refuted. 0 times theorem prover too weak. 12 trivial. 0 not checked. [2022-11-23 15:11:53,529 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 15:11:53,529 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [295297302] [2022-11-23 15:11:53,530 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [295297302] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-23 15:11:53,530 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [189253838] [2022-11-23 15:11:53,530 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 15:11:53,530 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 15:11:53,530 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/z3 [2022-11-23 15:11:53,535 INFO L229 MonitoredProcess]: Starting monitored process 5 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-23 15:11:53,562 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2022-11-23 15:11:53,627 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 15:11:53,629 INFO L263 TraceCheckSpWp]: Trace formula consists of 290 conjuncts, 53 conjunts are in the unsatisfiable core [2022-11-23 15:11:53,632 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-23 15:11:54,345 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 13 proven. 12 refuted. 0 times theorem prover too weak. 3 trivial. 0 not checked. [2022-11-23 15:11:54,346 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-23 15:11:54,948 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 9 proven. 3 refuted. 0 times theorem prover too weak. 16 trivial. 0 not checked. [2022-11-23 15:11:54,948 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [189253838] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-23 15:11:54,948 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1234995722] [2022-11-23 15:11:54,950 INFO L159 IcfgInterpreter]: Started Sifa with 31 locations of interest [2022-11-23 15:11:54,950 INFO L166 IcfgInterpreter]: Building call graph [2022-11-23 15:11:54,951 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-23 15:11:54,951 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-23 15:11:54,951 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-23 15:12:01,562 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 144 for LOIs [2022-11-23 15:12:01,579 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 56 for LOIs [2022-11-23 15:12:01,788 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 46 for LOIs [2022-11-23 15:12:01,793 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-23 15:12:08,164 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '10161#(and (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~2#1| 0)) (<= ~pumpRunning~0 1) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1| 2)) (<= 0 ~systemActive~0) (= ~methaneLevelCritical~0 0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| ~waterLevel~0) (= ~head~0.offset 0) (<= |old(~switchedOnBeforeTS~0)| 2147483647) (= |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1| |timeShift_getWaterLevel_#res#1|) (= |old(~pumpRunning~0)| 0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| |timeShift_getWaterLevel_#res#1|) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~2#1|) (<= 0 (+ |old(~switchedOnBeforeTS~0)| 2147483648)) (<= 0 ~pumpRunning~0) (= ~head~0.base 0) (<= 0 (+ |timeShift_getWaterLevel_~retValue_acc~1#1| 2147483648)) (= |#NULL.offset| 0) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (<= |timeShift_getWaterLevel_~retValue_acc~1#1| 2147483647) (<= ~systemActive~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-23 15:12:08,165 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-23 15:12:08,166 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-23 15:12:08,167 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [15, 19, 13] total 38 [2022-11-23 15:12:08,167 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [200617275] [2022-11-23 15:12:08,167 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-23 15:12:08,168 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 38 states [2022-11-23 15:12:08,169 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 15:12:08,170 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 38 interpolants. [2022-11-23 15:12:08,171 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=430, Invalid=3602, Unknown=0, NotChecked=0, Total=4032 [2022-11-23 15:12:08,171 INFO L87 Difference]: Start difference. First operand 551 states and 673 transitions. Second operand has 38 states, 33 states have (on average 2.5454545454545454) internal successors, (84), 32 states have internal predecessors, (84), 10 states have call successors, (19), 11 states have call predecessors, (19), 11 states have return successors, (17), 11 states have call predecessors, (17), 10 states have call successors, (17) [2022-11-23 15:12:13,607 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 15:12:13,607 INFO L93 Difference]: Finished difference Result 1136 states and 1419 transitions. [2022-11-23 15:12:13,608 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 87 states. [2022-11-23 15:12:13,608 INFO L78 Accepts]: Start accepts. Automaton has has 38 states, 33 states have (on average 2.5454545454545454) internal successors, (84), 32 states have internal predecessors, (84), 10 states have call successors, (19), 11 states have call predecessors, (19), 11 states have return successors, (17), 11 states have call predecessors, (17), 10 states have call successors, (17) Word has length 52 [2022-11-23 15:12:13,608 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 15:12:13,609 INFO L225 Difference]: With dead ends: 1136 [2022-11-23 15:12:13,609 INFO L226 Difference]: Without dead ends: 0 [2022-11-23 15:12:13,616 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 263 GetRequests, 112 SyntacticMatches, 8 SemanticMatches, 143 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7375 ImplicationChecksByTransitivity, 10.8s TimeCoverageRelationStatistics Valid=2708, Invalid=18172, Unknown=0, NotChecked=0, Total=20880 [2022-11-23 15:12:13,617 INFO L413 NwaCegarLoop]: 66 mSDtfsCounter, 1314 mSDsluCounter, 530 mSDsCounter, 0 mSdLazyCounter, 1670 mSolverCounterSat, 888 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1318 SdHoareTripleChecker+Valid, 596 SdHoareTripleChecker+Invalid, 2558 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 888 IncrementalHoareTripleChecker+Valid, 1670 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.5s IncrementalHoareTripleChecker+Time [2022-11-23 15:12:13,617 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1318 Valid, 596 Invalid, 2558 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [888 Valid, 1670 Invalid, 0 Unknown, 0 Unchecked, 1.5s Time] [2022-11-23 15:12:13,618 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-23 15:12:13,618 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-23 15:12:13,618 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-23 15:12:13,619 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-23 15:12:13,619 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 52 [2022-11-23 15:12:13,619 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 15:12:13,619 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-23 15:12:13,620 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 38 states, 33 states have (on average 2.5454545454545454) internal successors, (84), 32 states have internal predecessors, (84), 10 states have call successors, (19), 11 states have call predecessors, (19), 11 states have return successors, (17), 11 states have call predecessors, (17), 10 states have call successors, (17) [2022-11-23 15:12:13,620 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-23 15:12:13,620 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-23 15:12:13,622 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-23 15:12:13,635 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2022-11-23 15:12:13,829 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,5 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 15:12:13,831 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-23 15:12:26,029 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 556 562) no Hoare annotation was computed. [2022-11-23 15:12:26,030 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 556 562) the Hoare annotation is: true [2022-11-23 15:12:26,030 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 83 94) the Hoare annotation is: true [2022-11-23 15:12:26,030 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 83 94) no Hoare annotation was computed. [2022-11-23 15:12:26,030 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 831 860) no Hoare annotation was computed. [2022-11-23 15:12:26,030 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 831 860) the Hoare annotation is: true [2022-11-23 15:12:26,030 INFO L902 garLoopResultBuilder]: At program point L856(lines 831 860) the Hoare annotation is: true [2022-11-23 15:12:26,031 INFO L899 garLoopResultBuilder]: For program point L852(line 852) no Hoare annotation was computed. [2022-11-23 15:12:26,031 INFO L899 garLoopResultBuilder]: For program point L845(lines 845 849) no Hoare annotation was computed. [2022-11-23 15:12:26,031 INFO L902 garLoopResultBuilder]: At program point L845-1(lines 845 849) the Hoare annotation is: true [2022-11-23 15:12:26,031 INFO L902 garLoopResultBuilder]: At program point L841-2(lines 841 855) the Hoare annotation is: true [2022-11-23 15:12:26,031 INFO L902 garLoopResultBuilder]: At program point L837(line 837) the Hoare annotation is: true [2022-11-23 15:12:26,032 INFO L899 garLoopResultBuilder]: For program point L837-1(line 837) no Hoare annotation was computed. [2022-11-23 15:12:26,032 INFO L895 garLoopResultBuilder]: At program point L543-1(lines 543 549) the Hoare annotation is: (let ((.cse2 (= 0 ~systemActive~0)) (.cse11 (not (< 0 ~waterLevel~0))) (.cse7 (= ~pumpRunning~0 0)) (.cse8 (<= ~waterLevel~0 |old(~waterLevel~0)|)) (.cse12 (not (= |old(~waterLevel~0)| 1))) (.cse13 (= |old(~pumpRunning~0)| 0))) (let ((.cse0 (not .cse13)) (.cse9 (or .cse12 (<= 1 ~waterLevel~0))) (.cse10 (or (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) (and .cse11 .cse8) (and .cse7 .cse8))) (.cse4 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse1 (not .cse7)) (.cse5 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse6 (and .cse13 (not .cse2))) (.cse3 (not (< |old(~waterLevel~0)| 3)))) (and (or .cse0 (and (= |timeShift_processEnvironment_~tmp~3#1| 1) (or .cse1 (= ~switchedOnBeforeTS~0 0)) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse2 .cse3 (not (<= 2 |old(~waterLevel~0)|))) (or (and .cse4 .cse1 (= ~waterLevel~0 1) .cse5) .cse6 (not (= |old(~waterLevel~0)| 2)) (and .cse4 .cse7 (= 2 ~waterLevel~0) .cse5)) (or (and (<= 2 ~waterLevel~0) .cse8) (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) .cse0 (and .cse9 .cse10 .cse7 (= |timeShift_processEnvironment_~tmp~3#1| 0) .cse5) (and .cse10 .cse7 .cse2 .cse5) .cse3) (or (and .cse4 .cse9 .cse10 .cse5) (and .cse4 .cse1 .cse11 .cse8 .cse5) (and (or .cse12 .cse6) (or .cse6 (= |old(~switchedOnBeforeTS~0)| 0))) .cse3)))) [2022-11-23 15:12:26,033 INFO L895 garLoopResultBuilder]: At program point L572(lines 572 580) the Hoare annotation is: (let ((.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 |old(~waterLevel~0)|)) (.cse3 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse5 (not (= |old(~waterLevel~0)| 1))) (.cse6 (and (= |old(~pumpRunning~0)| 0) (not (= 0 ~systemActive~0)))) (.cse4 (not (< |old(~waterLevel~0)| 3)))) (and (or .cse0 (and .cse1 (or (not (< ~waterLevel~0 2)) (= |timeShift_processEnvironment_~tmp~3#1| 0)) .cse2 .cse3) .cse4) (or .cse0 .cse5 (<= 1 ~waterLevel~0)) (or (and .cse1 (= |timeShift_processEnvironment_~tmp~3#1| 1) (= |old(~waterLevel~0)| ~waterLevel~0) .cse2 .cse3) (not (<= |old(~waterLevel~0)| 2)) (not (<= 2 |old(~waterLevel~0)|))) (or .cse6 (not (= |old(~waterLevel~0)| 2))) (or (and (or .cse5 .cse6) (or .cse6 (= |old(~switchedOnBeforeTS~0)| 0))) .cse4))) [2022-11-23 15:12:26,033 INFO L895 garLoopResultBuilder]: At program point L568(lines 568 585) the Hoare annotation is: (let ((.cse9 (= |old(~pumpRunning~0)| 0)) (.cse3 (= ~pumpRunning~0 0))) (let ((.cse2 (let ((.cse10 (<= ~waterLevel~0 |old(~waterLevel~0)|))) (or (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) (and (not (< 0 ~waterLevel~0)) .cse10) (and .cse3 .cse10)))) (.cse1 (not (= |old(~waterLevel~0)| 1))) (.cse0 (and .cse9 (not (= 0 ~systemActive~0)))) (.cse7 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse5 (not .cse9)) (.cse6 (not (< |old(~waterLevel~0)| 3))) (.cse8 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 2)) (= ~waterLevel~0 1)) (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) (and (or .cse1 (<= 1 ~waterLevel~0)) .cse2 .cse3 .cse4) .cse5 .cse6) (or (not (<= |old(~waterLevel~0)| 1)) (and .cse7 .cse2 (not .cse3) .cse4) (and (or .cse1 .cse0) (or .cse0 (= |old(~switchedOnBeforeTS~0)| 0)))) (or (and .cse7 .cse4) (not (<= |old(~waterLevel~0)| 2)) .cse8) (or .cse5 (= |old(~waterLevel~0)| ~waterLevel~0) .cse6 .cse8)))) [2022-11-23 15:12:26,034 INFO L899 garLoopResultBuilder]: For program point L969(lines 969 975) no Hoare annotation was computed. [2022-11-23 15:12:26,034 INFO L895 garLoopResultBuilder]: At program point L932(line 932) the Hoare annotation is: (and (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) (not (<= |old(~waterLevel~0)| 1))) (or (not (<= |old(~waterLevel~0)| 2)) (not (<= 2 |old(~waterLevel~0)|))) (or (let ((.cse0 (and (= |old(~pumpRunning~0)| 0) (not (= 0 ~systemActive~0))))) (and (or (not (= |old(~waterLevel~0)| 1)) .cse0) (or .cse0 (= |old(~switchedOnBeforeTS~0)| 0)))) (not (< |old(~waterLevel~0)| 3)))) [2022-11-23 15:12:26,034 INFO L899 garLoopResultBuilder]: For program point L536-2(lines 532 554) no Hoare annotation was computed. [2022-11-23 15:12:26,035 INFO L895 garLoopResultBuilder]: At program point L966(line 966) the Hoare annotation is: (let ((.cse9 (not (< 0 ~waterLevel~0))) (.cse5 (= ~pumpRunning~0 0)) (.cse10 (<= ~waterLevel~0 |old(~waterLevel~0)|)) (.cse11 (not (= |old(~waterLevel~0)| 1)))) (let ((.cse8 (or .cse11 (<= 1 ~waterLevel~0))) (.cse4 (or (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) (and .cse9 .cse10) (and .cse5 .cse10))) (.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse1 (not .cse5)) (.cse2 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1| ~waterLevel~0)) (.cse3 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse7 (= |old(~pumpRunning~0)| 0)) (.cse6 (= 0 ~systemActive~0))) (and (or (and .cse0 .cse1 .cse2 (= ~waterLevel~0 1) .cse3) (not (<= |old(~waterLevel~0)| 2)) (not (<= 2 |old(~waterLevel~0)|))) (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) (and .cse4 .cse5 .cse2 .cse6 .cse3) (not (<= |old(~waterLevel~0)| 1)) (not .cse7) (and .cse8 .cse4 .cse5 .cse2 (= |timeShift_processEnvironment_~tmp~3#1| 0) .cse3)) (or (and .cse0 .cse8 .cse4 .cse2 .cse3) (and .cse0 .cse1 .cse9 .cse2 .cse10 .cse3) (let ((.cse12 (and .cse7 (not .cse6)))) (and (or .cse11 .cse12) (or .cse12 (= |old(~switchedOnBeforeTS~0)| 0)))) (not (< |old(~waterLevel~0)| 3)))))) [2022-11-23 15:12:26,035 INFO L899 garLoopResultBuilder]: For program point L966-1(line 966) no Hoare annotation was computed. [2022-11-23 15:12:26,035 INFO L895 garLoopResultBuilder]: At program point L578(line 578) the Hoare annotation is: (let ((.cse0 (not (= |old(~waterLevel~0)| 1)))) (and (or (not (<= |old(~waterLevel~0)| 2)) (not (<= 2 |old(~waterLevel~0)|))) (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) (and (or .cse0 (<= 1 ~waterLevel~0)) (= ~pumpRunning~0 0) (<= ~waterLevel~0 |old(~waterLevel~0)|) (= |timeShift_processEnvironment_~tmp~3#1| 0) (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (not (<= |old(~waterLevel~0)| 1))) (or (let ((.cse1 (and (= |old(~pumpRunning~0)| 0) (not (= 0 ~systemActive~0))))) (and (or .cse0 .cse1) (or .cse1 (= |old(~switchedOnBeforeTS~0)| 0)))) (not (< |old(~waterLevel~0)| 3))))) [2022-11-23 15:12:26,036 INFO L895 garLoopResultBuilder]: At program point L583(line 583) the Hoare annotation is: (let ((.cse0 (not (<= |old(~waterLevel~0)| 1))) (.cse5 (= |old(~pumpRunning~0)| 0)) (.cse1 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse2 (not (= ~pumpRunning~0 0))) (.cse3 (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (and (or .cse0 (and .cse1 .cse2 (not (< 0 ~waterLevel~0)) (<= ~waterLevel~0 |old(~waterLevel~0)|) .cse3) (let ((.cse4 (and .cse5 (not (= 0 ~systemActive~0))))) (and (or (not (= |old(~waterLevel~0)| 1)) .cse4) (or .cse4 (= |old(~switchedOnBeforeTS~0)| 0))))) (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) .cse0 (not .cse5)) (or (and .cse1 .cse2 (= ~waterLevel~0 1) .cse3) (not (<= |old(~waterLevel~0)| 2)) (not (<= 2 |old(~waterLevel~0)|))))) [2022-11-23 15:12:26,036 INFO L895 garLoopResultBuilder]: At program point L583-1(lines 564 588) the Hoare annotation is: (let ((.cse7 (= ~pumpRunning~0 0)) (.cse8 (= |old(~pumpRunning~0)| 0))) (let ((.cse0 (and .cse8 (not (= 0 ~systemActive~0)))) (.cse2 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse3 (not .cse7)) (.cse6 (not (= |old(~waterLevel~0)| 1))) (.cse4 (<= ~waterLevel~0 |old(~waterLevel~0)|)) (.cse5 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse1 (not (<= |old(~waterLevel~0)| 1)))) (and (or .cse0 (not (= |old(~waterLevel~0)| 2)) (= ~waterLevel~0 1)) (or .cse1 (and .cse2 .cse3 (not (< 0 ~waterLevel~0)) .cse4 .cse5) (and (or .cse6 .cse0) (or .cse0 (= |old(~switchedOnBeforeTS~0)| 0)))) (or (and .cse2 .cse3 .cse5) (and (= |timeShift_processEnvironment_~tmp~3#1| 1) (or .cse3 (= ~switchedOnBeforeTS~0 0)) (= |old(~waterLevel~0)| ~waterLevel~0)) (not (<= |old(~waterLevel~0)| 2)) (not (<= 2 |old(~waterLevel~0)|))) (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) (and (or .cse6 (<= 1 ~waterLevel~0)) .cse7 .cse4 (= |timeShift_processEnvironment_~tmp~3#1| 0) .cse5) .cse1 (not .cse8))))) [2022-11-23 15:12:26,037 INFO L895 garLoopResultBuilder]: At program point L951(line 951) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse3 (= |old(~pumpRunning~0)| 0)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (not (< |old(~waterLevel~0)| 3)))) (and (or (and .cse0 .cse1) (not (<= |old(~waterLevel~0)| 2)) (not (<= 2 |old(~waterLevel~0)|))) (or (and .cse0 (or (not (= ~switchedOnBeforeTS~0 0)) (= ~waterLevel~0 1)) .cse1) (let ((.cse2 (and .cse3 (not (= 0 ~systemActive~0))))) (and (or (not (= |old(~waterLevel~0)| 1)) .cse2) (or .cse2 (= |old(~switchedOnBeforeTS~0)| 0)))) .cse4) (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) (not .cse3) (and (= ~pumpRunning~0 0) .cse1 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) .cse4))) [2022-11-23 15:12:26,037 INFO L895 garLoopResultBuilder]: At program point L951-1(line 951) the Hoare annotation is: (let ((.cse3 (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__2_#t~ret50#1|)) (.cse4 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse2 (= |old(~pumpRunning~0)| 0)) (.cse0 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse3 .cse4))) (and (or (not (<= |old(~waterLevel~0)| 1)) .cse0 (let ((.cse1 (and .cse2 (not (= 0 ~systemActive~0))))) (and (or (not (= |old(~waterLevel~0)| 1)) .cse1) (or .cse1 (= |old(~switchedOnBeforeTS~0)| 0))))) (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) (not .cse2) (and (= ~pumpRunning~0 0) .cse3 .cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (not (< |old(~waterLevel~0)| 3))) (or .cse0 (not (<= |old(~waterLevel~0)| 2)) (not (<= 2 |old(~waterLevel~0)|)))))) [2022-11-23 15:12:26,038 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 529 555) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse3 (= |old(~pumpRunning~0)| 0)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (not (< |old(~waterLevel~0)| 3)))) (and (or (and .cse0 .cse1) (not (<= |old(~waterLevel~0)| 2)) (not (<= 2 |old(~waterLevel~0)|))) (or (and .cse0 (or (not (= ~switchedOnBeforeTS~0 0)) (= ~waterLevel~0 1)) .cse1) (let ((.cse2 (and .cse3 (not (= 0 ~systemActive~0))))) (and (or (not (= |old(~waterLevel~0)| 1)) .cse2) (or .cse2 (= |old(~switchedOnBeforeTS~0)| 0)))) .cse4) (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) (not .cse3) (and (= ~pumpRunning~0 0) .cse1 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) .cse4))) [2022-11-23 15:12:26,038 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 529 555) no Hoare annotation was computed. [2022-11-23 15:12:26,038 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 932) no Hoare annotation was computed. [2022-11-23 15:12:26,038 INFO L899 garLoopResultBuilder]: For program point L968(lines 968 978) no Hoare annotation was computed. [2022-11-23 15:12:26,038 INFO L899 garLoopResultBuilder]: For program point L964(lines 964 981) no Hoare annotation was computed. [2022-11-23 15:12:26,039 INFO L895 garLoopResultBuilder]: At program point L964-1(lines 956 984) the Hoare annotation is: (let ((.cse12 (not (= |old(~waterLevel~0)| 1)))) (let ((.cse10 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse15 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse17 (= |old(~pumpRunning~0)| 0)) (.cse2 (or .cse12 (<= 1 ~waterLevel~0))) (.cse3 (= ~pumpRunning~0 0)) (.cse4 (= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~2#1| |old(~pumpRunning~0)|)) (.cse5 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1| ~waterLevel~0)) (.cse16 (= 0 ~systemActive~0)) (.cse7 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse6 (<= ~waterLevel~0 |old(~waterLevel~0)|))) (let ((.cse0 (and (<= 2 ~waterLevel~0) .cse6)) (.cse8 (and .cse2 .cse3 .cse4 (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~2#1|) .cse5 .cse6 .cse16 .cse7)) (.cse13 (and .cse17 (not .cse16))) (.cse1 (not .cse17)) (.cse11 (not .cse3)) (.cse14 (and .cse10 .cse3 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~8#1| 2) .cse5 .cse15 .cse6 .cse16 .cse7)) (.cse9 (not (< |old(~waterLevel~0)| 3)))) (and (or .cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) .cse1 (and .cse2 .cse3 .cse4 .cse5 .cse6 (= |timeShift_processEnvironment_~tmp~3#1| 0) .cse7) .cse8 .cse9) (or .cse0 (and .cse10 (or (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) (and (not (< 0 ~waterLevel~0)) .cse6)) .cse11 .cse4 .cse5 .cse7) .cse8 (and (or .cse12 .cse13) (or .cse13 (= |old(~switchedOnBeforeTS~0)| 0))) .cse9) (or (and .cse10 .cse4 .cse5 (= ~waterLevel~0 1) .cse7) .cse13 (not (= |old(~waterLevel~0)| 2)) .cse14) (or .cse1 (and (= |timeShift_processEnvironment_~tmp~3#1| 1) (or .cse11 (= ~switchedOnBeforeTS~0 0)) .cse5 .cse15) .cse14 .cse9 (not (<= 2 |old(~waterLevel~0)|))))))) [2022-11-23 15:12:26,039 INFO L895 garLoopResultBuilder]: At program point L783(lines 732 784) the Hoare annotation is: false [2022-11-23 15:12:26,039 INFO L895 garLoopResultBuilder]: At program point L771-2(lines 763 778) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0))) (let ((.cse2 (= ~switchedOnBeforeTS~0 0)) (.cse3 (or (not .cse0) (= 0 ~systemActive~0))) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 (<= ~waterLevel~0 1) .cse1 .cse2) (and (not .cse2) .cse3 .cse1 (< ~waterLevel~0 3)) (and .cse3 .cse1 (= ~waterLevel~0 1)) (and (= 2 ~waterLevel~0) .cse1)))) [2022-11-23 15:12:26,040 INFO L899 garLoopResultBuilder]: For program point L734(lines 733 782) no Hoare annotation was computed. [2022-11-23 15:12:26,040 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-23 15:12:26,040 INFO L895 garLoopResultBuilder]: At program point L755(line 755) the Hoare annotation is: (let ((.cse3 (= ~pumpRunning~0 0))) (let ((.cse0 (= ~switchedOnBeforeTS~0 0)) (.cse1 (not .cse3)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (not .cse0) .cse1 .cse2 (< ~waterLevel~0 3)) (and (= 2 ~waterLevel~0) .cse2 .cse0) (and .cse3 (<= ~waterLevel~0 1) .cse2 .cse0) (and .cse1 .cse2 (= ~waterLevel~0 1))))) [2022-11-23 15:12:26,040 INFO L895 garLoopResultBuilder]: At program point L780(lines 733 782) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0))) (let ((.cse3 (= ~switchedOnBeforeTS~0 0)) (.cse4 (not .cse0)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3) (and (= 2 ~waterLevel~0) (or .cse4 .cse3) .cse2) (and .cse4 .cse2 (= ~waterLevel~0 1)) (and (not .cse3) .cse4 .cse1 .cse2)))) [2022-11-23 15:12:26,041 INFO L899 garLoopResultBuilder]: For program point L743(lines 743 749) no Hoare annotation was computed. [2022-11-23 15:12:26,041 INFO L899 garLoopResultBuilder]: For program point L743-1(lines 743 749) no Hoare annotation was computed. [2022-11-23 15:12:26,041 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-23 15:12:26,041 INFO L895 garLoopResultBuilder]: At program point L914(lines 914 921) the Hoare annotation is: (and (= |ULTIMATE.start_main_~tmp~7#1| 1) (= ~waterLevel~0 1) (= ~pumpRunning~0 ~switchedOnBeforeTS~0) (= ~switchedOnBeforeTS~0 0)) [2022-11-23 15:12:26,041 INFO L902 garLoopResultBuilder]: At program point L786(lines 723 790) the Hoare annotation is: true [2022-11-23 15:12:26,041 INFO L899 garLoopResultBuilder]: For program point L753(lines 753 759) no Hoare annotation was computed. [2022-11-23 15:12:26,041 INFO L895 garLoopResultBuilder]: At program point L753-1(lines 753 759) the Hoare annotation is: (let ((.cse3 (= ~pumpRunning~0 0))) (let ((.cse0 (= ~switchedOnBeforeTS~0 0)) (.cse1 (not .cse3)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (not .cse0) .cse1 .cse2 (< ~waterLevel~0 3)) (and (= 2 ~waterLevel~0) .cse2 .cse0) (and .cse3 (<= ~waterLevel~0 1) .cse2 .cse0) (and .cse1 .cse2 (= ~waterLevel~0 1))))) [2022-11-23 15:12:26,042 INFO L902 garLoopResultBuilder]: At program point L914-2(lines 914 921) the Hoare annotation is: true [2022-11-23 15:12:26,042 INFO L895 garLoopResultBuilder]: At program point L745(line 745) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0))) (let ((.cse3 (= ~switchedOnBeforeTS~0 0)) (.cse4 (not .cse0)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3) (and (or (and (<= 2 ~waterLevel~0) .cse2 (<= ~waterLevel~0 2)) (and .cse2 (= ~waterLevel~0 1))) (or .cse4 .cse3)) (and (not .cse3) .cse4 .cse1 .cse2)))) [2022-11-23 15:12:26,042 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 71 82) no Hoare annotation was computed. [2022-11-23 15:12:26,042 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 71 82) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse2 (= ~switchedOnBeforeTS~0 0)) (.cse3 (not (<= |old(~waterLevel~0)| 1))) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1)) (or (not (= |old(~waterLevel~0)| 2)) .cse1 (and (not .cse2) .cse0)) (or .cse3 .cse0 .cse1 .cse2) (or .cse3 (not (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) .cse1))) [2022-11-23 15:12:26,042 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 634 642) no Hoare annotation was computed. [2022-11-23 15:12:26,042 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 634 642) the Hoare annotation is: true [2022-11-23 15:12:26,045 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 15:12:26,047 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-23 15:12:26,095 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 23.11 03:12:26 BoogieIcfgContainer [2022-11-23 15:12:26,095 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-23 15:12:26,096 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-23 15:12:26,096 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-23 15:12:26,097 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-23 15:12:26,097 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 23.11 03:11:21" (3/4) ... [2022-11-23 15:12:26,100 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-23 15:12:26,106 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-23 15:12:26,106 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-23 15:12:26,106 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-23 15:12:26,106 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-23 15:12:26,106 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-23 15:12:26,107 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-11-23 15:12:26,113 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 52 nodes and edges [2022-11-23 15:12:26,114 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 13 nodes and edges [2022-11-23 15:12:26,114 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 6 nodes and edges [2022-11-23 15:12:26,115 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-23 15:12:26,115 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-23 15:12:26,146 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(\old(waterLevel) <= 1) || ((pumpRunning == \old(pumpRunning) && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel)) || ((!(\old(waterLevel) == 1) || (\old(pumpRunning) == 0 && !(0 == systemActive))) && ((\old(pumpRunning) == 0 && !(0 == systemActive)) || \old(switchedOnBeforeTS) == 0))) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || (((pumpRunning == 0 && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) < 3))) && ((((pumpRunning == \old(pumpRunning) && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) [2022-11-23 15:12:26,147 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(pumpRunning) == 0) || ((tmp == 1 && (!(pumpRunning == 0) || switchedOnBeforeTS == 0)) && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) < 3)) || !(2 <= \old(waterLevel))) && ((((((pumpRunning == \old(pumpRunning) && !(pumpRunning == 0)) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS) || (\old(pumpRunning) == 0 && !(0 == systemActive))) || !(\old(waterLevel) == 2)) || (((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && 2 == waterLevel) && pumpRunning == switchedOnBeforeTS))) && ((((((2 <= waterLevel && waterLevel <= \old(waterLevel)) || !(\old(switchedOnBeforeTS) == \old(pumpRunning))) || !(\old(pumpRunning) == 0)) || (((((!(\old(waterLevel) == 1) || 1 <= waterLevel) && ((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel)))) && pumpRunning == 0) && tmp == 0) && pumpRunning == switchedOnBeforeTS)) || (((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && pumpRunning == 0) && 0 == systemActive) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) < 3))) && ((((((pumpRunning == \old(pumpRunning) && (!(\old(waterLevel) == 1) || 1 <= waterLevel)) && ((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel)))) && pumpRunning == switchedOnBeforeTS) || ((((pumpRunning == \old(pumpRunning) && !(pumpRunning == 0)) && !(0 < waterLevel)) && waterLevel <= \old(waterLevel)) && pumpRunning == switchedOnBeforeTS)) || ((!(\old(waterLevel) == 1) || (\old(pumpRunning) == 0 && !(0 == systemActive))) && ((\old(pumpRunning) == 0 && !(0 == systemActive)) || \old(switchedOnBeforeTS) == 0))) || !(\old(waterLevel) < 3)) [2022-11-23 15:12:26,148 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((2 <= waterLevel && waterLevel <= \old(waterLevel)) || !(\old(switchedOnBeforeTS) == \old(pumpRunning))) || !(\old(pumpRunning) == 0)) || (((((((!(\old(waterLevel) == 1) || 1 <= waterLevel) && pumpRunning == 0) && tmp___0 == \old(pumpRunning)) && tmp == waterLevel) && waterLevel <= \old(waterLevel)) && tmp == 0) && pumpRunning == switchedOnBeforeTS)) || ((((((((!(\old(waterLevel) == 1) || 1 <= waterLevel) && pumpRunning == 0) && tmp___0 == \old(pumpRunning)) && pumpRunning == tmp___0) && tmp == waterLevel) && waterLevel <= \old(waterLevel)) && 0 == systemActive) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) < 3)) && (((((2 <= waterLevel && waterLevel <= \old(waterLevel)) || (((((pumpRunning == \old(pumpRunning) && (waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel)))) && !(pumpRunning == 0)) && tmp___0 == \old(pumpRunning)) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS)) || ((((((((!(\old(waterLevel) == 1) || 1 <= waterLevel) && pumpRunning == 0) && tmp___0 == \old(pumpRunning)) && pumpRunning == tmp___0) && tmp == waterLevel) && waterLevel <= \old(waterLevel)) && 0 == systemActive) && pumpRunning == switchedOnBeforeTS)) || ((!(\old(waterLevel) == 1) || (\old(pumpRunning) == 0 && !(0 == systemActive))) && ((\old(pumpRunning) == 0 && !(0 == systemActive)) || \old(switchedOnBeforeTS) == 0))) || !(\old(waterLevel) < 3))) && (((((((pumpRunning == \old(pumpRunning) && tmp___0 == \old(pumpRunning)) && tmp == waterLevel) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS) || (\old(pumpRunning) == 0 && !(0 == systemActive))) || !(\old(waterLevel) == 2)) || (((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && tmp == 2) && tmp == waterLevel) && \old(waterLevel) == waterLevel) && waterLevel <= \old(waterLevel)) && 0 == systemActive) && pumpRunning == switchedOnBeforeTS))) && ((((!(\old(pumpRunning) == 0) || (((tmp == 1 && (!(pumpRunning == 0) || switchedOnBeforeTS == 0)) && tmp == waterLevel) && \old(waterLevel) == waterLevel)) || (((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && tmp == 2) && tmp == waterLevel) && \old(waterLevel) == waterLevel) && waterLevel <= \old(waterLevel)) && 0 == systemActive) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) < 3)) || !(2 <= \old(waterLevel))) [2022-11-23 15:12:26,148 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((\old(pumpRunning) == 0 && !(0 == systemActive)) || !(\old(waterLevel) == 2)) || waterLevel == 1) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || ((((!(\old(waterLevel) == 1) || 1 <= waterLevel) && ((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel)))) && pumpRunning == 0) && pumpRunning == switchedOnBeforeTS)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) < 3))) && ((!(\old(waterLevel) <= 1) || (((pumpRunning == \old(pumpRunning) && ((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel)))) && !(pumpRunning == 0)) && pumpRunning == switchedOnBeforeTS)) || ((!(\old(waterLevel) == 1) || (\old(pumpRunning) == 0 && !(0 == systemActive))) && ((\old(pumpRunning) == 0 && !(0 == systemActive)) || \old(switchedOnBeforeTS) == 0)))) && (((pumpRunning == \old(pumpRunning) && pumpRunning == switchedOnBeforeTS) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel) || !(\old(waterLevel) < 3)) || !(2 <= \old(waterLevel))) [2022-11-23 15:12:26,148 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) && (!(\old(waterLevel) <= 2) || !(2 <= \old(waterLevel)))) && (((!(\old(waterLevel) == 1) || (\old(pumpRunning) == 0 && !(0 == systemActive))) && ((\old(pumpRunning) == 0 && !(0 == systemActive)) || \old(switchedOnBeforeTS) == 0)) || !(\old(waterLevel) < 3)) [2022-11-23 15:12:26,149 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((\old(pumpRunning) == 0 && !(0 == systemActive)) || !(\old(waterLevel) == 2)) || waterLevel == 1) && ((!(\old(waterLevel) <= 1) || ((((pumpRunning == \old(pumpRunning) && !(pumpRunning == 0)) && !(0 < waterLevel)) && waterLevel <= \old(waterLevel)) && pumpRunning == switchedOnBeforeTS)) || ((!(\old(waterLevel) == 1) || (\old(pumpRunning) == 0 && !(0 == systemActive))) && ((\old(pumpRunning) == 0 && !(0 == systemActive)) || \old(switchedOnBeforeTS) == 0)))) && (((((pumpRunning == \old(pumpRunning) && !(pumpRunning == 0)) && pumpRunning == switchedOnBeforeTS) || ((tmp == 1 && (!(pumpRunning == 0) || switchedOnBeforeTS == 0)) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || (((((!(\old(waterLevel) == 1) || 1 <= waterLevel) && pumpRunning == 0) && waterLevel <= \old(waterLevel)) && tmp == 0) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 1)) || !(\old(pumpRunning) == 0)) [2022-11-23 15:12:26,149 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || (((pumpRunning == 0 && (!(waterLevel < 2) || tmp == 0)) && waterLevel <= \old(waterLevel)) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) < 3)) && ((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) == 1)) || 1 <= waterLevel)) && ((((((pumpRunning == 0 && tmp == 1) && \old(waterLevel) == waterLevel) && waterLevel <= \old(waterLevel)) && pumpRunning == switchedOnBeforeTS) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((\old(pumpRunning) == 0 && !(0 == systemActive)) || !(\old(waterLevel) == 2))) && (((!(\old(waterLevel) == 1) || (\old(pumpRunning) == 0 && !(0 == systemActive))) && ((\old(pumpRunning) == 0 && !(0 == systemActive)) || \old(switchedOnBeforeTS) == 0)) || !(\old(waterLevel) < 3)) [2022-11-23 15:12:26,195 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/witness.graphml [2022-11-23 15:12:26,195 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-23 15:12:26,196 INFO L158 Benchmark]: Toolchain (without parser) took 66457.14ms. Allocated memory was 176.2MB in the beginning and 645.9MB in the end (delta: 469.8MB). Free memory was 132.2MB in the beginning and 424.5MB in the end (delta: -292.3MB). Peak memory consumption was 179.1MB. Max. memory is 16.1GB. [2022-11-23 15:12:26,197 INFO L158 Benchmark]: CDTParser took 0.28ms. Allocated memory is still 130.0MB. Free memory was 71.7MB in the beginning and 71.6MB in the end (delta: 117.6kB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-23 15:12:26,197 INFO L158 Benchmark]: CACSL2BoogieTranslator took 441.90ms. Allocated memory is still 176.2MB. Free memory was 132.2MB in the beginning and 113.2MB in the end (delta: 19.0MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2022-11-23 15:12:26,197 INFO L158 Benchmark]: Boogie Procedure Inliner took 51.12ms. Allocated memory is still 176.2MB. Free memory was 113.2MB in the beginning and 111.2MB in the end (delta: 2.0MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-23 15:12:26,198 INFO L158 Benchmark]: Boogie Preprocessor took 58.98ms. Allocated memory is still 176.2MB. Free memory was 111.2MB in the beginning and 109.1MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-23 15:12:26,198 INFO L158 Benchmark]: RCFGBuilder took 790.54ms. Allocated memory is still 176.2MB. Free memory was 109.1MB in the beginning and 83.2MB in the end (delta: 25.8MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. [2022-11-23 15:12:26,199 INFO L158 Benchmark]: TraceAbstraction took 65005.81ms. Allocated memory was 176.2MB in the beginning and 645.9MB in the end (delta: 469.8MB). Free memory was 82.6MB in the beginning and 429.8MB in the end (delta: -347.2MB). Peak memory consumption was 267.2MB. Max. memory is 16.1GB. [2022-11-23 15:12:26,199 INFO L158 Benchmark]: Witness Printer took 99.44ms. Allocated memory is still 645.9MB. Free memory was 429.8MB in the beginning and 424.5MB in the end (delta: 5.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-23 15:12:26,202 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.28ms. Allocated memory is still 130.0MB. Free memory was 71.7MB in the beginning and 71.6MB in the end (delta: 117.6kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 441.90ms. Allocated memory is still 176.2MB. Free memory was 132.2MB in the beginning and 113.2MB in the end (delta: 19.0MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 51.12ms. Allocated memory is still 176.2MB. Free memory was 113.2MB in the beginning and 111.2MB in the end (delta: 2.0MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 58.98ms. Allocated memory is still 176.2MB. Free memory was 111.2MB in the beginning and 109.1MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 790.54ms. Allocated memory is still 176.2MB. Free memory was 109.1MB in the beginning and 83.2MB in the end (delta: 25.8MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. * TraceAbstraction took 65005.81ms. Allocated memory was 176.2MB in the beginning and 645.9MB in the end (delta: 469.8MB). Free memory was 82.6MB in the beginning and 429.8MB in the end (delta: -347.2MB). Peak memory consumption was 267.2MB. Max. memory is 16.1GB. * Witness Printer took 99.44ms. Allocated memory is still 645.9MB. Free memory was 429.8MB in the beginning and 424.5MB in the end (delta: 5.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 932]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 51 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 64.8s, OverallIterations: 9, TraceHistogramMax: 4, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 12.8s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 12.2s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2707 SdHoareTripleChecker+Valid, 4.7s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2676 mSDsluCounter, 2785 SdHoareTripleChecker+Invalid, 4.0s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2251 mSDsCounter, 1695 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 5284 IncrementalHoareTripleChecker+Invalid, 6979 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 1695 mSolverCounterUnsat, 534 mSDtfsCounter, 5284 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 904 GetRequests, 480 SyntacticMatches, 14 SemanticMatches, 410 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 13760 ImplicationChecksByTransitivity, 27.0s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=551occurred in iteration=8, InterpolantAutomatonStates: 258, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.5s AutomataMinimizationTime, 9 MinimizatonAttempts, 691 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 31 LocationsWithAnnotation, 1136 PreInvPairs, 1402 NumberOfFragments, 1957 HoareAnnotationTreeSize, 1136 FomulaSimplifications, 139105 FormulaSimplificationTreeSizeReduction, 3.7s HoareSimplificationTime, 31 FomulaSimplificationsInter, 125009 FormulaSimplificationTreeSizeReductionInter, 8.4s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 6.0s InterpolantComputationTime, 514 NumberOfCodeBlocks, 514 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 692 ConstructedInterpolants, 0 QuantifiedInterpolants, 3008 SizeOfPredicates, 63 NumberOfNonLiveVariables, 1128 ConjunctsInSsa, 141 ConjunctsInUnsatCore, 17 InterpolantComputations, 5 PerfectInterpolantSequences, 245/322 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 543]: Loop Invariant Derived loop invariant: ((((((!(\old(pumpRunning) == 0) || ((tmp == 1 && (!(pumpRunning == 0) || switchedOnBeforeTS == 0)) && \old(waterLevel) == waterLevel)) || 0 == systemActive) || !(\old(waterLevel) < 3)) || !(2 <= \old(waterLevel))) && ((((((pumpRunning == \old(pumpRunning) && !(pumpRunning == 0)) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS) || (\old(pumpRunning) == 0 && !(0 == systemActive))) || !(\old(waterLevel) == 2)) || (((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && 2 == waterLevel) && pumpRunning == switchedOnBeforeTS))) && ((((((2 <= waterLevel && waterLevel <= \old(waterLevel)) || !(\old(switchedOnBeforeTS) == \old(pumpRunning))) || !(\old(pumpRunning) == 0)) || (((((!(\old(waterLevel) == 1) || 1 <= waterLevel) && ((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel)))) && pumpRunning == 0) && tmp == 0) && pumpRunning == switchedOnBeforeTS)) || (((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && pumpRunning == 0) && 0 == systemActive) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) < 3))) && ((((((pumpRunning == \old(pumpRunning) && (!(\old(waterLevel) == 1) || 1 <= waterLevel)) && ((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel)))) && pumpRunning == switchedOnBeforeTS) || ((((pumpRunning == \old(pumpRunning) && !(pumpRunning == 0)) && !(0 < waterLevel)) && waterLevel <= \old(waterLevel)) && pumpRunning == switchedOnBeforeTS)) || ((!(\old(waterLevel) == 1) || (\old(pumpRunning) == 0 && !(0 == systemActive))) && ((\old(pumpRunning) == 0 && !(0 == systemActive)) || \old(switchedOnBeforeTS) == 0))) || !(\old(waterLevel) < 3)) - InvariantResult [Line: 572]: Loop Invariant Derived loop invariant: (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || (((pumpRunning == 0 && (!(waterLevel < 2) || tmp == 0)) && waterLevel <= \old(waterLevel)) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) < 3)) && ((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) == 1)) || 1 <= waterLevel)) && ((((((pumpRunning == 0 && tmp == 1) && \old(waterLevel) == waterLevel) && waterLevel <= \old(waterLevel)) && pumpRunning == switchedOnBeforeTS) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((\old(pumpRunning) == 0 && !(0 == systemActive)) || !(\old(waterLevel) == 2))) && (((!(\old(waterLevel) == 1) || (\old(pumpRunning) == 0 && !(0 == systemActive))) && ((\old(pumpRunning) == 0 && !(0 == systemActive)) || \old(switchedOnBeforeTS) == 0)) || !(\old(waterLevel) < 3)) - InvariantResult [Line: 733]: Loop Invariant Derived loop invariant: (((((pumpRunning == 0 && waterLevel <= 1) && splverifierCounter == 0) && switchedOnBeforeTS == 0) || ((2 == waterLevel && (!(pumpRunning == 0) || switchedOnBeforeTS == 0)) && splverifierCounter == 0)) || ((!(pumpRunning == 0) && splverifierCounter == 0) && waterLevel == 1)) || (((!(switchedOnBeforeTS == 0) && !(pumpRunning == 0)) && waterLevel <= 1) && splverifierCounter == 0) - InvariantResult [Line: 753]: Loop Invariant Derived loop invariant: (((((!(switchedOnBeforeTS == 0) && !(pumpRunning == 0)) && splverifierCounter == 0) && waterLevel < 3) || ((2 == waterLevel && splverifierCounter == 0) && switchedOnBeforeTS == 0)) || (((pumpRunning == 0 && waterLevel <= 1) && splverifierCounter == 0) && switchedOnBeforeTS == 0)) || ((!(pumpRunning == 0) && splverifierCounter == 0) && waterLevel == 1) - InvariantResult [Line: 831]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 568]: Loop Invariant Derived loop invariant: ((((((\old(pumpRunning) == 0 && !(0 == systemActive)) || !(\old(waterLevel) == 2)) || waterLevel == 1) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || ((((!(\old(waterLevel) == 1) || 1 <= waterLevel) && ((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel)))) && pumpRunning == 0) && pumpRunning == switchedOnBeforeTS)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) < 3))) && ((!(\old(waterLevel) <= 1) || (((pumpRunning == \old(pumpRunning) && ((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel)))) && !(pumpRunning == 0)) && pumpRunning == switchedOnBeforeTS)) || ((!(\old(waterLevel) == 1) || (\old(pumpRunning) == 0 && !(0 == systemActive))) && ((\old(pumpRunning) == 0 && !(0 == systemActive)) || \old(switchedOnBeforeTS) == 0)))) && (((pumpRunning == \old(pumpRunning) && pumpRunning == switchedOnBeforeTS) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel) || !(\old(waterLevel) < 3)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 564]: Loop Invariant Derived loop invariant: (((((\old(pumpRunning) == 0 && !(0 == systemActive)) || !(\old(waterLevel) == 2)) || waterLevel == 1) && ((!(\old(waterLevel) <= 1) || ((((pumpRunning == \old(pumpRunning) && !(pumpRunning == 0)) && !(0 < waterLevel)) && waterLevel <= \old(waterLevel)) && pumpRunning == switchedOnBeforeTS)) || ((!(\old(waterLevel) == 1) || (\old(pumpRunning) == 0 && !(0 == systemActive))) && ((\old(pumpRunning) == 0 && !(0 == systemActive)) || \old(switchedOnBeforeTS) == 0)))) && (((((pumpRunning == \old(pumpRunning) && !(pumpRunning == 0)) && pumpRunning == switchedOnBeforeTS) || ((tmp == 1 && (!(pumpRunning == 0) || switchedOnBeforeTS == 0)) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || (((((!(\old(waterLevel) == 1) || 1 <= waterLevel) && pumpRunning == 0) && waterLevel <= \old(waterLevel)) && tmp == 0) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 1)) || !(\old(pumpRunning) == 0)) - InvariantResult [Line: 932]: Loop Invariant Derived loop invariant: ((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) && (!(\old(waterLevel) <= 2) || !(2 <= \old(waterLevel)))) && (((!(\old(waterLevel) == 1) || (\old(pumpRunning) == 0 && !(0 == systemActive))) && ((\old(pumpRunning) == 0 && !(0 == systemActive)) || \old(switchedOnBeforeTS) == 0)) || !(\old(waterLevel) < 3)) - InvariantResult [Line: 732]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 914]: Loop Invariant Derived loop invariant: ((tmp == 1 && waterLevel == 1) && pumpRunning == switchedOnBeforeTS) && switchedOnBeforeTS == 0 - InvariantResult [Line: 956]: Loop Invariant Derived loop invariant: ((((((((2 <= waterLevel && waterLevel <= \old(waterLevel)) || !(\old(switchedOnBeforeTS) == \old(pumpRunning))) || !(\old(pumpRunning) == 0)) || (((((((!(\old(waterLevel) == 1) || 1 <= waterLevel) && pumpRunning == 0) && tmp___0 == \old(pumpRunning)) && tmp == waterLevel) && waterLevel <= \old(waterLevel)) && tmp == 0) && pumpRunning == switchedOnBeforeTS)) || ((((((((!(\old(waterLevel) == 1) || 1 <= waterLevel) && pumpRunning == 0) && tmp___0 == \old(pumpRunning)) && pumpRunning == tmp___0) && tmp == waterLevel) && waterLevel <= \old(waterLevel)) && 0 == systemActive) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) < 3)) && (((((2 <= waterLevel && waterLevel <= \old(waterLevel)) || (((((pumpRunning == \old(pumpRunning) && (waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel)))) && !(pumpRunning == 0)) && tmp___0 == \old(pumpRunning)) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS)) || ((((((((!(\old(waterLevel) == 1) || 1 <= waterLevel) && pumpRunning == 0) && tmp___0 == \old(pumpRunning)) && pumpRunning == tmp___0) && tmp == waterLevel) && waterLevel <= \old(waterLevel)) && 0 == systemActive) && pumpRunning == switchedOnBeforeTS)) || ((!(\old(waterLevel) == 1) || (\old(pumpRunning) == 0 && !(0 == systemActive))) && ((\old(pumpRunning) == 0 && !(0 == systemActive)) || \old(switchedOnBeforeTS) == 0))) || !(\old(waterLevel) < 3))) && (((((((pumpRunning == \old(pumpRunning) && tmp___0 == \old(pumpRunning)) && tmp == waterLevel) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS) || (\old(pumpRunning) == 0 && !(0 == systemActive))) || !(\old(waterLevel) == 2)) || (((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && tmp == 2) && tmp == waterLevel) && \old(waterLevel) == waterLevel) && waterLevel <= \old(waterLevel)) && 0 == systemActive) && pumpRunning == switchedOnBeforeTS))) && ((((!(\old(pumpRunning) == 0) || (((tmp == 1 && (!(pumpRunning == 0) || switchedOnBeforeTS == 0)) && tmp == waterLevel) && \old(waterLevel) == waterLevel)) || (((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && tmp == 2) && tmp == waterLevel) && \old(waterLevel) == waterLevel) && waterLevel <= \old(waterLevel)) && 0 == systemActive) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) < 3)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 951]: Loop Invariant Derived loop invariant: (((!(\old(waterLevel) <= 1) || ((pumpRunning == \old(pumpRunning) && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel)) || ((!(\old(waterLevel) == 1) || (\old(pumpRunning) == 0 && !(0 == systemActive))) && ((\old(pumpRunning) == 0 && !(0 == systemActive)) || \old(switchedOnBeforeTS) == 0))) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || (((pumpRunning == 0 && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) < 3))) && ((((pumpRunning == \old(pumpRunning) && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 841]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 723]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 914]: Loop Invariant Derived loop invariant: 1 RESULT: Ultimate proved your program to be correct! [2022-11-23 15:12:26,259 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_9c08f560-0cf8-45e3-83cb-9e5c159cbf6c/bin/utaipan-Q6hlc19bkW/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE