./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product59.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 4e7fbc69 Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product59.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash bed571a327ae9eee0b2e62daa6070780d20555ec322abcda9e725c1fa87edc9c --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-4e7fbc6 [2022-11-23 14:27:33,587 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-23 14:27:33,590 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-23 14:27:33,633 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-23 14:27:33,635 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-23 14:27:33,639 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-23 14:27:33,641 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-23 14:27:33,644 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-23 14:27:33,646 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-23 14:27:33,652 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-23 14:27:33,653 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-23 14:27:33,655 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-23 14:27:33,656 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-23 14:27:33,659 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-23 14:27:33,661 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-23 14:27:33,664 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-23 14:27:33,665 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-23 14:27:33,666 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-23 14:27:33,668 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-23 14:27:33,674 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-23 14:27:33,676 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-23 14:27:33,678 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-23 14:27:33,680 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-23 14:27:33,681 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-23 14:27:33,690 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-23 14:27:33,691 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-23 14:27:33,692 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-23 14:27:33,694 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-23 14:27:33,695 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-23 14:27:33,696 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-23 14:27:33,696 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-23 14:27:33,697 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-23 14:27:33,699 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-23 14:27:33,700 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-23 14:27:33,702 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-23 14:27:33,702 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-23 14:27:33,703 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-23 14:27:33,704 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-23 14:27:33,704 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-23 14:27:33,705 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-23 14:27:33,705 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-23 14:27:33,706 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-23 14:27:33,746 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-23 14:27:33,746 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-23 14:27:33,747 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-23 14:27:33,747 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-23 14:27:33,748 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-23 14:27:33,749 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-23 14:27:33,749 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-23 14:27:33,749 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-23 14:27:33,750 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-23 14:27:33,750 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-23 14:27:33,751 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-23 14:27:33,752 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-23 14:27:33,752 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-23 14:27:33,752 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-23 14:27:33,753 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-23 14:27:33,753 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-23 14:27:33,753 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-23 14:27:33,753 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-23 14:27:33,754 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-23 14:27:33,755 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-23 14:27:33,755 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-23 14:27:33,755 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-23 14:27:33,755 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-23 14:27:33,756 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-23 14:27:33,756 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-23 14:27:33,756 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-23 14:27:33,757 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-23 14:27:33,757 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-23 14:27:33,757 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-23 14:27:33,758 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-23 14:27:33,758 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-23 14:27:33,758 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-23 14:27:33,759 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-23 14:27:33,759 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-23 14:27:33,759 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-23 14:27:33,760 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-23 14:27:33,760 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-23 14:27:33,760 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-23 14:27:33,760 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-23 14:27:33,761 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-23 14:27:33,761 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-23 14:27:33,761 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> bed571a327ae9eee0b2e62daa6070780d20555ec322abcda9e725c1fa87edc9c [2022-11-23 14:27:34,019 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-23 14:27:34,053 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-23 14:27:34,056 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-23 14:27:34,057 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-23 14:27:34,058 INFO L275 PluginConnector]: CDTParser initialized [2022-11-23 14:27:34,059 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/../../sv-benchmarks/c/product-lines/minepump_spec5_product59.cil.c [2022-11-23 14:27:37,266 INFO L500 CDTParser]: Created temporary CDT project at NULL [2022-11-23 14:27:37,557 INFO L351 CDTParser]: Found 1 translation units. [2022-11-23 14:27:37,558 INFO L172 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/sv-benchmarks/c/product-lines/minepump_spec5_product59.cil.c [2022-11-23 14:27:37,569 INFO L394 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/data/b2986680c/cb27778614c54a68b0d9dd2454f99e8a/FLAG5c6f7c68c [2022-11-23 14:27:37,585 INFO L402 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/data/b2986680c/cb27778614c54a68b0d9dd2454f99e8a [2022-11-23 14:27:37,588 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-23 14:27:37,589 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-23 14:27:37,590 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-23 14:27:37,591 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-23 14:27:37,595 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-23 14:27:37,596 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 23.11 02:27:37" (1/1) ... [2022-11-23 14:27:37,597 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@9f8fdde and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:37, skipping insertion in model container [2022-11-23 14:27:37,597 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 23.11 02:27:37" (1/1) ... [2022-11-23 14:27:37,605 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-23 14:27:37,651 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-23 14:27:37,906 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/sv-benchmarks/c/product-lines/minepump_spec5_product59.cil.c[17002,17015] [2022-11-23 14:27:37,940 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-23 14:27:37,958 INFO L203 MainTranslator]: Completed pre-run [2022-11-23 14:27:38,062 WARN L237 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/sv-benchmarks/c/product-lines/minepump_spec5_product59.cil.c[17002,17015] [2022-11-23 14:27:38,069 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-23 14:27:38,090 INFO L208 MainTranslator]: Completed translation [2022-11-23 14:27:38,093 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:38 WrapperNode [2022-11-23 14:27:38,093 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-23 14:27:38,095 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-23 14:27:38,095 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-23 14:27:38,096 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-23 14:27:38,103 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:38" (1/1) ... [2022-11-23 14:27:38,130 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:38" (1/1) ... [2022-11-23 14:27:38,172 INFO L138 Inliner]: procedures = 59, calls = 105, calls flagged for inlining = 27, calls inlined = 24, statements flattened = 232 [2022-11-23 14:27:38,173 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-23 14:27:38,174 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-23 14:27:38,174 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-23 14:27:38,174 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-23 14:27:38,186 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:38" (1/1) ... [2022-11-23 14:27:38,186 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:38" (1/1) ... [2022-11-23 14:27:38,198 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:38" (1/1) ... [2022-11-23 14:27:38,198 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:38" (1/1) ... [2022-11-23 14:27:38,211 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:38" (1/1) ... [2022-11-23 14:27:38,219 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:38" (1/1) ... [2022-11-23 14:27:38,220 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:38" (1/1) ... [2022-11-23 14:27:38,222 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:38" (1/1) ... [2022-11-23 14:27:38,224 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-23 14:27:38,225 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-23 14:27:38,225 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-23 14:27:38,225 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-23 14:27:38,226 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:38" (1/1) ... [2022-11-23 14:27:38,233 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-23 14:27:38,246 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/z3 [2022-11-23 14:27:38,280 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-23 14:27:38,291 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-23 14:27:38,320 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-23 14:27:38,320 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-23 14:27:38,321 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-23 14:27:38,321 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-23 14:27:38,321 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-23 14:27:38,321 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-23 14:27:38,321 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-23 14:27:38,321 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-23 14:27:38,322 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-23 14:27:38,322 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-23 14:27:38,322 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-23 14:27:38,322 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-11-23 14:27:38,322 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-11-23 14:27:38,322 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-11-23 14:27:38,322 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-11-23 14:27:38,323 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-23 14:27:38,323 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-23 14:27:38,323 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-23 14:27:38,323 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-23 14:27:38,323 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-23 14:27:38,461 INFO L235 CfgBuilder]: Building ICFG [2022-11-23 14:27:38,464 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-23 14:27:38,828 INFO L276 CfgBuilder]: Performing block encoding [2022-11-23 14:27:38,924 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-23 14:27:38,924 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-23 14:27:38,927 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 23.11 02:27:38 BoogieIcfgContainer [2022-11-23 14:27:38,927 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-23 14:27:38,929 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-23 14:27:38,929 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-23 14:27:38,933 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-23 14:27:38,933 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 23.11 02:27:37" (1/3) ... [2022-11-23 14:27:38,934 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@71178cf8 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 23.11 02:27:38, skipping insertion in model container [2022-11-23 14:27:38,934 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 23.11 02:27:38" (2/3) ... [2022-11-23 14:27:38,934 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@71178cf8 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 23.11 02:27:38, skipping insertion in model container [2022-11-23 14:27:38,934 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 23.11 02:27:38" (3/3) ... [2022-11-23 14:27:38,936 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product59.cil.c [2022-11-23 14:27:38,956 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-23 14:27:38,956 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-23 14:27:39,022 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-23 14:27:39,030 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@4511d1e9, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-23 14:27:39,031 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-23 14:27:39,035 INFO L276 IsEmpty]: Start isEmpty. Operand has 66 states, 42 states have (on average 1.4523809523809523) internal successors, (61), 51 states have internal predecessors, (61), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) [2022-11-23 14:27:39,047 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2022-11-23 14:27:39,048 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:27:39,048 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:27:39,049 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:27:39,057 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:27:39,057 INFO L85 PathProgramCache]: Analyzing trace with hash 113400434, now seen corresponding path program 1 times [2022-11-23 14:27:39,070 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:27:39,071 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [853165110] [2022-11-23 14:27:39,071 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:27:39,071 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:27:39,199 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:27:39,272 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-23 14:27:39,273 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:27:39,273 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [853165110] [2022-11-23 14:27:39,274 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [853165110] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 14:27:39,274 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 14:27:39,274 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-23 14:27:39,276 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1213000832] [2022-11-23 14:27:39,276 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 14:27:39,281 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-23 14:27:39,281 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:27:39,308 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-23 14:27:39,309 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-23 14:27:39,311 INFO L87 Difference]: Start difference. First operand has 66 states, 42 states have (on average 1.4523809523809523) internal successors, (61), 51 states have internal predecessors, (61), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-23 14:27:39,381 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:27:39,382 INFO L93 Difference]: Finished difference Result 130 states and 179 transitions. [2022-11-23 14:27:39,383 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-23 14:27:39,384 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 21 [2022-11-23 14:27:39,384 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:27:39,393 INFO L225 Difference]: With dead ends: 130 [2022-11-23 14:27:39,394 INFO L226 Difference]: Without dead ends: 61 [2022-11-23 14:27:39,397 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-23 14:27:39,401 INFO L413 NwaCegarLoop]: 69 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 69 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-23 14:27:39,402 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 69 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-23 14:27:39,420 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 61 states. [2022-11-23 14:27:39,442 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 61 to 61. [2022-11-23 14:27:39,444 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 61 states, 39 states have (on average 1.358974358974359) internal successors, (53), 47 states have internal predecessors, (53), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2022-11-23 14:27:39,446 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 61 states to 61 states and 80 transitions. [2022-11-23 14:27:39,448 INFO L78 Accepts]: Start accepts. Automaton has 61 states and 80 transitions. Word has length 21 [2022-11-23 14:27:39,448 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:27:39,448 INFO L495 AbstractCegarLoop]: Abstraction has 61 states and 80 transitions. [2022-11-23 14:27:39,449 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-23 14:27:39,449 INFO L276 IsEmpty]: Start isEmpty. Operand 61 states and 80 transitions. [2022-11-23 14:27:39,451 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2022-11-23 14:27:39,451 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:27:39,451 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:27:39,452 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-23 14:27:39,452 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:27:39,453 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:27:39,453 INFO L85 PathProgramCache]: Analyzing trace with hash -1004986017, now seen corresponding path program 1 times [2022-11-23 14:27:39,453 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:27:39,454 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [259480466] [2022-11-23 14:27:39,454 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:27:39,454 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:27:39,475 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:27:39,584 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-23 14:27:39,586 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:27:39,587 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [259480466] [2022-11-23 14:27:39,587 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [259480466] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 14:27:39,587 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 14:27:39,588 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-23 14:27:39,588 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1408663529] [2022-11-23 14:27:39,588 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 14:27:39,589 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-23 14:27:39,590 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:27:39,590 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-23 14:27:39,590 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-23 14:27:39,591 INFO L87 Difference]: Start difference. First operand 61 states and 80 transitions. Second operand has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-23 14:27:39,675 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:27:39,677 INFO L93 Difference]: Finished difference Result 94 states and 122 transitions. [2022-11-23 14:27:39,678 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-23 14:27:39,678 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 22 [2022-11-23 14:27:39,680 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:27:39,681 INFO L225 Difference]: With dead ends: 94 [2022-11-23 14:27:39,684 INFO L226 Difference]: Without dead ends: 53 [2022-11-23 14:27:39,686 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-23 14:27:39,688 INFO L413 NwaCegarLoop]: 55 mSDtfsCounter, 14 mSDsluCounter, 38 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 18 SdHoareTripleChecker+Valid, 93 SdHoareTripleChecker+Invalid, 25 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-23 14:27:39,691 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [18 Valid, 93 Invalid, 25 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-23 14:27:39,692 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 53 states. [2022-11-23 14:27:39,701 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 53 to 53. [2022-11-23 14:27:39,706 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 53 states, 34 states have (on average 1.3823529411764706) internal successors, (47), 42 states have internal predecessors, (47), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 8 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-23 14:27:39,708 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 53 states to 53 states and 69 transitions. [2022-11-23 14:27:39,712 INFO L78 Accepts]: Start accepts. Automaton has 53 states and 69 transitions. Word has length 22 [2022-11-23 14:27:39,712 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:27:39,713 INFO L495 AbstractCegarLoop]: Abstraction has 53 states and 69 transitions. [2022-11-23 14:27:39,713 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-23 14:27:39,713 INFO L276 IsEmpty]: Start isEmpty. Operand 53 states and 69 transitions. [2022-11-23 14:27:39,714 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-11-23 14:27:39,716 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:27:39,716 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:27:39,716 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-23 14:27:39,717 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:27:39,717 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:27:39,723 INFO L85 PathProgramCache]: Analyzing trace with hash 724006105, now seen corresponding path program 1 times [2022-11-23 14:27:39,723 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:27:39,724 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [684533861] [2022-11-23 14:27:39,724 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:27:39,724 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:27:39,771 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:27:39,863 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-23 14:27:39,863 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:27:39,863 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [684533861] [2022-11-23 14:27:39,864 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [684533861] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 14:27:39,864 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 14:27:39,864 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-23 14:27:39,864 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [756021934] [2022-11-23 14:27:39,864 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 14:27:39,865 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-23 14:27:39,865 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:27:39,866 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-23 14:27:39,866 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-23 14:27:39,866 INFO L87 Difference]: Start difference. First operand 53 states and 69 transitions. Second operand has 3 states, 3 states have (on average 6.333333333333333) internal successors, (19), 3 states have internal predecessors, (19), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-23 14:27:39,946 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:27:39,954 INFO L93 Difference]: Finished difference Result 155 states and 204 transitions. [2022-11-23 14:27:39,955 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-23 14:27:39,955 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.333333333333333) internal successors, (19), 3 states have internal predecessors, (19), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 25 [2022-11-23 14:27:39,955 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:27:39,957 INFO L225 Difference]: With dead ends: 155 [2022-11-23 14:27:39,960 INFO L226 Difference]: Without dead ends: 104 [2022-11-23 14:27:39,961 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-23 14:27:39,965 INFO L413 NwaCegarLoop]: 74 mSDtfsCounter, 54 mSDsluCounter, 53 mSDsCounter, 0 mSdLazyCounter, 31 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 54 SdHoareTripleChecker+Valid, 127 SdHoareTripleChecker+Invalid, 31 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 31 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-23 14:27:39,966 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [54 Valid, 127 Invalid, 31 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 31 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-23 14:27:39,967 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 104 states. [2022-11-23 14:27:39,993 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 104 to 101. [2022-11-23 14:27:39,994 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 101 states, 64 states have (on average 1.390625) internal successors, (89), 79 states have internal predecessors, (89), 22 states have call successors, (22), 14 states have call predecessors, (22), 14 states have return successors, (22), 15 states have call predecessors, (22), 22 states have call successors, (22) [2022-11-23 14:27:39,996 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 101 states to 101 states and 133 transitions. [2022-11-23 14:27:39,998 INFO L78 Accepts]: Start accepts. Automaton has 101 states and 133 transitions. Word has length 25 [2022-11-23 14:27:39,999 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:27:39,999 INFO L495 AbstractCegarLoop]: Abstraction has 101 states and 133 transitions. [2022-11-23 14:27:39,999 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.333333333333333) internal successors, (19), 3 states have internal predecessors, (19), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-23 14:27:40,000 INFO L276 IsEmpty]: Start isEmpty. Operand 101 states and 133 transitions. [2022-11-23 14:27:40,001 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2022-11-23 14:27:40,004 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:27:40,004 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:27:40,004 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-23 14:27:40,005 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:27:40,005 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:27:40,012 INFO L85 PathProgramCache]: Analyzing trace with hash -2048165769, now seen corresponding path program 1 times [2022-11-23 14:27:40,012 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:27:40,012 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [351023752] [2022-11-23 14:27:40,013 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:27:40,013 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:27:40,047 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:27:40,222 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-23 14:27:40,222 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:27:40,222 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [351023752] [2022-11-23 14:27:40,222 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [351023752] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 14:27:40,223 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 14:27:40,223 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-23 14:27:40,223 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1350368110] [2022-11-23 14:27:40,223 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 14:27:40,224 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-23 14:27:40,224 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:27:40,224 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-23 14:27:40,224 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-23 14:27:40,225 INFO L87 Difference]: Start difference. First operand 101 states and 133 transitions. Second operand has 6 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-23 14:27:40,393 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:27:40,393 INFO L93 Difference]: Finished difference Result 282 states and 381 transitions. [2022-11-23 14:27:40,393 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-11-23 14:27:40,394 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 28 [2022-11-23 14:27:40,394 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:27:40,396 INFO L225 Difference]: With dead ends: 282 [2022-11-23 14:27:40,396 INFO L226 Difference]: Without dead ends: 183 [2022-11-23 14:27:40,397 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-11-23 14:27:40,398 INFO L413 NwaCegarLoop]: 67 mSDtfsCounter, 35 mSDsluCounter, 217 mSDsCounter, 0 mSdLazyCounter, 117 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 36 SdHoareTripleChecker+Valid, 284 SdHoareTripleChecker+Invalid, 125 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 117 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-23 14:27:40,399 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [36 Valid, 284 Invalid, 125 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 117 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-23 14:27:40,400 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 183 states. [2022-11-23 14:27:40,423 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 183 to 174. [2022-11-23 14:27:40,424 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 174 states, 115 states have (on average 1.3130434782608695) internal successors, (151), 130 states have internal predecessors, (151), 32 states have call successors, (32), 26 states have call predecessors, (32), 26 states have return successors, (40), 29 states have call predecessors, (40), 32 states have call successors, (40) [2022-11-23 14:27:40,426 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 174 states to 174 states and 223 transitions. [2022-11-23 14:27:40,426 INFO L78 Accepts]: Start accepts. Automaton has 174 states and 223 transitions. Word has length 28 [2022-11-23 14:27:40,427 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:27:40,427 INFO L495 AbstractCegarLoop]: Abstraction has 174 states and 223 transitions. [2022-11-23 14:27:40,427 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-23 14:27:40,427 INFO L276 IsEmpty]: Start isEmpty. Operand 174 states and 223 transitions. [2022-11-23 14:27:40,428 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-11-23 14:27:40,429 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:27:40,429 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:27:40,429 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-23 14:27:40,429 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:27:40,430 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:27:40,430 INFO L85 PathProgramCache]: Analyzing trace with hash 230522554, now seen corresponding path program 1 times [2022-11-23 14:27:40,430 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:27:40,430 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [777374174] [2022-11-23 14:27:40,430 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:27:40,431 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:27:40,448 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:27:40,804 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-23 14:27:40,804 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:27:40,805 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [777374174] [2022-11-23 14:27:40,805 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [777374174] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 14:27:40,805 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 14:27:40,806 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-23 14:27:40,808 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [777614631] [2022-11-23 14:27:40,810 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 14:27:40,811 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-23 14:27:40,812 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:27:40,812 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-23 14:27:40,812 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2022-11-23 14:27:40,812 INFO L87 Difference]: Start difference. First operand 174 states and 223 transitions. Second operand has 6 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-23 14:27:41,077 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:27:41,078 INFO L93 Difference]: Finished difference Result 528 states and 678 transitions. [2022-11-23 14:27:41,079 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-11-23 14:27:41,087 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 33 [2022-11-23 14:27:41,087 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:27:41,095 INFO L225 Difference]: With dead ends: 528 [2022-11-23 14:27:41,095 INFO L226 Difference]: Without dead ends: 356 [2022-11-23 14:27:41,096 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=16, Invalid=26, Unknown=0, NotChecked=0, Total=42 [2022-11-23 14:27:41,097 INFO L413 NwaCegarLoop]: 93 mSDtfsCounter, 116 mSDsluCounter, 146 mSDsCounter, 0 mSdLazyCounter, 124 mSolverCounterSat, 21 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 117 SdHoareTripleChecker+Valid, 239 SdHoareTripleChecker+Invalid, 145 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 21 IncrementalHoareTripleChecker+Valid, 124 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-23 14:27:41,098 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [117 Valid, 239 Invalid, 145 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [21 Valid, 124 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-23 14:27:41,099 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 356 states. [2022-11-23 14:27:41,183 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 356 to 346. [2022-11-23 14:27:41,184 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 346 states, 229 states have (on average 1.296943231441048) internal successors, (297), 255 states have internal predecessors, (297), 63 states have call successors, (63), 53 states have call predecessors, (63), 53 states have return successors, (81), 56 states have call predecessors, (81), 63 states have call successors, (81) [2022-11-23 14:27:41,193 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 346 states to 346 states and 441 transitions. [2022-11-23 14:27:41,194 INFO L78 Accepts]: Start accepts. Automaton has 346 states and 441 transitions. Word has length 33 [2022-11-23 14:27:41,195 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:27:41,195 INFO L495 AbstractCegarLoop]: Abstraction has 346 states and 441 transitions. [2022-11-23 14:27:41,195 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.166666666666667) internal successors, (25), 6 states have internal predecessors, (25), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-23 14:27:41,196 INFO L276 IsEmpty]: Start isEmpty. Operand 346 states and 441 transitions. [2022-11-23 14:27:41,206 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 37 [2022-11-23 14:27:41,206 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:27:41,207 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:27:41,207 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-23 14:27:41,207 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:27:41,208 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:27:41,208 INFO L85 PathProgramCache]: Analyzing trace with hash 175155632, now seen corresponding path program 1 times [2022-11-23 14:27:41,208 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:27:41,209 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [868691020] [2022-11-23 14:27:41,209 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:27:41,209 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:27:41,233 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:27:41,613 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-23 14:27:41,613 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:27:41,613 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [868691020] [2022-11-23 14:27:41,614 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [868691020] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 14:27:41,614 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 14:27:41,614 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-11-23 14:27:41,614 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [451952342] [2022-11-23 14:27:41,614 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 14:27:41,615 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-23 14:27:41,616 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:27:41,616 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-23 14:27:41,617 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=39, Unknown=0, NotChecked=0, Total=56 [2022-11-23 14:27:41,617 INFO L87 Difference]: Start difference. First operand 346 states and 441 transitions. Second operand has 8 states, 7 states have (on average 3.7142857142857144) internal successors, (26), 7 states have internal predecessors, (26), 4 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-23 14:27:42,246 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:27:42,246 INFO L93 Difference]: Finished difference Result 820 states and 1071 transitions. [2022-11-23 14:27:42,247 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2022-11-23 14:27:42,247 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 3.7142857142857144) internal successors, (26), 7 states have internal predecessors, (26), 4 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) Word has length 36 [2022-11-23 14:27:42,248 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:27:42,252 INFO L225 Difference]: With dead ends: 820 [2022-11-23 14:27:42,253 INFO L226 Difference]: Without dead ends: 578 [2022-11-23 14:27:42,254 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 30 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=67, Invalid=143, Unknown=0, NotChecked=0, Total=210 [2022-11-23 14:27:42,258 INFO L413 NwaCegarLoop]: 79 mSDtfsCounter, 237 mSDsluCounter, 191 mSDsCounter, 0 mSdLazyCounter, 306 mSolverCounterSat, 95 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 243 SdHoareTripleChecker+Valid, 270 SdHoareTripleChecker+Invalid, 401 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 95 IncrementalHoareTripleChecker+Valid, 306 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2022-11-23 14:27:42,261 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [243 Valid, 270 Invalid, 401 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [95 Valid, 306 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2022-11-23 14:27:42,265 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 578 states. [2022-11-23 14:27:42,335 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 578 to 514. [2022-11-23 14:27:42,336 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 514 states, 346 states have (on average 1.2919075144508672) internal successors, (447), 384 states have internal predecessors, (447), 90 states have call successors, (90), 68 states have call predecessors, (90), 77 states have return successors, (121), 87 states have call predecessors, (121), 90 states have call successors, (121) [2022-11-23 14:27:42,341 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 514 states to 514 states and 658 transitions. [2022-11-23 14:27:42,342 INFO L78 Accepts]: Start accepts. Automaton has 514 states and 658 transitions. Word has length 36 [2022-11-23 14:27:42,342 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:27:42,342 INFO L495 AbstractCegarLoop]: Abstraction has 514 states and 658 transitions. [2022-11-23 14:27:42,343 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 3.7142857142857144) internal successors, (26), 7 states have internal predecessors, (26), 4 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-23 14:27:42,343 INFO L276 IsEmpty]: Start isEmpty. Operand 514 states and 658 transitions. [2022-11-23 14:27:42,345 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2022-11-23 14:27:42,345 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:27:42,345 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:27:42,345 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-23 14:27:42,346 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:27:42,346 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:27:42,346 INFO L85 PathProgramCache]: Analyzing trace with hash -1058496192, now seen corresponding path program 1 times [2022-11-23 14:27:42,347 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:27:42,347 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [985001464] [2022-11-23 14:27:42,347 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:27:42,347 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:27:42,361 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:27:42,393 INFO L134 CoverageAnalysis]: Checked inductivity of 20 backedges. 14 proven. 0 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2022-11-23 14:27:42,393 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:27:42,394 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [985001464] [2022-11-23 14:27:42,394 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [985001464] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-23 14:27:42,394 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-23 14:27:42,394 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-23 14:27:42,395 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [617764718] [2022-11-23 14:27:42,395 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-23 14:27:42,395 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-23 14:27:42,395 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:27:42,396 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-23 14:27:42,396 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-23 14:27:42,396 INFO L87 Difference]: Start difference. First operand 514 states and 658 transitions. Second operand has 4 states, 3 states have (on average 14.0) internal successors, (42), 4 states have internal predecessors, (42), 4 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2022-11-23 14:27:42,535 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:27:42,536 INFO L93 Difference]: Finished difference Result 620 states and 792 transitions. [2022-11-23 14:27:42,536 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-11-23 14:27:42,536 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 14.0) internal successors, (42), 4 states have internal predecessors, (42), 4 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) Word has length 57 [2022-11-23 14:27:42,537 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:27:42,538 INFO L225 Difference]: With dead ends: 620 [2022-11-23 14:27:42,539 INFO L226 Difference]: Without dead ends: 247 [2022-11-23 14:27:42,540 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-23 14:27:42,541 INFO L413 NwaCegarLoop]: 80 mSDtfsCounter, 94 mSDsluCounter, 48 mSDsCounter, 0 mSdLazyCounter, 80 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 94 SdHoareTripleChecker+Valid, 128 SdHoareTripleChecker+Invalid, 82 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 80 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-23 14:27:42,541 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [94 Valid, 128 Invalid, 82 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 80 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-23 14:27:42,542 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 247 states. [2022-11-23 14:27:42,573 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 247 to 247. [2022-11-23 14:27:42,574 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 247 states, 167 states have (on average 1.2395209580838322) internal successors, (207), 184 states have internal predecessors, (207), 42 states have call successors, (42), 32 states have call predecessors, (42), 37 states have return successors, (57), 42 states have call predecessors, (57), 42 states have call successors, (57) [2022-11-23 14:27:42,575 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 247 states to 247 states and 306 transitions. [2022-11-23 14:27:42,576 INFO L78 Accepts]: Start accepts. Automaton has 247 states and 306 transitions. Word has length 57 [2022-11-23 14:27:42,576 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:27:42,576 INFO L495 AbstractCegarLoop]: Abstraction has 247 states and 306 transitions. [2022-11-23 14:27:42,577 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 14.0) internal successors, (42), 4 states have internal predecessors, (42), 4 states have call successors, (7), 2 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 4 states have call successors, (6) [2022-11-23 14:27:42,577 INFO L276 IsEmpty]: Start isEmpty. Operand 247 states and 306 transitions. [2022-11-23 14:27:42,578 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 63 [2022-11-23 14:27:42,578 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:27:42,579 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:27:42,579 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-23 14:27:42,579 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:27:42,579 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:27:42,580 INFO L85 PathProgramCache]: Analyzing trace with hash -1532462417, now seen corresponding path program 1 times [2022-11-23 14:27:42,580 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:27:42,580 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [945563695] [2022-11-23 14:27:42,580 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:27:42,581 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:27:42,600 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:27:43,055 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 0 proven. 17 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2022-11-23 14:27:43,055 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:27:43,056 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [945563695] [2022-11-23 14:27:43,056 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [945563695] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-23 14:27:43,056 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [747077267] [2022-11-23 14:27:43,056 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:27:43,056 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 14:27:43,057 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/z3 [2022-11-23 14:27:43,061 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-23 14:27:43,067 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-23 14:27:43,181 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:27:43,200 INFO L263 TraceCheckSpWp]: Trace formula consists of 328 conjuncts, 22 conjunts are in the unsatisfiable core [2022-11-23 14:27:43,206 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-23 14:27:43,571 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 27 proven. 1 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-23 14:27:43,571 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-23 14:27:43,828 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 16 proven. 1 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2022-11-23 14:27:43,829 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [747077267] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-23 14:27:43,829 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1923780288] [2022-11-23 14:27:43,852 INFO L159 IcfgInterpreter]: Started Sifa with 37 locations of interest [2022-11-23 14:27:43,852 INFO L166 IcfgInterpreter]: Building call graph [2022-11-23 14:27:43,856 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-23 14:27:43,863 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-23 14:27:43,864 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-23 14:27:49,991 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 52 for LOIs [2022-11-23 14:27:50,003 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 52 for LOIs [2022-11-23 14:27:50,457 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 45 for LOIs [2022-11-23 14:27:50,464 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 28 for LOIs [2022-11-23 14:27:50,502 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-23 14:27:55,125 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '6786#(and (= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| |timeShift_getWaterLevel_#res#1|) (= ~methaneLevelCritical~0 0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| ~waterLevel~0) (= ~head~0.offset 0) (= 1 ~systemActive~0) (= |old(~pumpRunning~0)| 0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| |timeShift_getWaterLevel_#res#1|) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| 2)) (= |old(~waterLevel~0)| ~waterLevel~0) (<= 2 |timeShift_getWaterLevel_#res#1|) (= ~head~0.base 0) (= |#NULL.offset| 0) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1|) (<= |timeShift_getWaterLevel_~retValue_acc~1#1| 2147483647) (= ~pumpRunning~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0) (= |old(~switchedOnBeforeTS~0)| 0))' at error location [2022-11-23 14:27:55,125 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-23 14:27:55,125 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-23 14:27:55,126 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 14 [2022-11-23 14:27:55,126 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [865144097] [2022-11-23 14:27:55,126 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-23 14:27:55,127 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2022-11-23 14:27:55,127 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:27:55,128 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2022-11-23 14:27:55,128 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=202, Invalid=1358, Unknown=0, NotChecked=0, Total=1560 [2022-11-23 14:27:55,129 INFO L87 Difference]: Start difference. First operand 247 states and 306 transitions. Second operand has 14 states, 13 states have (on average 5.384615384615385) internal successors, (70), 13 states have internal predecessors, (70), 7 states have call successors, (15), 5 states have call predecessors, (15), 5 states have return successors, (14), 6 states have call predecessors, (14), 7 states have call successors, (14) [2022-11-23 14:27:56,845 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:27:56,845 INFO L93 Difference]: Finished difference Result 708 states and 906 transitions. [2022-11-23 14:27:56,845 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 34 states. [2022-11-23 14:27:56,846 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 13 states have (on average 5.384615384615385) internal successors, (70), 13 states have internal predecessors, (70), 7 states have call successors, (15), 5 states have call predecessors, (15), 5 states have return successors, (14), 6 states have call predecessors, (14), 7 states have call successors, (14) Word has length 62 [2022-11-23 14:27:56,846 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:27:56,849 INFO L225 Difference]: With dead ends: 708 [2022-11-23 14:27:56,849 INFO L226 Difference]: Without dead ends: 463 [2022-11-23 14:27:56,852 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 234 GetRequests, 167 SyntacticMatches, 5 SemanticMatches, 62 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1428 ImplicationChecksByTransitivity, 5.6s TimeCoverageRelationStatistics Valid=562, Invalid=3470, Unknown=0, NotChecked=0, Total=4032 [2022-11-23 14:27:56,854 INFO L413 NwaCegarLoop]: 62 mSDtfsCounter, 505 mSDsluCounter, 307 mSDsCounter, 0 mSdLazyCounter, 708 mSolverCounterSat, 325 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 511 SdHoareTripleChecker+Valid, 369 SdHoareTripleChecker+Invalid, 1033 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 325 IncrementalHoareTripleChecker+Valid, 708 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2022-11-23 14:27:56,854 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [511 Valid, 369 Invalid, 1033 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [325 Valid, 708 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2022-11-23 14:27:56,856 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 463 states. [2022-11-23 14:27:56,906 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 463 to 408. [2022-11-23 14:27:56,907 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 408 states, 276 states have (on average 1.2065217391304348) internal successors, (333), 307 states have internal predecessors, (333), 65 states have call successors, (65), 51 states have call predecessors, (65), 66 states have return successors, (108), 68 states have call predecessors, (108), 65 states have call successors, (108) [2022-11-23 14:27:56,909 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 408 states to 408 states and 506 transitions. [2022-11-23 14:27:56,909 INFO L78 Accepts]: Start accepts. Automaton has 408 states and 506 transitions. Word has length 62 [2022-11-23 14:27:56,910 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:27:56,910 INFO L495 AbstractCegarLoop]: Abstraction has 408 states and 506 transitions. [2022-11-23 14:27:56,910 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 13 states have (on average 5.384615384615385) internal successors, (70), 13 states have internal predecessors, (70), 7 states have call successors, (15), 5 states have call predecessors, (15), 5 states have return successors, (14), 6 states have call predecessors, (14), 7 states have call successors, (14) [2022-11-23 14:27:56,910 INFO L276 IsEmpty]: Start isEmpty. Operand 408 states and 506 transitions. [2022-11-23 14:27:56,913 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 66 [2022-11-23 14:27:56,914 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:27:56,914 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:27:56,924 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-23 14:27:57,120 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 14:27:57,121 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:27:57,121 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:27:57,121 INFO L85 PathProgramCache]: Analyzing trace with hash 2014836197, now seen corresponding path program 1 times [2022-11-23 14:27:57,121 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:27:57,121 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [902988808] [2022-11-23 14:27:57,121 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:27:57,121 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:27:57,155 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:27:57,447 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 1 proven. 21 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-11-23 14:27:57,447 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:27:57,447 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [902988808] [2022-11-23 14:27:57,447 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [902988808] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-23 14:27:57,447 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [636418108] [2022-11-23 14:27:57,448 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:27:57,448 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 14:27:57,448 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/z3 [2022-11-23 14:27:57,465 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-23 14:27:57,470 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-23 14:27:57,559 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:27:57,561 INFO L263 TraceCheckSpWp]: Trace formula consists of 320 conjuncts, 13 conjunts are in the unsatisfiable core [2022-11-23 14:27:57,564 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-23 14:27:57,617 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 14 proven. 1 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2022-11-23 14:27:57,617 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-23 14:27:57,713 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 7 proven. 1 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2022-11-23 14:27:57,713 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [636418108] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-23 14:27:57,713 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1632821885] [2022-11-23 14:27:57,716 INFO L159 IcfgInterpreter]: Started Sifa with 42 locations of interest [2022-11-23 14:27:57,716 INFO L166 IcfgInterpreter]: Building call graph [2022-11-23 14:27:57,717 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-23 14:27:57,717 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-23 14:27:57,717 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-23 14:28:01,609 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 50 for LOIs [2022-11-23 14:28:01,617 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 34 for LOIs [2022-11-23 14:28:02,004 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 53 for LOIs [2022-11-23 14:28:02,014 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 72 for LOIs [2022-11-23 14:28:02,329 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 55 for LOIs [2022-11-23 14:28:02,338 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-23 14:28:08,183 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '8967#(and (= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| |timeShift_getWaterLevel_#res#1|) (<= ~cleanupTimeShifts~0 4) (<= ~head~0.offset 0) (<= 0 |#NULL.base|) (<= 0 ~head~0.offset) (= |timeShift_getWaterLevel_~retValue_acc~1#1| ~waterLevel~0) (<= 0 (+ 2147483648 |old(~pumpRunning~0)|)) (<= 1 ~systemActive~0) (<= |old(~switchedOnBeforeTS~0)| 2147483647) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 2147483647) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 0)) (<= |old(~pumpRunning~0)| 2147483647) (<= |#NULL.offset| 0) (<= 0 (+ |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 2147483648)) (= |timeShift_getWaterLevel_~retValue_acc~1#1| |timeShift_getWaterLevel_#res#1|) (<= 4 ~cleanupTimeShifts~0) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| 2)) (<= ~methaneLevelCritical~0 0) (<= 0 ~head~0.base) (<= 0 (+ |old(~switchedOnBeforeTS~0)| 2147483648)) (<= |#NULL.base| 0) (<= 0 ~methaneLevelCritical~0) (<= 0 (+ |timeShift_getWaterLevel_~retValue_acc~1#1| 2147483648)) (<= ~head~0.base 0) (<= 0 |#NULL.offset|) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1|) (<= |timeShift_getWaterLevel_~retValue_acc~1#1| 2147483647) (<= ~systemActive~0 1))' at error location [2022-11-23 14:28:08,183 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-23 14:28:08,183 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-23 14:28:08,183 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [11, 6, 6] total 14 [2022-11-23 14:28:08,183 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [397681207] [2022-11-23 14:28:08,183 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-23 14:28:08,184 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2022-11-23 14:28:08,184 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:28:08,184 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2022-11-23 14:28:08,185 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=265, Invalid=1805, Unknown=0, NotChecked=0, Total=2070 [2022-11-23 14:28:08,186 INFO L87 Difference]: Start difference. First operand 408 states and 506 transitions. Second operand has 14 states, 12 states have (on average 5.666666666666667) internal successors, (68), 12 states have internal predecessors, (68), 5 states have call successors, (14), 3 states have call predecessors, (14), 6 states have return successors, (17), 7 states have call predecessors, (17), 5 states have call successors, (17) [2022-11-23 14:28:09,247 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:28:09,247 INFO L93 Difference]: Finished difference Result 805 states and 1020 transitions. [2022-11-23 14:28:09,248 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 30 states. [2022-11-23 14:28:09,248 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 12 states have (on average 5.666666666666667) internal successors, (68), 12 states have internal predecessors, (68), 5 states have call successors, (14), 3 states have call predecessors, (14), 6 states have return successors, (17), 7 states have call predecessors, (17), 5 states have call successors, (17) Word has length 65 [2022-11-23 14:28:09,248 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:28:09,251 INFO L225 Difference]: With dead ends: 805 [2022-11-23 14:28:09,251 INFO L226 Difference]: Without dead ends: 497 [2022-11-23 14:28:09,253 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 242 GetRequests, 174 SyntacticMatches, 0 SemanticMatches, 68 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1627 ImplicationChecksByTransitivity, 6.4s TimeCoverageRelationStatistics Valid=594, Invalid=4236, Unknown=0, NotChecked=0, Total=4830 [2022-11-23 14:28:09,254 INFO L413 NwaCegarLoop]: 95 mSDtfsCounter, 342 mSDsluCounter, 379 mSDsCounter, 0 mSdLazyCounter, 528 mSolverCounterSat, 203 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 347 SdHoareTripleChecker+Valid, 474 SdHoareTripleChecker+Invalid, 731 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 203 IncrementalHoareTripleChecker+Valid, 528 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2022-11-23 14:28:09,255 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [347 Valid, 474 Invalid, 731 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [203 Valid, 528 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2022-11-23 14:28:09,256 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 497 states. [2022-11-23 14:28:09,305 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 497 to 462. [2022-11-23 14:28:09,306 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 462 states, 310 states have (on average 1.1838709677419355) internal successors, (367), 345 states have internal predecessors, (367), 74 states have call successors, (74), 63 states have call predecessors, (74), 77 states have return successors, (119), 77 states have call predecessors, (119), 74 states have call successors, (119) [2022-11-23 14:28:09,309 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 462 states to 462 states and 560 transitions. [2022-11-23 14:28:09,309 INFO L78 Accepts]: Start accepts. Automaton has 462 states and 560 transitions. Word has length 65 [2022-11-23 14:28:09,310 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:28:09,311 INFO L495 AbstractCegarLoop]: Abstraction has 462 states and 560 transitions. [2022-11-23 14:28:09,311 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 12 states have (on average 5.666666666666667) internal successors, (68), 12 states have internal predecessors, (68), 5 states have call successors, (14), 3 states have call predecessors, (14), 6 states have return successors, (17), 7 states have call predecessors, (17), 5 states have call successors, (17) [2022-11-23 14:28:09,311 INFO L276 IsEmpty]: Start isEmpty. Operand 462 states and 560 transitions. [2022-11-23 14:28:09,313 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 92 [2022-11-23 14:28:09,313 INFO L187 NwaCegarLoop]: Found error trace [2022-11-23 14:28:09,313 INFO L195 NwaCegarLoop]: trace histogram [5, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:28:09,327 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2022-11-23 14:28:09,520 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 14:28:09,520 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-23 14:28:09,520 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-23 14:28:09,521 INFO L85 PathProgramCache]: Analyzing trace with hash -748666130, now seen corresponding path program 1 times [2022-11-23 14:28:09,521 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-23 14:28:09,521 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1300516733] [2022-11-23 14:28:09,521 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:28:09,521 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-23 14:28:09,539 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:28:10,540 INFO L134 CoverageAnalysis]: Checked inductivity of 79 backedges. 12 proven. 45 refuted. 0 times theorem prover too weak. 22 trivial. 0 not checked. [2022-11-23 14:28:10,540 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-23 14:28:10,541 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1300516733] [2022-11-23 14:28:10,541 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1300516733] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-23 14:28:10,541 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1335555128] [2022-11-23 14:28:10,541 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-23 14:28:10,541 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-23 14:28:10,542 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/z3 [2022-11-23 14:28:10,543 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-23 14:28:10,566 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-11-23 14:28:10,667 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-23 14:28:10,669 INFO L263 TraceCheckSpWp]: Trace formula consists of 430 conjuncts, 34 conjunts are in the unsatisfiable core [2022-11-23 14:28:10,673 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-23 14:28:11,157 INFO L134 CoverageAnalysis]: Checked inductivity of 79 backedges. 23 proven. 54 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-23 14:28:11,158 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-23 14:28:11,813 INFO L134 CoverageAnalysis]: Checked inductivity of 79 backedges. 52 proven. 5 refuted. 0 times theorem prover too weak. 22 trivial. 0 not checked. [2022-11-23 14:28:11,813 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1335555128] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-23 14:28:11,813 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [942584001] [2022-11-23 14:28:11,816 INFO L159 IcfgInterpreter]: Started Sifa with 41 locations of interest [2022-11-23 14:28:11,816 INFO L166 IcfgInterpreter]: Building call graph [2022-11-23 14:28:11,817 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-23 14:28:11,817 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-23 14:28:11,817 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-23 14:28:15,012 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 144 for LOIs [2022-11-23 14:28:15,036 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 36 for LOIs [2022-11-23 14:28:15,503 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 29 for LOIs [2022-11-23 14:28:15,505 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 28 for LOIs [2022-11-23 14:28:15,537 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 35 for LOIs [2022-11-23 14:28:15,542 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-23 14:28:22,415 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '11551#(and (= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| |timeShift_getWaterLevel_#res#1|) (= ~methaneLevelCritical~0 0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| ~waterLevel~0) (= ~head~0.offset 0) (<= |old(~switchedOnBeforeTS~0)| 2147483647) (= 1 ~systemActive~0) (= |old(~pumpRunning~0)| 0) (= |timeShift_getWaterLevel_~retValue_acc~1#1| |timeShift_getWaterLevel_#res#1|) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| 2)) (<= 0 ~head~0.base) (<= 0 (+ |old(~switchedOnBeforeTS~0)| 2147483648)) (<= 0 (+ |timeShift_getWaterLevel_~retValue_acc~1#1| 2147483648)) (<= ~head~0.base 0) (= |#NULL.offset| 0) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1|) (<= |timeShift_getWaterLevel_~retValue_acc~1#1| 2147483647) (= ~pumpRunning~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-23 14:28:22,415 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-23 14:28:22,415 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-23 14:28:22,415 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [19, 13, 11] total 33 [2022-11-23 14:28:22,416 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1983412269] [2022-11-23 14:28:22,416 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-23 14:28:22,417 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 33 states [2022-11-23 14:28:22,417 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-23 14:28:22,417 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 33 interpolants. [2022-11-23 14:28:22,418 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=442, Invalid=3718, Unknown=0, NotChecked=0, Total=4160 [2022-11-23 14:28:22,419 INFO L87 Difference]: Start difference. First operand 462 states and 560 transitions. Second operand has 33 states, 31 states have (on average 5.161290322580645) internal successors, (160), 32 states have internal predecessors, (160), 18 states have call successors, (32), 9 states have call predecessors, (32), 13 states have return successors, (30), 16 states have call predecessors, (30), 17 states have call successors, (30) [2022-11-23 14:28:27,004 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-23 14:28:27,004 INFO L93 Difference]: Finished difference Result 1033 states and 1298 transitions. [2022-11-23 14:28:27,005 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 66 states. [2022-11-23 14:28:27,005 INFO L78 Accepts]: Start accepts. Automaton has has 33 states, 31 states have (on average 5.161290322580645) internal successors, (160), 32 states have internal predecessors, (160), 18 states have call successors, (32), 9 states have call predecessors, (32), 13 states have return successors, (30), 16 states have call predecessors, (30), 17 states have call successors, (30) Word has length 91 [2022-11-23 14:28:27,005 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-23 14:28:27,006 INFO L225 Difference]: With dead ends: 1033 [2022-11-23 14:28:27,006 INFO L226 Difference]: Without dead ends: 0 [2022-11-23 14:28:27,014 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 390 GetRequests, 260 SyntacticMatches, 4 SemanticMatches, 126 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 6321 ImplicationChecksByTransitivity, 10.1s TimeCoverageRelationStatistics Valid=2032, Invalid=14224, Unknown=0, NotChecked=0, Total=16256 [2022-11-23 14:28:27,014 INFO L413 NwaCegarLoop]: 106 mSDtfsCounter, 1367 mSDsluCounter, 772 mSDsCounter, 0 mSdLazyCounter, 1883 mSolverCounterSat, 924 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1368 SdHoareTripleChecker+Valid, 878 SdHoareTripleChecker+Invalid, 2807 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 924 IncrementalHoareTripleChecker+Valid, 1883 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.6s IncrementalHoareTripleChecker+Time [2022-11-23 14:28:27,015 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1368 Valid, 878 Invalid, 2807 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [924 Valid, 1883 Invalid, 0 Unknown, 0 Unchecked, 1.6s Time] [2022-11-23 14:28:27,015 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-23 14:28:27,015 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-23 14:28:27,016 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-23 14:28:27,016 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-23 14:28:27,016 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 91 [2022-11-23 14:28:27,016 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-23 14:28:27,016 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-23 14:28:27,017 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 33 states, 31 states have (on average 5.161290322580645) internal successors, (160), 32 states have internal predecessors, (160), 18 states have call successors, (32), 9 states have call predecessors, (32), 13 states have return successors, (30), 16 states have call predecessors, (30), 17 states have call successors, (30) [2022-11-23 14:28:27,017 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-23 14:28:27,017 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-23 14:28:27,019 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-23 14:28:27,026 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2022-11-23 14:28:27,225 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-23 14:28:27,227 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-23 14:28:34,861 INFO L895 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 352 359) the Hoare annotation is: (or (not (= 1 ~systemActive~0)) (not (<= ~waterLevel~0 2)) (= ~pumpRunning~0 ~switchedOnBeforeTS~0) (= ~switchedOnBeforeTS~0 0) (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|))) [2022-11-23 14:28:34,861 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 352 359) no Hoare annotation was computed. [2022-11-23 14:28:34,861 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 267 273) no Hoare annotation was computed. [2022-11-23 14:28:34,861 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 267 273) the Hoare annotation is: true [2022-11-23 14:28:34,862 INFO L902 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 84 95) the Hoare annotation is: true [2022-11-23 14:28:34,862 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 84 95) no Hoare annotation was computed. [2022-11-23 14:28:34,862 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 895 924) no Hoare annotation was computed. [2022-11-23 14:28:34,862 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 895 924) the Hoare annotation is: true [2022-11-23 14:28:34,862 INFO L902 garLoopResultBuilder]: At program point L920(lines 895 924) the Hoare annotation is: true [2022-11-23 14:28:34,862 INFO L899 garLoopResultBuilder]: For program point L916(line 916) no Hoare annotation was computed. [2022-11-23 14:28:34,862 INFO L899 garLoopResultBuilder]: For program point L909(lines 909 913) no Hoare annotation was computed. [2022-11-23 14:28:34,862 INFO L902 garLoopResultBuilder]: At program point L909-1(lines 909 913) the Hoare annotation is: true [2022-11-23 14:28:34,862 INFO L902 garLoopResultBuilder]: At program point L905-2(lines 905 919) the Hoare annotation is: true [2022-11-23 14:28:34,862 INFO L902 garLoopResultBuilder]: At program point L901(line 901) the Hoare annotation is: true [2022-11-23 14:28:34,862 INFO L899 garLoopResultBuilder]: For program point L901-1(line 901) no Hoare annotation was computed. [2022-11-23 14:28:34,863 INFO L895 garLoopResultBuilder]: At program point L320(line 320) the Hoare annotation is: (let ((.cse2 (= ~pumpRunning~0 0)) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0)))) (and (or .cse0 .cse1 (and .cse2 (= |old(~waterLevel~0)| ~waterLevel~0) (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) .cse3) (or .cse1 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse2) .cse3 (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 (not (= 0 ~systemActive~0))) (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) (not (<= |old(~waterLevel~0)| 1)) .cse1 (= |old(~switchedOnBeforeTS~0)| 0)))) [2022-11-23 14:28:34,863 INFO L895 garLoopResultBuilder]: At program point L320-1(lines 301 325) the Hoare annotation is: (let ((.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse15 (+ ~waterLevel~0 1))) (let ((.cse14 (not (= ~switchedOnBeforeTS~0 0))) (.cse3 (= ~pumpRunning~0 0)) (.cse8 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse16 (= |old(~waterLevel~0)| .cse15)) (.cse17 (= 1 ~systemActive~0)) (.cse5 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse18 (or .cse1 (<= |old(~waterLevel~0)| ~waterLevel~0)))) (let ((.cse6 (and .cse8 .cse16 .cse17 .cse5 .cse18)) (.cse7 (and .cse14 .cse3 .cse17 (= ~waterLevel~0 1) .cse18)) (.cse9 (not (<= |old(~waterLevel~0)| 2))) (.cse10 (not (<= 2 |old(~waterLevel~0)|))) (.cse11 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse0 (not (<= |old(~waterLevel~0)| 1))) (.cse2 (not .cse17)) (.cse12 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse4 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 .cse1 .cse2 (and .cse3 .cse4 .cse5)) (or .cse2 .cse6 .cse7 (and .cse4 (or .cse8 (= ~pumpRunning~0 1))) .cse9 .cse10) (or .cse11 .cse2 .cse6 .cse7 .cse9 .cse10 .cse12) (let ((.cse13 (or (and .cse16 (< 0 |old(~waterLevel~0)|)) .cse4))) (or .cse11 .cse0 (and .cse8 (<= ~waterLevel~0 0) .cse13 .cse5) .cse2 (and .cse14 .cse3 .cse13 (or (<= |old(~waterLevel~0)| 0) (<= .cse15 |old(~waterLevel~0)|))) .cse12)) (or .cse1 (not (= 0 ~systemActive~0))))))) [2022-11-23 14:28:34,864 INFO L895 garLoopResultBuilder]: At program point L254-1(lines 254 260) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse17 (+ ~waterLevel~0 1))) (let ((.cse16 (not (= ~switchedOnBeforeTS~0 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse3 (= ~waterLevel~0 1)) (.cse10 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse18 (= |old(~waterLevel~0)| .cse17)) (.cse19 (= 1 ~systemActive~0)) (.cse7 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse20 (or .cse0 (<= |old(~waterLevel~0)| ~waterLevel~0)))) (let ((.cse2 (not (= 0 ~systemActive~0))) (.cse8 (and .cse10 .cse18 .cse19 .cse7 .cse20)) (.cse9 (and .cse16 .cse1 .cse19 .cse3 .cse20)) (.cse11 (not (<= |old(~waterLevel~0)| 2))) (.cse12 (not (<= 2 |old(~waterLevel~0)|))) (.cse13 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse4 (not (<= |old(~waterLevel~0)| 1))) (.cse5 (not .cse19)) (.cse14 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse6 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 .cse1 .cse2) (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse3 .cse2) (or .cse4 .cse0 .cse5 (and .cse1 .cse6 .cse7)) (or .cse5 .cse8 .cse9 (and .cse6 (or .cse10 (= ~pumpRunning~0 1))) .cse11 .cse12) (or .cse0 .cse6 .cse11 .cse2 .cse12) (or .cse13 .cse5 .cse8 .cse9 .cse11 .cse12 .cse14) (let ((.cse15 (or (and .cse18 (< 0 |old(~waterLevel~0)|)) .cse6))) (or .cse13 .cse4 (and .cse10 (<= ~waterLevel~0 0) .cse15 .cse7) .cse5 (and .cse16 .cse1 .cse15 (or (<= |old(~waterLevel~0)| 0) (<= .cse17 |old(~waterLevel~0)|))) .cse14)))))) [2022-11-23 14:28:34,864 INFO L895 garLoopResultBuilder]: At program point L874(line 874) the Hoare annotation is: (let ((.cse10 (+ ~waterLevel~0 1))) (let ((.cse0 (not (<= |old(~waterLevel~0)| 1))) (.cse5 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse11 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse6 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse8 (not (= ~switchedOnBeforeTS~0 0))) (.cse3 (= ~pumpRunning~0 0)) (.cse12 (= |old(~waterLevel~0)| .cse10)) (.cse4 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| ~waterLevel~0)) (.cse7 (not (= 0 ~systemActive~0))) (.cse1 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse13 (not (<= |old(~waterLevel~0)| 2))) (.cse14 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 .cse1 .cse2 (and .cse3 .cse4 .cse5 .cse6)) (or .cse1 .cse3 .cse7) (let ((.cse9 (or (and .cse12 (< 0 |old(~waterLevel~0)|)) .cse5))) (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) .cse0 (and .cse8 .cse3 .cse4 .cse9 (or (<= |old(~waterLevel~0)| 0) (<= .cse10 |old(~waterLevel~0)|))) .cse2 (and .cse11 (<= ~waterLevel~0 0) .cse4 .cse9 .cse6) (= |old(~switchedOnBeforeTS~0)| 0))) (or .cse2 (and .cse11 .cse12 .cse4 .cse6) (and .cse8 .cse3 .cse12 .cse4) .cse13 .cse14) (or .cse1 (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1) .cse7) (or .cse1 .cse13 .cse7 .cse14) (or .cse1 .cse2 .cse13 .cse14)))) [2022-11-23 14:28:34,865 INFO L899 garLoopResultBuilder]: For program point L874-1(line 874) no Hoare annotation was computed. [2022-11-23 14:28:34,865 INFO L899 garLoopResultBuilder]: For program point L247-2(lines 243 265) no Hoare annotation was computed. [2022-11-23 14:28:34,865 INFO L899 garLoopResultBuilder]: For program point L309(lines 309 317) no Hoare annotation was computed. [2022-11-23 14:28:34,865 INFO L895 garLoopResultBuilder]: At program point L305(lines 305 322) the Hoare annotation is: (let ((.cse2 (= ~pumpRunning~0 0)) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse6 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse1 (not (= 1 ~systemActive~0))) (.cse0 (not (= |old(~pumpRunning~0)| 0)))) (and (or .cse0 .cse1 (and .cse2 .cse3 .cse4) .cse5) (or .cse1 (and .cse6 (or .cse2 (and (<= ~waterLevel~0 1) (<= 1 ~waterLevel~0))) .cse4) .cse5 (not (<= 2 |old(~waterLevel~0)|))) (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) (not (<= |old(~waterLevel~0)| 1)) (and .cse6 (<= ~waterLevel~0 0) (or (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) (< 0 |old(~waterLevel~0)|)) .cse3) .cse4) .cse1 (= |old(~switchedOnBeforeTS~0)| 0)) (or .cse0 (not (= 0 ~systemActive~0))))) [2022-11-23 14:28:34,866 INFO L895 garLoopResultBuilder]: At program point L859(line 859) the Hoare annotation is: (let ((.cse2 (not (= 0 ~systemActive~0))) (.cse3 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse4 (= ~pumpRunning~0 0)) (.cse5 (not (= 1 ~systemActive~0))) (.cse6 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse7 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse2 (and .cse4 (or .cse1 (= ~waterLevel~0 1)))) (or .cse5 (and .cse6 .cse1) .cse7 .cse3) (or .cse0 .cse5 .cse7 (and (not (= ~switchedOnBeforeTS~0 0)) .cse4 .cse1) (= |old(~switchedOnBeforeTS~0)| 0)) (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) .cse5 (and .cse6 .cse1 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) .cse7))) [2022-11-23 14:28:34,866 INFO L895 garLoopResultBuilder]: At program point L859-1(line 859) the Hoare annotation is: (let ((.cse10 (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__2_#t~ret50#1|)) (.cse6 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse9 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse10 .cse6)) (.cse4 (not (= 0 ~systemActive~0))) (.cse8 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse2 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse3 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse7 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (= ~pumpRunning~0 0))) (and (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse1 .cse2) (or .cse3 .cse4 (and .cse5 (or .cse6 (= ~waterLevel~0 1)))) (or .cse0 .cse1 .cse7 .cse2 .cse8) (or .cse0 (not (<= |old(~waterLevel~0)| 1)) .cse1 .cse9) (or .cse1 .cse9 .cse7 .cse8) (or .cse3 .cse6 .cse7 .cse4 .cse8) (or .cse0 .cse1 .cse7 .cse2 (= |old(~switchedOnBeforeTS~0)| 0)) (or .cse3 .cse1 .cse7 (and .cse5 .cse10 .cse6))))) [2022-11-23 14:28:34,866 INFO L899 garLoopResultBuilder]: For program point L876(lines 876 886) no Hoare annotation was computed. [2022-11-23 14:28:34,866 INFO L899 garLoopResultBuilder]: For program point L872(lines 872 889) no Hoare annotation was computed. [2022-11-23 14:28:34,867 INFO L895 garLoopResultBuilder]: At program point L872-1(lines 864 892) the Hoare annotation is: (let ((.cse15 (= 1 ~systemActive~0)) (.cse12 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse5 (< 0 |old(~waterLevel~0)|))) (let ((.cse16 (= ~waterLevel~0 1)) (.cse3 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse14 (not (= ~switchedOnBeforeTS~0 0))) (.cse11 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse8 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse6 (and .cse12 .cse5)) (.cse4 (not .cse15)) (.cse1 (= ~pumpRunning~0 0)) (.cse13 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse9 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| ~waterLevel~0)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse7 (not (<= |old(~waterLevel~0)| 2))) (.cse19 (< 1 |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1|)) (.cse10 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse2 (not (= 0 ~systemActive~0))) (.cse17 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 .cse1 .cse2) (or .cse3 .cse4 (not .cse5) .cse6 .cse7 .cse8) (or (and .cse9 .cse10 (or .cse11 (= ~pumpRunning~0 1))) .cse4 (and .cse11 .cse12 .cse9 .cse13) .cse7 (and .cse14 .cse1 .cse15 .cse9 .cse16) .cse17) (or .cse0 (not (= |old(~waterLevel~0)| 1)) .cse16 .cse2) (let ((.cse18 (or .cse6 .cse10))) (or .cse3 (not (<= |old(~waterLevel~0)| 1)) .cse4 (and .cse14 .cse1 .cse15 .cse9 .cse18) (and .cse11 .cse9 .cse18 .cse13) .cse8)) (or .cse0 .cse4 (and .cse1 .cse15 .cse9 .cse10 .cse13) .cse7 (and .cse19 .cse9 .cse10)) (or .cse0 .cse7 (and .cse19 (<= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| 2) .cse10) .cse2 .cse17)))) [2022-11-23 14:28:34,867 INFO L895 garLoopResultBuilder]: At program point L315(line 315) the Hoare annotation is: (let ((.cse1 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse3 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse0 (not (= 1 ~systemActive~0))) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse6 (not (= |old(~pumpRunning~0)| 0)))) (and (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) .cse0 (and .cse1 (let ((.cse2 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse2) (= |old(~waterLevel~0)| ~waterLevel~0)) (and .cse3 .cse2))) .cse4) .cse5) (or (and .cse1 .cse3 .cse4) .cse0 .cse5 (not (<= 2 |old(~waterLevel~0)|))) (or .cse6 .cse0 .cse5) (or .cse6 (not (= 0 ~systemActive~0))))) [2022-11-23 14:28:34,868 INFO L895 garLoopResultBuilder]: At program point L311(line 311) the Hoare annotation is: (let ((.cse1 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse3 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse0 (not (= 1 ~systemActive~0))) (.cse5 (not (<= |old(~waterLevel~0)| 2))) (.cse6 (not (= |old(~pumpRunning~0)| 0)))) (and (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) .cse0 (and .cse1 (let ((.cse2 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse2) (= |old(~waterLevel~0)| ~waterLevel~0)) (and .cse3 .cse2))) .cse4) .cse5) (or (and .cse1 .cse3 .cse4) .cse0 .cse5 (not (<= 2 |old(~waterLevel~0)|))) (or .cse6 .cse0 .cse5) (or .cse6 (not (= 0 ~systemActive~0))))) [2022-11-23 14:28:34,874 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 240 266) the Hoare annotation is: (let ((.cse2 (not (= 0 ~systemActive~0))) (.cse3 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse4 (= ~pumpRunning~0 0)) (.cse5 (not (= 1 ~systemActive~0))) (.cse6 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse1 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse7 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse2 (and .cse4 (or .cse1 (= ~waterLevel~0 1)))) (or .cse5 (and .cse6 .cse1) .cse7 .cse3) (or .cse0 .cse5 .cse7 (and (not (= ~switchedOnBeforeTS~0 0)) .cse4 .cse1) (= |old(~switchedOnBeforeTS~0)| 0)) (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) .cse5 (and .cse6 .cse1 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) .cse7))) [2022-11-23 14:28:34,875 INFO L899 garLoopResultBuilder]: For program point L877(lines 877 883) no Hoare annotation was computed. [2022-11-23 14:28:34,877 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 240 266) no Hoare annotation was computed. [2022-11-23 14:28:34,877 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 840) no Hoare annotation was computed. [2022-11-23 14:28:34,877 INFO L895 garLoopResultBuilder]: At program point L840(line 840) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= |old(~waterLevel~0)| 2))) (.cse2 (not (= |old(~pumpRunning~0)| 0)))) (and (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) (not (<= |old(~waterLevel~0)| 1)) .cse0) (or .cse0 .cse1 (not (<= 2 |old(~waterLevel~0)|))) (or .cse2 .cse0 .cse1) (or .cse2 (not (= 0 ~systemActive~0))))) [2022-11-23 14:28:34,878 INFO L902 garLoopResultBuilder]: At program point L225(lines 164 229) the Hoare annotation is: true [2022-11-23 14:28:34,878 INFO L899 garLoopResultBuilder]: For program point L184(lines 184 190) no Hoare annotation was computed. [2022-11-23 14:28:34,878 INFO L899 garLoopResultBuilder]: For program point L184-1(lines 184 190) no Hoare annotation was computed. [2022-11-23 14:28:34,878 INFO L895 garLoopResultBuilder]: At program point L222(lines 173 223) the Hoare annotation is: false [2022-11-23 14:28:34,878 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-23 14:28:34,878 INFO L899 garLoopResultBuilder]: For program point L210(lines 210 216) no Hoare annotation was computed. [2022-11-23 14:28:34,879 INFO L895 garLoopResultBuilder]: At program point L210-2(lines 204 217) the Hoare annotation is: (let ((.cse2 (= ~pumpRunning~0 0)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= 2 ~waterLevel~0) .cse0 .cse1) (and (<= ~waterLevel~0 1) .cse0 .cse1 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (and .cse2 .cse1 (= 0 ~systemActive~0)) (and .cse2 .cse0 .cse1 (<= ~waterLevel~0 2)))) [2022-11-23 14:28:34,879 INFO L899 garLoopResultBuilder]: For program point L458(lines 458 464) no Hoare annotation was computed. [2022-11-23 14:28:34,879 INFO L895 garLoopResultBuilder]: At program point L458-1(lines 458 464) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) [2022-11-23 14:28:34,879 INFO L899 garLoopResultBuilder]: For program point L194(lines 194 200) no Hoare annotation was computed. [2022-11-23 14:28:34,879 INFO L899 garLoopResultBuilder]: For program point L194-1(lines 194 200) no Hoare annotation was computed. [2022-11-23 14:28:34,879 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-23 14:28:34,880 INFO L895 garLoopResultBuilder]: At program point L219(lines 174 221) the Hoare annotation is: (let ((.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 1)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= 2 ~waterLevel~0) .cse0 .cse1) (and .cse2 .cse0 .cse1 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 (= 0 ~systemActive~0)) (and .cse3 .cse2 .cse0 .cse1))) [2022-11-23 14:28:34,880 INFO L895 garLoopResultBuilder]: At program point L186(line 186) the Hoare annotation is: (let ((.cse3 (= ~pumpRunning~0 0)) (.cse2 (<= ~waterLevel~0 1)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= 2 ~waterLevel~0) .cse0 .cse1) (and .cse2 .cse0 .cse1 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (and .cse3 .cse1 (= 0 ~systemActive~0)) (and .cse3 .cse2 .cse0 .cse1))) [2022-11-23 14:28:34,880 INFO L895 garLoopResultBuilder]: At program point L980(lines 980 987) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1) (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) [2022-11-23 14:28:34,880 INFO L902 garLoopResultBuilder]: At program point L980-2(lines 980 987) the Hoare annotation is: true [2022-11-23 14:28:34,880 INFO L899 garLoopResultBuilder]: For program point L175(lines 174 221) no Hoare annotation was computed. [2022-11-23 14:28:34,880 INFO L899 garLoopResultBuilder]: For program point L204(lines 204 217) no Hoare annotation was computed. [2022-11-23 14:28:34,881 INFO L895 garLoopResultBuilder]: At program point L460(line 460) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= 1 ~systemActive~0) .cse0) (and (<= 2 ~waterLevel~0) .cse0 (not (= 0 ~systemActive~0))))) [2022-11-23 14:28:34,881 INFO L895 garLoopResultBuilder]: At program point L196(line 196) the Hoare annotation is: (let ((.cse2 (= ~pumpRunning~0 0)) (.cse0 (= 1 ~systemActive~0)) (.cse1 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and (= 2 ~waterLevel~0) .cse0 .cse1) (and (<= ~waterLevel~0 1) .cse0 .cse1 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (and .cse2 .cse1 (= 0 ~systemActive~0)) (and .cse2 .cse0 .cse1 (<= ~waterLevel~0 2)))) [2022-11-23 14:28:34,881 INFO L895 garLoopResultBuilder]: At program point L289(line 289) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2))) (.cse2 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 (= ~switchedOnBeforeTS~0 0) .cse2) (or .cse0 (and (or (<= 2 ~waterLevel~0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~1#1| 0)) (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) .cse1 .cse2))) [2022-11-23 14:28:34,882 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 275 299) the Hoare annotation is: (or (not (= 1 ~systemActive~0)) (not (<= ~waterLevel~0 2)) (= ~pumpRunning~0 ~switchedOnBeforeTS~0) (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|))) [2022-11-23 14:28:34,882 INFO L895 garLoopResultBuilder]: At program point L283(lines 283 291) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2))) (.cse2 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 (= ~switchedOnBeforeTS~0 0) .cse2) (or .cse0 (and (or (<= 2 ~waterLevel~0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~1#1| 0)) (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) .cse1 .cse2))) [2022-11-23 14:28:34,882 INFO L895 garLoopResultBuilder]: At program point L279(lines 279 296) the Hoare annotation is: (or (not (= 1 ~systemActive~0)) (not (<= ~waterLevel~0 2)) (= ~pumpRunning~0 ~switchedOnBeforeTS~0) (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|))) [2022-11-23 14:28:34,882 INFO L895 garLoopResultBuilder]: At program point L294(line 294) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (<= ~waterLevel~0 2))) (.cse2 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 (= ~pumpRunning~0 ~switchedOnBeforeTS~0) .cse2) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse1 .cse2))) [2022-11-23 14:28:34,882 INFO L899 garLoopResultBuilder]: For program point L294-1(lines 275 299) no Hoare annotation was computed. [2022-11-23 14:28:34,882 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 275 299) no Hoare annotation was computed. [2022-11-23 14:28:34,884 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 72 83) no Hoare annotation was computed. [2022-11-23 14:28:34,884 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 72 83) the Hoare annotation is: (let ((.cse0 (not (<= |old(~waterLevel~0)| 1))) (.cse3 (not (= ~pumpRunning~0 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 .cse1 (not (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) .cse2) (or .cse0 .cse3 .cse1 .cse2) (or .cse3 .cse2 (= ~waterLevel~0 1) (not (= 0 ~systemActive~0))) (or .cse1 (not (= |old(~waterLevel~0)| 2)) .cse2))) [2022-11-23 14:28:34,884 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 371 379) no Hoare annotation was computed. [2022-11-23 14:28:34,885 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 371 379) the Hoare annotation is: true [2022-11-23 14:28:34,887 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-23 14:28:34,890 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-23 14:28:34,921 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 23.11 02:28:34 BoogieIcfgContainer [2022-11-23 14:28:34,921 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-23 14:28:34,922 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-23 14:28:34,922 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-23 14:28:34,922 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-23 14:28:34,922 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 23.11 02:27:38" (3/4) ... [2022-11-23 14:28:34,928 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-23 14:28:34,934 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-11-23 14:28:34,934 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-23 14:28:34,934 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-23 14:28:34,934 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-23 14:28:34,934 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-23 14:28:34,935 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-23 14:28:34,935 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-23 14:28:34,935 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-11-23 14:28:34,952 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 52 nodes and edges [2022-11-23 14:28:34,953 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 15 nodes and edges [2022-11-23 14:28:34,953 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-23 14:28:34,954 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-23 14:28:34,954 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-23 14:28:34,986 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || pumpRunning == switchedOnBeforeTS) && ((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || (pumpRunning == 0 && (\old(waterLevel) == waterLevel || waterLevel == 1)))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || pumpRunning == switchedOnBeforeTS) || !(2 <= \old(waterLevel)))) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || ((pumpRunning == \old(pumpRunning) && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel))) && (((!(1 == systemActive) || ((pumpRunning == \old(pumpRunning) && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || pumpRunning == switchedOnBeforeTS) || \old(switchedOnBeforeTS) == 0)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == 0 && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel)) [2022-11-23 14:28:34,987 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(0 == systemActive)) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || waterLevel == 1) || !(0 == systemActive))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS))) && (((((!(1 == systemActive) || ((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && 1 == systemActive) && pumpRunning == switchedOnBeforeTS) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && 1 == systemActive) && waterLevel == 1) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || (\old(waterLevel) == waterLevel && (pumpRunning == \old(pumpRunning) || pumpRunning == 1))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || ((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && 1 == systemActive) && pumpRunning == switchedOnBeforeTS) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && 1 == systemActive) && waterLevel == 1) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || \old(switchedOnBeforeTS) == 0)) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS)) || !(1 == systemActive)) || (((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && (\old(waterLevel) <= 0 || waterLevel + 1 <= \old(waterLevel)))) || \old(switchedOnBeforeTS) == 0) [2022-11-23 14:28:34,989 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(0 == systemActive)) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || !(0 < \old(waterLevel))) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) || \old(switchedOnBeforeTS) == 0)) && (((((((tmp == waterLevel && \old(waterLevel) == waterLevel) && (pumpRunning == \old(pumpRunning) || pumpRunning == 1)) || !(1 == systemActive)) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && 1 == systemActive) && tmp == waterLevel) && waterLevel == 1)) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || waterLevel == 1) || !(0 == systemActive))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && 1 == systemActive) && tmp == waterLevel) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel))) || (((pumpRunning == \old(pumpRunning) && tmp == waterLevel) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS)) || \old(switchedOnBeforeTS) == 0)) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((((pumpRunning == 0 && 1 == systemActive) && tmp == waterLevel) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((1 < tmp && tmp == waterLevel) && \old(waterLevel) == waterLevel))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || ((1 < tmp && tmp <= 2) && \old(waterLevel) == waterLevel)) || !(0 == systemActive)) || !(2 <= \old(waterLevel))) [2022-11-23 14:28:34,989 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((!(1 == systemActive) || ((pumpRunning == \old(pumpRunning) && (pumpRunning == 0 || (waterLevel <= 1 && 1 <= waterLevel))) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS)) || !(1 == systemActive)) || \old(switchedOnBeforeTS) == 0)) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) [2022-11-23 14:28:34,990 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) && ((!(1 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) [2022-11-23 14:28:34,990 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) && (((((!(1 == systemActive) || ((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && 1 == systemActive) && pumpRunning == switchedOnBeforeTS) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && 1 == systemActive) && waterLevel == 1) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || (\old(waterLevel) == waterLevel && (pumpRunning == \old(pumpRunning) || pumpRunning == 1))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || ((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && 1 == systemActive) && pumpRunning == switchedOnBeforeTS) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && 1 == systemActive) && waterLevel == 1) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || \old(switchedOnBeforeTS) == 0)) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS)) || !(1 == systemActive)) || (((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && (\old(waterLevel) <= 0 || waterLevel + 1 <= \old(waterLevel)))) || \old(switchedOnBeforeTS) == 0)) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) [2022-11-23 14:28:34,990 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((!(1 == systemActive) || !(waterLevel <= 2)) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning)) [2022-11-23 14:28:34,993 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(1 == systemActive) || !(waterLevel <= 2)) || switchedOnBeforeTS == 0) || !(switchedOnBeforeTS == \old(pumpRunning))) && (((!(1 == systemActive) || ((2 <= waterLevel || tmp == 0) && pumpRunning == switchedOnBeforeTS)) || !(waterLevel <= 2)) || !(switchedOnBeforeTS == \old(pumpRunning))) [2022-11-23 14:28:35,039 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/witness.graphml [2022-11-23 14:28:35,039 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-23 14:28:35,040 INFO L158 Benchmark]: Toolchain (without parser) took 57450.66ms. Allocated memory was 163.6MB in the beginning and 572.5MB in the end (delta: 408.9MB). Free memory was 122.3MB in the beginning and 451.6MB in the end (delta: -329.2MB). Peak memory consumption was 82.0MB. Max. memory is 16.1GB. [2022-11-23 14:28:35,040 INFO L158 Benchmark]: CDTParser took 0.13ms. Allocated memory is still 117.4MB. Free memory is still 64.7MB. There was no memory consumed. Max. memory is 16.1GB. [2022-11-23 14:28:35,040 INFO L158 Benchmark]: CACSL2BoogieTranslator took 503.46ms. Allocated memory is still 163.6MB. Free memory was 122.3MB in the beginning and 103.0MB in the end (delta: 19.3MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. [2022-11-23 14:28:35,041 INFO L158 Benchmark]: Boogie Procedure Inliner took 78.37ms. Allocated memory is still 163.6MB. Free memory was 103.0MB in the beginning and 100.6MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-23 14:28:35,041 INFO L158 Benchmark]: Boogie Preprocessor took 50.20ms. Allocated memory is still 163.6MB. Free memory was 100.6MB in the beginning and 98.9MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-23 14:28:35,041 INFO L158 Benchmark]: RCFGBuilder took 702.02ms. Allocated memory is still 163.6MB. Free memory was 98.9MB in the beginning and 115.7MB in the end (delta: -16.9MB). Peak memory consumption was 16.2MB. Max. memory is 16.1GB. [2022-11-23 14:28:35,042 INFO L158 Benchmark]: TraceAbstraction took 55991.77ms. Allocated memory was 163.6MB in the beginning and 572.5MB in the end (delta: 408.9MB). Free memory was 114.9MB in the beginning and 457.9MB in the end (delta: -343.0MB). Peak memory consumption was 326.5MB. Max. memory is 16.1GB. [2022-11-23 14:28:35,042 INFO L158 Benchmark]: Witness Printer took 117.54ms. Allocated memory is still 572.5MB. Free memory was 457.9MB in the beginning and 451.6MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-23 14:28:35,044 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.13ms. Allocated memory is still 117.4MB. Free memory is still 64.7MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 503.46ms. Allocated memory is still 163.6MB. Free memory was 122.3MB in the beginning and 103.0MB in the end (delta: 19.3MB). Peak memory consumption was 18.9MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 78.37ms. Allocated memory is still 163.6MB. Free memory was 103.0MB in the beginning and 100.6MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 50.20ms. Allocated memory is still 163.6MB. Free memory was 100.6MB in the beginning and 98.9MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 702.02ms. Allocated memory is still 163.6MB. Free memory was 98.9MB in the beginning and 115.7MB in the end (delta: -16.9MB). Peak memory consumption was 16.2MB. Max. memory is 16.1GB. * TraceAbstraction took 55991.77ms. Allocated memory was 163.6MB in the beginning and 572.5MB in the end (delta: 408.9MB). Free memory was 114.9MB in the beginning and 457.9MB in the end (delta: -343.0MB). Peak memory consumption was 326.5MB. Max. memory is 16.1GB. * Witness Printer took 117.54ms. Allocated memory is still 572.5MB. Free memory was 457.9MB in the beginning and 451.6MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 840]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 66 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 55.9s, OverallIterations: 10, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 9.0s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 7.6s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2788 SdHoareTripleChecker+Valid, 3.7s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2764 mSDsluCounter, 2931 SdHoareTripleChecker+Invalid, 3.1s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2151 mSDsCounter, 1579 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 3819 IncrementalHoareTripleChecker+Invalid, 5398 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 1579 mSolverCounterUnsat, 780 mSDtfsCounter, 3819 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 916 GetRequests, 622 SyntacticMatches, 9 SemanticMatches, 285 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 9411 ImplicationChecksByTransitivity, 22.4s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=514occurred in iteration=6, InterpolantAutomatonStates: 171, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 10 MinimizatonAttempts, 176 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 38 LocationsWithAnnotation, 1545 PreInvPairs, 1819 NumberOfFragments, 2206 HoareAnnotationTreeSize, 1545 FomulaSimplifications, 6554 FormulaSimplificationTreeSizeReduction, 0.7s HoareSimplificationTime, 38 FomulaSimplificationsInter, 28403 FormulaSimplificationTreeSizeReductionInter, 6.8s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.4s SatisfiabilityAnalysisTime, 4.9s InterpolantComputationTime, 658 NumberOfCodeBlocks, 658 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 860 ConstructedInterpolants, 0 QuantifiedInterpolants, 3260 SizeOfPredicates, 30 NumberOfNonLiveVariables, 1078 ConjunctsInSsa, 69 ConjunctsInUnsatCore, 16 InterpolantComputations, 7 PerfectInterpolantSequences, 285/431 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 895]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 283]: Loop Invariant Derived loop invariant: (((!(1 == systemActive) || !(waterLevel <= 2)) || switchedOnBeforeTS == 0) || !(switchedOnBeforeTS == \old(pumpRunning))) && (((!(1 == systemActive) || ((2 <= waterLevel || tmp == 0) && pumpRunning == switchedOnBeforeTS)) || !(waterLevel <= 2)) || !(switchedOnBeforeTS == \old(pumpRunning))) - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 980]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 301]: Loop Invariant Derived loop invariant: ((((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) && (((((!(1 == systemActive) || ((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && 1 == systemActive) && pumpRunning == switchedOnBeforeTS) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && 1 == systemActive) && waterLevel == 1) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || (\old(waterLevel) == waterLevel && (pumpRunning == \old(pumpRunning) || pumpRunning == 1))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || ((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && 1 == systemActive) && pumpRunning == switchedOnBeforeTS) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && 1 == systemActive) && waterLevel == 1) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || \old(switchedOnBeforeTS) == 0)) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS)) || !(1 == systemActive)) || (((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && (\old(waterLevel) <= 0 || waterLevel + 1 <= \old(waterLevel)))) || \old(switchedOnBeforeTS) == 0)) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) - InvariantResult [Line: 905]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 164]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 859]: Loop Invariant Derived loop invariant: (((((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || pumpRunning == switchedOnBeforeTS) && ((!(\old(pumpRunning) == 0) || !(0 == systemActive)) || (pumpRunning == 0 && (\old(waterLevel) == waterLevel || waterLevel == 1)))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || pumpRunning == switchedOnBeforeTS) || !(2 <= \old(waterLevel)))) && (((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || ((pumpRunning == \old(pumpRunning) && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel))) && (((!(1 == systemActive) || ((pumpRunning == \old(pumpRunning) && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || pumpRunning == switchedOnBeforeTS) || \old(switchedOnBeforeTS) == 0)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2)) || ((pumpRunning == 0 && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel)) - InvariantResult [Line: 980]: Loop Invariant Derived loop invariant: ((pumpRunning == 0 && 1 == systemActive) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS - InvariantResult [Line: 305]: Loop Invariant Derived loop invariant: (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) && (((!(1 == systemActive) || ((pumpRunning == \old(pumpRunning) && (pumpRunning == 0 || (waterLevel <= 1 && 1 <= waterLevel))) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS)) || !(1 == systemActive)) || \old(switchedOnBeforeTS) == 0)) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) - InvariantResult [Line: 254]: Loop Invariant Derived loop invariant: (((((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(0 == systemActive)) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || waterLevel == 1) || !(0 == systemActive))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS))) && (((((!(1 == systemActive) || ((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && 1 == systemActive) && pumpRunning == switchedOnBeforeTS) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && 1 == systemActive) && waterLevel == 1) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || (\old(waterLevel) == waterLevel && (pumpRunning == \old(pumpRunning) || pumpRunning == 1))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || \old(waterLevel) == waterLevel) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) || !(2 <= \old(waterLevel)))) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || ((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && 1 == systemActive) && pumpRunning == switchedOnBeforeTS) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && 1 == systemActive) && waterLevel == 1) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || \old(switchedOnBeforeTS) == 0)) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS)) || !(1 == systemActive)) || (((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && (\old(waterLevel) <= 0 || waterLevel + 1 <= \old(waterLevel)))) || \old(switchedOnBeforeTS) == 0) - InvariantResult [Line: 458]: Loop Invariant Derived loop invariant: pumpRunning == 0 && splverifierCounter == 0 - InvariantResult [Line: 840]: Loop Invariant Derived loop invariant: ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) && ((!(1 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) <= 2))) && (!(\old(pumpRunning) == 0) || !(0 == systemActive)) - InvariantResult [Line: 864]: Loop Invariant Derived loop invariant: (((((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(0 == systemActive)) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(1 == systemActive)) || !(0 < \old(waterLevel))) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))) || !(\old(waterLevel) <= 2)) || \old(switchedOnBeforeTS) == 0)) && (((((((tmp == waterLevel && \old(waterLevel) == waterLevel) && (pumpRunning == \old(pumpRunning) || pumpRunning == 1)) || !(1 == systemActive)) || (((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && 1 == systemActive) && tmp == waterLevel) && waterLevel == 1)) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || waterLevel == 1) || !(0 == systemActive))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || !(1 == systemActive)) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && 1 == systemActive) && tmp == waterLevel) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel))) || (((pumpRunning == \old(pumpRunning) && tmp == waterLevel) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS)) || \old(switchedOnBeforeTS) == 0)) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || ((((pumpRunning == 0 && 1 == systemActive) && tmp == waterLevel) && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(\old(waterLevel) <= 2)) || ((1 < tmp && tmp == waterLevel) && \old(waterLevel) == waterLevel))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) <= 2)) || ((1 < tmp && tmp <= 2) && \old(waterLevel) == waterLevel)) || !(0 == systemActive)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 174]: Loop Invariant Derived loop invariant: ((((2 == waterLevel && 1 == systemActive) && splverifierCounter == 0) || (((waterLevel <= 1 && 1 == systemActive) && splverifierCounter == 0) && pumpRunning == switchedOnBeforeTS)) || ((pumpRunning == 0 && splverifierCounter == 0) && 0 == systemActive)) || (((pumpRunning == 0 && waterLevel <= 1) && 1 == systemActive) && splverifierCounter == 0) - InvariantResult [Line: 279]: Loop Invariant Derived loop invariant: ((!(1 == systemActive) || !(waterLevel <= 2)) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning)) - InvariantResult [Line: 173]: Loop Invariant Derived loop invariant: 0 RESULT: Ultimate proved your program to be correct! [2022-11-23 14:28:35,110 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a401f130-bdeb-4c71-9ba9-d5b7171cb212/bin/utaipan-Q6hlc19bkW/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE