./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product53.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 0e0057cc Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product53.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash e7a194b3d6e079d2329a0d70eaa59b34ff3d58300de8b046ef1cd7cff7f67b94 --- Real Ultimate output --- This is Ultimate 0.2.4-dev-0e0057c [2023-12-02 18:19:41,503 INFO L188 SettingsManager]: Resetting all preferences to default values... [2023-12-02 18:19:41,569 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/config/svcomp-Reach-32bit-Taipan_Default.epf [2023-12-02 18:19:41,575 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2023-12-02 18:19:41,575 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2023-12-02 18:19:41,601 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2023-12-02 18:19:41,602 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2023-12-02 18:19:41,602 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2023-12-02 18:19:41,603 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2023-12-02 18:19:41,603 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2023-12-02 18:19:41,604 INFO L153 SettingsManager]: * User list type=DISABLED [2023-12-02 18:19:41,604 INFO L151 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2023-12-02 18:19:41,605 INFO L153 SettingsManager]: * Explicit value domain=true [2023-12-02 18:19:41,605 INFO L153 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2023-12-02 18:19:41,606 INFO L153 SettingsManager]: * Octagon Domain=false [2023-12-02 18:19:41,606 INFO L153 SettingsManager]: * Abstract domain=CompoundDomain [2023-12-02 18:19:41,607 INFO L153 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2023-12-02 18:19:41,607 INFO L153 SettingsManager]: * Use the RCFG-of-the-future interface=true [2023-12-02 18:19:41,608 INFO L153 SettingsManager]: * Interval Domain=false [2023-12-02 18:19:41,608 INFO L151 SettingsManager]: Preferences of Sifa differ from their defaults: [2023-12-02 18:19:41,609 INFO L153 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2023-12-02 18:19:41,610 INFO L153 SettingsManager]: * Simplification Technique=POLY_PAC [2023-12-02 18:19:41,610 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2023-12-02 18:19:41,611 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2023-12-02 18:19:41,611 INFO L153 SettingsManager]: * sizeof long=4 [2023-12-02 18:19:41,612 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2023-12-02 18:19:41,612 INFO L153 SettingsManager]: * sizeof POINTER=4 [2023-12-02 18:19:41,613 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2023-12-02 18:19:41,613 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2023-12-02 18:19:41,613 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2023-12-02 18:19:41,614 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2023-12-02 18:19:41,614 INFO L153 SettingsManager]: * sizeof long double=12 [2023-12-02 18:19:41,614 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2023-12-02 18:19:41,615 INFO L153 SettingsManager]: * Use constant arrays=true [2023-12-02 18:19:41,615 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2023-12-02 18:19:41,615 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2023-12-02 18:19:41,615 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2023-12-02 18:19:41,616 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2023-12-02 18:19:41,616 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2023-12-02 18:19:41,616 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2023-12-02 18:19:41,616 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2023-12-02 18:19:41,617 INFO L153 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2023-12-02 18:19:41,617 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2023-12-02 18:19:41,617 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2023-12-02 18:19:41,617 INFO L153 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2023-12-02 18:19:41,617 INFO L153 SettingsManager]: * Trace refinement exception blacklist=NONE [2023-12-02 18:19:41,617 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2023-12-02 18:19:41,618 INFO L153 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> e7a194b3d6e079d2329a0d70eaa59b34ff3d58300de8b046ef1cd7cff7f67b94 [2023-12-02 18:19:41,833 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2023-12-02 18:19:41,852 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2023-12-02 18:19:41,855 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2023-12-02 18:19:41,856 INFO L270 PluginConnector]: Initializing CDTParser... [2023-12-02 18:19:41,856 INFO L274 PluginConnector]: CDTParser initialized [2023-12-02 18:19:41,857 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/../../sv-benchmarks/c/product-lines/minepump_spec5_product53.cil.c [2023-12-02 18:19:44,548 INFO L533 CDTParser]: Created temporary CDT project at NULL [2023-12-02 18:19:44,748 INFO L384 CDTParser]: Found 1 translation units. [2023-12-02 18:19:44,748 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/sv-benchmarks/c/product-lines/minepump_spec5_product53.cil.c [2023-12-02 18:19:44,764 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/data/c97d04342/7f403bb17dcf49adab437fe13af6b5f8/FLAG576d53b9e [2023-12-02 18:19:44,777 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/data/c97d04342/7f403bb17dcf49adab437fe13af6b5f8 [2023-12-02 18:19:44,778 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2023-12-02 18:19:44,779 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2023-12-02 18:19:44,780 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2023-12-02 18:19:44,781 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2023-12-02 18:19:44,785 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2023-12-02 18:19:44,785 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 02.12 06:19:44" (1/1) ... [2023-12-02 18:19:44,786 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@1881e0a4 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 06:19:44, skipping insertion in model container [2023-12-02 18:19:44,787 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 02.12 06:19:44" (1/1) ... [2023-12-02 18:19:44,835 INFO L177 MainTranslator]: Built tables and reachable declarations [2023-12-02 18:19:45,077 WARN L240 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/sv-benchmarks/c/product-lines/minepump_spec5_product53.cil.c[17915,17928] [2023-12-02 18:19:45,086 INFO L209 PostProcessor]: Analyzing one entry point: main [2023-12-02 18:19:45,097 INFO L202 MainTranslator]: Completed pre-run [2023-12-02 18:19:45,107 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] [2023-12-02 18:19:45,109 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [415] [2023-12-02 18:19:45,109 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [653] [2023-12-02 18:19:45,110 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [691] [2023-12-02 18:19:45,110 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [759] [2023-12-02 18:19:45,110 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [810] [2023-12-02 18:19:45,110 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [907] [2023-12-02 18:19:45,110 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [916] [2023-12-02 18:19:45,163 WARN L240 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/sv-benchmarks/c/product-lines/minepump_spec5_product53.cil.c[17915,17928] [2023-12-02 18:19:45,167 INFO L209 PostProcessor]: Analyzing one entry point: main [2023-12-02 18:19:45,187 INFO L206 MainTranslator]: Completed translation [2023-12-02 18:19:45,187 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 06:19:45 WrapperNode [2023-12-02 18:19:45,187 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2023-12-02 18:19:45,188 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2023-12-02 18:19:45,189 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2023-12-02 18:19:45,189 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2023-12-02 18:19:45,196 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 06:19:45" (1/1) ... [2023-12-02 18:19:45,209 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 06:19:45" (1/1) ... [2023-12-02 18:19:45,232 INFO L138 Inliner]: procedures = 58, calls = 105, calls flagged for inlining = 25, calls inlined = 22, statements flattened = 233 [2023-12-02 18:19:45,232 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2023-12-02 18:19:45,232 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2023-12-02 18:19:45,233 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2023-12-02 18:19:45,233 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2023-12-02 18:19:45,239 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 06:19:45" (1/1) ... [2023-12-02 18:19:45,239 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 06:19:45" (1/1) ... [2023-12-02 18:19:45,242 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 06:19:45" (1/1) ... [2023-12-02 18:19:45,243 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 06:19:45" (1/1) ... [2023-12-02 18:19:45,248 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 06:19:45" (1/1) ... [2023-12-02 18:19:45,253 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 06:19:45" (1/1) ... [2023-12-02 18:19:45,255 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 06:19:45" (1/1) ... [2023-12-02 18:19:45,257 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 06:19:45" (1/1) ... [2023-12-02 18:19:45,260 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2023-12-02 18:19:45,261 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2023-12-02 18:19:45,261 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2023-12-02 18:19:45,261 INFO L274 PluginConnector]: RCFGBuilder initialized [2023-12-02 18:19:45,262 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 06:19:45" (1/1) ... [2023-12-02 18:19:45,268 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2023-12-02 18:19:45,281 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/z3 [2023-12-02 18:19:45,293 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2023-12-02 18:19:45,295 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2023-12-02 18:19:45,326 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2023-12-02 18:19:45,326 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2023-12-02 18:19:45,326 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2023-12-02 18:19:45,327 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2023-12-02 18:19:45,327 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2023-12-02 18:19:45,327 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2023-12-02 18:19:45,327 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2023-12-02 18:19:45,327 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2023-12-02 18:19:45,327 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2023-12-02 18:19:45,328 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2023-12-02 18:19:45,328 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2023-12-02 18:19:45,328 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2023-12-02 18:19:45,328 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2023-12-02 18:19:45,328 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2023-12-02 18:19:45,328 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2023-12-02 18:19:45,329 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2023-12-02 18:19:45,329 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2023-12-02 18:19:45,329 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2023-12-02 18:19:45,329 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2023-12-02 18:19:45,329 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2023-12-02 18:19:45,329 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2023-12-02 18:19:45,330 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2023-12-02 18:19:45,409 INFO L241 CfgBuilder]: Building ICFG [2023-12-02 18:19:45,411 INFO L267 CfgBuilder]: Building CFG for each procedure with an implementation [2023-12-02 18:19:45,652 INFO L282 CfgBuilder]: Performing block encoding [2023-12-02 18:19:45,759 INFO L304 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2023-12-02 18:19:45,759 INFO L309 CfgBuilder]: Removed 2 assume(true) statements. [2023-12-02 18:19:45,761 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 02.12 06:19:45 BoogieIcfgContainer [2023-12-02 18:19:45,761 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2023-12-02 18:19:45,764 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2023-12-02 18:19:45,764 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2023-12-02 18:19:45,767 INFO L274 PluginConnector]: TraceAbstraction initialized [2023-12-02 18:19:45,767 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 02.12 06:19:44" (1/3) ... [2023-12-02 18:19:45,768 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@427c6480 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 02.12 06:19:45, skipping insertion in model container [2023-12-02 18:19:45,768 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 02.12 06:19:45" (2/3) ... [2023-12-02 18:19:45,769 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@427c6480 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 02.12 06:19:45, skipping insertion in model container [2023-12-02 18:19:45,769 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 02.12 06:19:45" (3/3) ... [2023-12-02 18:19:45,770 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product53.cil.c [2023-12-02 18:19:45,785 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2023-12-02 18:19:45,785 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2023-12-02 18:19:45,854 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2023-12-02 18:19:45,860 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@2c922ffd, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2023-12-02 18:19:45,860 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2023-12-02 18:19:45,864 INFO L276 IsEmpty]: Start isEmpty. Operand has 69 states, 42 states have (on average 1.4285714285714286) internal successors, (60), 52 states have internal predecessors, (60), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2023-12-02 18:19:45,882 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2023-12-02 18:19:45,883 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 18:19:45,883 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-12-02 18:19:45,884 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-12-02 18:19:45,888 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 18:19:45,888 INFO L85 PathProgramCache]: Analyzing trace with hash -838347893, now seen corresponding path program 1 times [2023-12-02 18:19:45,895 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 18:19:45,896 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1455225127] [2023-12-02 18:19:45,896 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 18:19:45,897 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 18:19:45,986 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-12-02 18:19:46,052 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2023-12-02 18:19:46,052 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 18:19:46,053 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1455225127] [2023-12-02 18:19:46,053 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1455225127] provided 1 perfect and 0 imperfect interpolant sequences [2023-12-02 18:19:46,054 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-12-02 18:19:46,054 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2023-12-02 18:19:46,056 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1848977027] [2023-12-02 18:19:46,057 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-12-02 18:19:46,061 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2023-12-02 18:19:46,062 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 18:19:46,090 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2023-12-02 18:19:46,090 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2023-12-02 18:19:46,092 INFO L87 Difference]: Start difference. First operand has 69 states, 42 states have (on average 1.4285714285714286) internal successors, (60), 52 states have internal predecessors, (60), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) Second operand has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2023-12-02 18:19:46,161 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 18:19:46,161 INFO L93 Difference]: Finished difference Result 136 states and 185 transitions. [2023-12-02 18:19:46,162 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2023-12-02 18:19:46,164 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 21 [2023-12-02 18:19:46,164 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 18:19:46,172 INFO L225 Difference]: With dead ends: 136 [2023-12-02 18:19:46,172 INFO L226 Difference]: Without dead ends: 64 [2023-12-02 18:19:46,176 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2023-12-02 18:19:46,180 INFO L413 NwaCegarLoop]: 71 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 71 SdHoareTripleChecker+Invalid, 19 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-12-02 18:19:46,181 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 71 Invalid, 19 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-12-02 18:19:46,195 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 64 states. [2023-12-02 18:19:46,213 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 64 to 64. [2023-12-02 18:19:46,215 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 64 states, 39 states have (on average 1.3333333333333333) internal successors, (52), 48 states have internal predecessors, (52), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 10 states have call predecessors, (15), 15 states have call successors, (15) [2023-12-02 18:19:46,217 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 64 states to 64 states and 83 transitions. [2023-12-02 18:19:46,219 INFO L78 Accepts]: Start accepts. Automaton has 64 states and 83 transitions. Word has length 21 [2023-12-02 18:19:46,219 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 18:19:46,219 INFO L495 AbstractCegarLoop]: Abstraction has 64 states and 83 transitions. [2023-12-02 18:19:46,219 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2023-12-02 18:19:46,220 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 83 transitions. [2023-12-02 18:19:46,222 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2023-12-02 18:19:46,223 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 18:19:46,223 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-12-02 18:19:46,223 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2023-12-02 18:19:46,223 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-12-02 18:19:46,224 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 18:19:46,224 INFO L85 PathProgramCache]: Analyzing trace with hash 346384128, now seen corresponding path program 1 times [2023-12-02 18:19:46,225 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 18:19:46,225 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [865633090] [2023-12-02 18:19:46,225 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 18:19:46,225 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 18:19:46,258 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-12-02 18:19:46,363 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2023-12-02 18:19:46,363 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 18:19:46,363 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [865633090] [2023-12-02 18:19:46,363 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [865633090] provided 1 perfect and 0 imperfect interpolant sequences [2023-12-02 18:19:46,364 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-12-02 18:19:46,364 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2023-12-02 18:19:46,364 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1927964268] [2023-12-02 18:19:46,364 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-12-02 18:19:46,365 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2023-12-02 18:19:46,366 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 18:19:46,367 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2023-12-02 18:19:46,367 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-12-02 18:19:46,367 INFO L87 Difference]: Start difference. First operand 64 states and 83 transitions. Second operand has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2023-12-02 18:19:46,415 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 18:19:46,415 INFO L93 Difference]: Finished difference Result 126 states and 167 transitions. [2023-12-02 18:19:46,416 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2023-12-02 18:19:46,416 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 24 [2023-12-02 18:19:46,416 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 18:19:46,418 INFO L225 Difference]: With dead ends: 126 [2023-12-02 18:19:46,418 INFO L226 Difference]: Without dead ends: 64 [2023-12-02 18:19:46,419 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-12-02 18:19:46,421 INFO L413 NwaCegarLoop]: 65 mSDtfsCounter, 70 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 70 SdHoareTripleChecker+Valid, 65 SdHoareTripleChecker+Invalid, 17 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-12-02 18:19:46,421 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [70 Valid, 65 Invalid, 17 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-12-02 18:19:46,423 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 64 states. [2023-12-02 18:19:46,434 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 64 to 64. [2023-12-02 18:19:46,434 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 64 states, 39 states have (on average 1.3076923076923077) internal successors, (51), 48 states have internal predecessors, (51), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 10 states have call predecessors, (15), 15 states have call successors, (15) [2023-12-02 18:19:46,436 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 64 states to 64 states and 82 transitions. [2023-12-02 18:19:46,437 INFO L78 Accepts]: Start accepts. Automaton has 64 states and 82 transitions. Word has length 24 [2023-12-02 18:19:46,438 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 18:19:46,438 INFO L495 AbstractCegarLoop]: Abstraction has 64 states and 82 transitions. [2023-12-02 18:19:46,438 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2023-12-02 18:19:46,438 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 82 transitions. [2023-12-02 18:19:46,440 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2023-12-02 18:19:46,440 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 18:19:46,441 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-12-02 18:19:46,441 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2023-12-02 18:19:46,441 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-12-02 18:19:46,442 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 18:19:46,442 INFO L85 PathProgramCache]: Analyzing trace with hash -880773982, now seen corresponding path program 1 times [2023-12-02 18:19:46,442 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 18:19:46,442 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1227074647] [2023-12-02 18:19:46,442 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 18:19:46,443 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 18:19:46,463 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-12-02 18:19:46,539 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2023-12-02 18:19:46,539 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 18:19:46,539 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1227074647] [2023-12-02 18:19:46,539 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1227074647] provided 1 perfect and 0 imperfect interpolant sequences [2023-12-02 18:19:46,540 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-12-02 18:19:46,540 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2023-12-02 18:19:46,540 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [746931317] [2023-12-02 18:19:46,540 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-12-02 18:19:46,541 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2023-12-02 18:19:46,541 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 18:19:46,542 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2023-12-02 18:19:46,542 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-12-02 18:19:46,542 INFO L87 Difference]: Start difference. First operand 64 states and 82 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2023-12-02 18:19:46,619 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 18:19:46,619 INFO L93 Difference]: Finished difference Result 175 states and 238 transitions. [2023-12-02 18:19:46,619 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2023-12-02 18:19:46,620 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 30 [2023-12-02 18:19:46,620 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 18:19:46,622 INFO L225 Difference]: With dead ends: 175 [2023-12-02 18:19:46,622 INFO L226 Difference]: Without dead ends: 113 [2023-12-02 18:19:46,624 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-12-02 18:19:46,625 INFO L413 NwaCegarLoop]: 85 mSDtfsCounter, 56 mSDsluCounter, 57 mSDsCounter, 0 mSdLazyCounter, 34 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 56 SdHoareTripleChecker+Valid, 142 SdHoareTripleChecker+Invalid, 40 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 34 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-12-02 18:19:46,626 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [56 Valid, 142 Invalid, 40 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 34 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-12-02 18:19:46,627 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 113 states. [2023-12-02 18:19:46,648 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 113 to 111. [2023-12-02 18:19:46,648 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 111 states, 71 states have (on average 1.2535211267605635) internal successors, (89), 79 states have internal predecessors, (89), 24 states have call successors, (24), 17 states have call predecessors, (24), 15 states have return successors, (32), 20 states have call predecessors, (32), 22 states have call successors, (32) [2023-12-02 18:19:46,650 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 111 states to 111 states and 145 transitions. [2023-12-02 18:19:46,651 INFO L78 Accepts]: Start accepts. Automaton has 111 states and 145 transitions. Word has length 30 [2023-12-02 18:19:46,651 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 18:19:46,651 INFO L495 AbstractCegarLoop]: Abstraction has 111 states and 145 transitions. [2023-12-02 18:19:46,652 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2023-12-02 18:19:46,652 INFO L276 IsEmpty]: Start isEmpty. Operand 111 states and 145 transitions. [2023-12-02 18:19:46,654 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2023-12-02 18:19:46,654 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 18:19:46,654 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-12-02 18:19:46,654 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2023-12-02 18:19:46,655 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-12-02 18:19:46,655 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 18:19:46,655 INFO L85 PathProgramCache]: Analyzing trace with hash 1425489699, now seen corresponding path program 1 times [2023-12-02 18:19:46,655 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 18:19:46,656 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [451778546] [2023-12-02 18:19:46,656 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 18:19:46,656 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 18:19:46,675 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-12-02 18:19:46,922 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2023-12-02 18:19:46,923 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 18:19:46,923 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [451778546] [2023-12-02 18:19:46,923 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [451778546] provided 1 perfect and 0 imperfect interpolant sequences [2023-12-02 18:19:46,923 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-12-02 18:19:46,923 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2023-12-02 18:19:46,924 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1726273230] [2023-12-02 18:19:46,924 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-12-02 18:19:46,924 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2023-12-02 18:19:46,924 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 18:19:46,925 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2023-12-02 18:19:46,925 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2023-12-02 18:19:46,925 INFO L87 Difference]: Start difference. First operand 111 states and 145 transitions. Second operand has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2023-12-02 18:19:47,128 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 18:19:47,128 INFO L93 Difference]: Finished difference Result 325 states and 428 transitions. [2023-12-02 18:19:47,128 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2023-12-02 18:19:47,129 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) Word has length 37 [2023-12-02 18:19:47,129 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 18:19:47,132 INFO L225 Difference]: With dead ends: 325 [2023-12-02 18:19:47,132 INFO L226 Difference]: Without dead ends: 216 [2023-12-02 18:19:47,133 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=16, Invalid=26, Unknown=0, NotChecked=0, Total=42 [2023-12-02 18:19:47,135 INFO L413 NwaCegarLoop]: 107 mSDtfsCounter, 127 mSDsluCounter, 158 mSDsCounter, 0 mSdLazyCounter, 151 mSolverCounterSat, 27 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 128 SdHoareTripleChecker+Valid, 265 SdHoareTripleChecker+Invalid, 178 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 27 IncrementalHoareTripleChecker+Valid, 151 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2023-12-02 18:19:47,135 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [128 Valid, 265 Invalid, 178 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [27 Valid, 151 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2023-12-02 18:19:47,136 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 216 states. [2023-12-02 18:19:47,166 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 216 to 208. [2023-12-02 18:19:47,167 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 208 states, 133 states have (on average 1.2330827067669172) internal successors, (164), 145 states have internal predecessors, (164), 45 states have call successors, (45), 32 states have call predecessors, (45), 29 states have return successors, (63), 38 states have call predecessors, (63), 41 states have call successors, (63) [2023-12-02 18:19:47,170 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 208 states to 208 states and 272 transitions. [2023-12-02 18:19:47,171 INFO L78 Accepts]: Start accepts. Automaton has 208 states and 272 transitions. Word has length 37 [2023-12-02 18:19:47,171 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 18:19:47,171 INFO L495 AbstractCegarLoop]: Abstraction has 208 states and 272 transitions. [2023-12-02 18:19:47,171 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2023-12-02 18:19:47,171 INFO L276 IsEmpty]: Start isEmpty. Operand 208 states and 272 transitions. [2023-12-02 18:19:47,173 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2023-12-02 18:19:47,173 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 18:19:47,173 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-12-02 18:19:47,174 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2023-12-02 18:19:47,174 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-12-02 18:19:47,174 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 18:19:47,174 INFO L85 PathProgramCache]: Analyzing trace with hash -753583663, now seen corresponding path program 1 times [2023-12-02 18:19:47,174 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 18:19:47,175 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [727875370] [2023-12-02 18:19:47,175 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 18:19:47,175 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 18:19:47,190 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-12-02 18:19:47,305 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2023-12-02 18:19:47,306 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 18:19:47,306 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [727875370] [2023-12-02 18:19:47,306 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [727875370] provided 1 perfect and 0 imperfect interpolant sequences [2023-12-02 18:19:47,306 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-12-02 18:19:47,306 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2023-12-02 18:19:47,306 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [696863169] [2023-12-02 18:19:47,307 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-12-02 18:19:47,307 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2023-12-02 18:19:47,307 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 18:19:47,308 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2023-12-02 18:19:47,308 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2023-12-02 18:19:47,308 INFO L87 Difference]: Start difference. First operand 208 states and 272 transitions. Second operand has 7 states, 6 states have (on average 4.833333333333333) internal successors, (29), 6 states have internal predecessors, (29), 2 states have call successors, (6), 3 states have call predecessors, (6), 3 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) [2023-12-02 18:19:47,662 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 18:19:47,663 INFO L93 Difference]: Finished difference Result 438 states and 592 transitions. [2023-12-02 18:19:47,665 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2023-12-02 18:19:47,666 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 6 states have (on average 4.833333333333333) internal successors, (29), 6 states have internal predecessors, (29), 2 states have call successors, (6), 3 states have call predecessors, (6), 3 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) Word has length 40 [2023-12-02 18:19:47,666 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 18:19:47,669 INFO L225 Difference]: With dead ends: 438 [2023-12-02 18:19:47,669 INFO L226 Difference]: Without dead ends: 224 [2023-12-02 18:19:47,670 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 20 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 25 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=53, Invalid=157, Unknown=0, NotChecked=0, Total=210 [2023-12-02 18:19:47,672 INFO L413 NwaCegarLoop]: 56 mSDtfsCounter, 94 mSDsluCounter, 225 mSDsCounter, 0 mSdLazyCounter, 254 mSolverCounterSat, 54 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 100 SdHoareTripleChecker+Valid, 281 SdHoareTripleChecker+Invalid, 308 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 54 IncrementalHoareTripleChecker+Valid, 254 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2023-12-02 18:19:47,672 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [100 Valid, 281 Invalid, 308 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [54 Valid, 254 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2023-12-02 18:19:47,673 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 224 states. [2023-12-02 18:19:47,703 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 224 to 208. [2023-12-02 18:19:47,704 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 208 states, 133 states have (on average 1.2030075187969924) internal successors, (160), 145 states have internal predecessors, (160), 43 states have call successors, (43), 31 states have call predecessors, (43), 31 states have return successors, (69), 39 states have call predecessors, (69), 40 states have call successors, (69) [2023-12-02 18:19:47,707 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 208 states to 208 states and 272 transitions. [2023-12-02 18:19:47,707 INFO L78 Accepts]: Start accepts. Automaton has 208 states and 272 transitions. Word has length 40 [2023-12-02 18:19:47,707 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 18:19:47,708 INFO L495 AbstractCegarLoop]: Abstraction has 208 states and 272 transitions. [2023-12-02 18:19:47,708 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 6 states have (on average 4.833333333333333) internal successors, (29), 6 states have internal predecessors, (29), 2 states have call successors, (6), 3 states have call predecessors, (6), 3 states have return successors, (5), 3 states have call predecessors, (5), 2 states have call successors, (5) [2023-12-02 18:19:47,708 INFO L276 IsEmpty]: Start isEmpty. Operand 208 states and 272 transitions. [2023-12-02 18:19:47,710 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2023-12-02 18:19:47,710 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 18:19:47,710 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-12-02 18:19:47,710 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2023-12-02 18:19:47,710 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-12-02 18:19:47,711 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 18:19:47,711 INFO L85 PathProgramCache]: Analyzing trace with hash -1452173596, now seen corresponding path program 1 times [2023-12-02 18:19:47,711 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 18:19:47,711 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1011455809] [2023-12-02 18:19:47,711 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 18:19:47,711 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 18:19:47,726 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-12-02 18:19:47,953 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2023-12-02 18:19:47,954 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 18:19:47,954 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1011455809] [2023-12-02 18:19:47,954 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1011455809] provided 1 perfect and 0 imperfect interpolant sequences [2023-12-02 18:19:47,954 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-12-02 18:19:47,954 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2023-12-02 18:19:47,954 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1483868405] [2023-12-02 18:19:47,954 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-12-02 18:19:47,955 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2023-12-02 18:19:47,955 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 18:19:47,956 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2023-12-02 18:19:47,956 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=39, Unknown=0, NotChecked=0, Total=56 [2023-12-02 18:19:47,956 INFO L87 Difference]: Start difference. First operand 208 states and 272 transitions. Second operand has 8 states, 7 states have (on average 4.0) internal successors, (28), 7 states have internal predecessors, (28), 5 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 4 states have call predecessors, (5), 5 states have call successors, (5) [2023-12-02 18:19:48,482 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 18:19:48,482 INFO L93 Difference]: Finished difference Result 532 states and 727 transitions. [2023-12-02 18:19:48,483 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2023-12-02 18:19:48,483 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 4.0) internal successors, (28), 7 states have internal predecessors, (28), 5 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 4 states have call predecessors, (5), 5 states have call successors, (5) Word has length 40 [2023-12-02 18:19:48,483 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 18:19:48,487 INFO L225 Difference]: With dead ends: 532 [2023-12-02 18:19:48,487 INFO L226 Difference]: Without dead ends: 379 [2023-12-02 18:19:48,488 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 29 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=67, Invalid=143, Unknown=0, NotChecked=0, Total=210 [2023-12-02 18:19:48,489 INFO L413 NwaCegarLoop]: 82 mSDtfsCounter, 190 mSDsluCounter, 249 mSDsCounter, 0 mSdLazyCounter, 439 mSolverCounterSat, 82 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 198 SdHoareTripleChecker+Valid, 331 SdHoareTripleChecker+Invalid, 521 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 82 IncrementalHoareTripleChecker+Valid, 439 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2023-12-02 18:19:48,490 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [198 Valid, 331 Invalid, 521 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [82 Valid, 439 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2023-12-02 18:19:48,491 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 379 states. [2023-12-02 18:19:48,534 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 379 to 308. [2023-12-02 18:19:48,535 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 308 states, 201 states have (on average 1.208955223880597) internal successors, (243), 218 states have internal predecessors, (243), 62 states have call successors, (62), 40 states have call predecessors, (62), 44 states have return successors, (100), 60 states have call predecessors, (100), 57 states have call successors, (100) [2023-12-02 18:19:48,539 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 308 states to 308 states and 405 transitions. [2023-12-02 18:19:48,539 INFO L78 Accepts]: Start accepts. Automaton has 308 states and 405 transitions. Word has length 40 [2023-12-02 18:19:48,539 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 18:19:48,539 INFO L495 AbstractCegarLoop]: Abstraction has 308 states and 405 transitions. [2023-12-02 18:19:48,540 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 4.0) internal successors, (28), 7 states have internal predecessors, (28), 5 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 4 states have call predecessors, (5), 5 states have call successors, (5) [2023-12-02 18:19:48,540 INFO L276 IsEmpty]: Start isEmpty. Operand 308 states and 405 transitions. [2023-12-02 18:19:48,542 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 69 [2023-12-02 18:19:48,542 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 18:19:48,542 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-12-02 18:19:48,542 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2023-12-02 18:19:48,543 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-12-02 18:19:48,543 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 18:19:48,543 INFO L85 PathProgramCache]: Analyzing trace with hash 1248183049, now seen corresponding path program 1 times [2023-12-02 18:19:48,543 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 18:19:48,543 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2101405137] [2023-12-02 18:19:48,544 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 18:19:48,544 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 18:19:48,560 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-12-02 18:19:48,602 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 9 proven. 0 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2023-12-02 18:19:48,603 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 18:19:48,603 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2101405137] [2023-12-02 18:19:48,603 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2101405137] provided 1 perfect and 0 imperfect interpolant sequences [2023-12-02 18:19:48,603 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-12-02 18:19:48,603 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2023-12-02 18:19:48,603 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1024047298] [2023-12-02 18:19:48,604 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-12-02 18:19:48,604 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2023-12-02 18:19:48,604 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 18:19:48,605 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2023-12-02 18:19:48,605 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-12-02 18:19:48,605 INFO L87 Difference]: Start difference. First operand 308 states and 405 transitions. Second operand has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 3 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 3 states have call predecessors, (8), 3 states have call successors, (8) [2023-12-02 18:19:48,654 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 18:19:48,654 INFO L93 Difference]: Finished difference Result 473 states and 603 transitions. [2023-12-02 18:19:48,655 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2023-12-02 18:19:48,655 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 3 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 3 states have call predecessors, (8), 3 states have call successors, (8) Word has length 68 [2023-12-02 18:19:48,655 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 18:19:48,657 INFO L225 Difference]: With dead ends: 473 [2023-12-02 18:19:48,657 INFO L226 Difference]: Without dead ends: 268 [2023-12-02 18:19:48,659 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2023-12-02 18:19:48,660 INFO L413 NwaCegarLoop]: 56 mSDtfsCounter, 2 mSDsluCounter, 47 mSDsCounter, 0 mSdLazyCounter, 27 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 103 SdHoareTripleChecker+Invalid, 27 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 27 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2023-12-02 18:19:48,660 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 103 Invalid, 27 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 27 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2023-12-02 18:19:48,661 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 268 states. [2023-12-02 18:19:48,691 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 268 to 268. [2023-12-02 18:19:48,692 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 268 states, 176 states have (on average 1.2102272727272727) internal successors, (213), 193 states have internal predecessors, (213), 47 states have call successors, (47), 35 states have call predecessors, (47), 44 states have return successors, (70), 50 states have call predecessors, (70), 47 states have call successors, (70) [2023-12-02 18:19:48,694 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 268 states to 268 states and 330 transitions. [2023-12-02 18:19:48,695 INFO L78 Accepts]: Start accepts. Automaton has 268 states and 330 transitions. Word has length 68 [2023-12-02 18:19:48,695 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 18:19:48,695 INFO L495 AbstractCegarLoop]: Abstraction has 268 states and 330 transitions. [2023-12-02 18:19:48,695 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 3 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 3 states have call predecessors, (8), 3 states have call successors, (8) [2023-12-02 18:19:48,696 INFO L276 IsEmpty]: Start isEmpty. Operand 268 states and 330 transitions. [2023-12-02 18:19:48,697 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 72 [2023-12-02 18:19:48,697 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 18:19:48,697 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-12-02 18:19:48,697 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2023-12-02 18:19:48,698 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-12-02 18:19:48,698 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 18:19:48,698 INFO L85 PathProgramCache]: Analyzing trace with hash 2106748628, now seen corresponding path program 1 times [2023-12-02 18:19:48,698 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 18:19:48,698 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [717953202] [2023-12-02 18:19:48,699 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 18:19:48,699 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 18:19:48,716 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-12-02 18:19:48,842 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 10 proven. 12 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2023-12-02 18:19:48,842 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 18:19:48,842 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [717953202] [2023-12-02 18:19:48,843 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [717953202] provided 0 perfect and 1 imperfect interpolant sequences [2023-12-02 18:19:48,843 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [620406534] [2023-12-02 18:19:48,843 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 18:19:48,843 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 18:19:48,843 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/z3 [2023-12-02 18:19:48,847 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-12-02 18:19:48,848 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2023-12-02 18:19:48,946 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-12-02 18:19:48,949 INFO L262 TraceCheckSpWp]: Trace formula consists of 299 conjuncts, 8 conjunts are in the unsatisfiable core [2023-12-02 18:19:48,956 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-12-02 18:19:49,099 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 22 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2023-12-02 18:19:49,099 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2023-12-02 18:19:49,280 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 13 proven. 8 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2023-12-02 18:19:49,280 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [620406534] provided 0 perfect and 2 imperfect interpolant sequences [2023-12-02 18:19:49,281 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [290502339] [2023-12-02 18:19:49,299 INFO L159 IcfgInterpreter]: Started Sifa with 43 locations of interest [2023-12-02 18:19:49,300 INFO L166 IcfgInterpreter]: Building call graph [2023-12-02 18:19:49,303 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2023-12-02 18:19:49,308 INFO L176 IcfgInterpreter]: Starting interpretation [2023-12-02 18:19:49,308 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2023-12-02 18:19:52,755 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 18 for LOIs [2023-12-02 18:19:52,761 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 10 for LOIs [2023-12-02 18:19:52,917 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__lowWaterSensor with input of size 33 for LOIs [2023-12-02 18:19:52,948 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 11 for LOIs [2023-12-02 18:19:52,975 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 1 for LOIs [2023-12-02 18:19:52,976 INFO L180 IcfgInterpreter]: Interpretation finished [2023-12-02 18:19:55,599 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '5320#(and (= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| |timeShift_getWaterLevel_#res#1|) (= ~waterLevel~0 |timeShift_getWaterLevel_#res#1|) (<= 0 (+ 2147483648 |old(~pumpRunning~0)|)) (= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 1) (<= 2 ~waterLevel~0) (<= |old(~pumpRunning~0)| 2147483647) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| 2)) (<= 2 |old(~waterLevel~0)|) (<= ~waterLevel~0 2147483647) (= ~switchedOnBeforeTS~0 0) (= ~pumpRunning~0 1))' at error location [2023-12-02 18:19:55,600 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2023-12-02 18:19:55,600 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2023-12-02 18:19:55,600 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 6, 6] total 14 [2023-12-02 18:19:55,600 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [212060480] [2023-12-02 18:19:55,600 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2023-12-02 18:19:55,601 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 14 states [2023-12-02 18:19:55,601 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 18:19:55,602 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 14 interpolants. [2023-12-02 18:19:55,603 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=204, Invalid=1776, Unknown=0, NotChecked=0, Total=1980 [2023-12-02 18:19:55,603 INFO L87 Difference]: Start difference. First operand 268 states and 330 transitions. Second operand has 14 states, 12 states have (on average 7.75) internal successors, (93), 13 states have internal predecessors, (93), 8 states have call successors, (21), 5 states have call predecessors, (21), 8 states have return successors, (21), 10 states have call predecessors, (21), 8 states have call successors, (21) [2023-12-02 18:19:56,301 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 18:19:56,301 INFO L93 Difference]: Finished difference Result 442 states and 547 transitions. [2023-12-02 18:19:56,301 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 19 states. [2023-12-02 18:19:56,302 INFO L78 Accepts]: Start accepts. Automaton has has 14 states, 12 states have (on average 7.75) internal successors, (93), 13 states have internal predecessors, (93), 8 states have call successors, (21), 5 states have call predecessors, (21), 8 states have return successors, (21), 10 states have call predecessors, (21), 8 states have call successors, (21) Word has length 71 [2023-12-02 18:19:56,302 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 18:19:56,304 INFO L225 Difference]: With dead ends: 442 [2023-12-02 18:19:56,304 INFO L226 Difference]: Without dead ends: 295 [2023-12-02 18:19:56,307 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 248 GetRequests, 184 SyntacticMatches, 4 SemanticMatches, 60 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1122 ImplicationChecksByTransitivity, 3.0s TimeCoverageRelationStatistics Valid=395, Invalid=3387, Unknown=0, NotChecked=0, Total=3782 [2023-12-02 18:19:56,308 INFO L413 NwaCegarLoop]: 99 mSDtfsCounter, 219 mSDsluCounter, 380 mSDsCounter, 0 mSdLazyCounter, 568 mSolverCounterSat, 141 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 219 SdHoareTripleChecker+Valid, 479 SdHoareTripleChecker+Invalid, 709 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 141 IncrementalHoareTripleChecker+Valid, 568 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2023-12-02 18:19:56,308 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [219 Valid, 479 Invalid, 709 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [141 Valid, 568 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2023-12-02 18:19:56,309 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 295 states. [2023-12-02 18:19:56,333 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 295 to 293. [2023-12-02 18:19:56,334 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 293 states, 188 states have (on average 1.1648936170212767) internal successors, (219), 208 states have internal predecessors, (219), 53 states have call successors, (53), 45 states have call predecessors, (53), 51 states have return successors, (66), 53 states have call predecessors, (66), 53 states have call successors, (66) [2023-12-02 18:19:56,336 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 293 states to 293 states and 338 transitions. [2023-12-02 18:19:56,336 INFO L78 Accepts]: Start accepts. Automaton has 293 states and 338 transitions. Word has length 71 [2023-12-02 18:19:56,337 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 18:19:56,337 INFO L495 AbstractCegarLoop]: Abstraction has 293 states and 338 transitions. [2023-12-02 18:19:56,337 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 14 states, 12 states have (on average 7.75) internal successors, (93), 13 states have internal predecessors, (93), 8 states have call successors, (21), 5 states have call predecessors, (21), 8 states have return successors, (21), 10 states have call predecessors, (21), 8 states have call successors, (21) [2023-12-02 18:19:56,337 INFO L276 IsEmpty]: Start isEmpty. Operand 293 states and 338 transitions. [2023-12-02 18:19:56,339 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 94 [2023-12-02 18:19:56,339 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 18:19:56,339 INFO L195 NwaCegarLoop]: trace histogram [4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-12-02 18:19:56,346 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2023-12-02 18:19:56,540 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 18:19:56,540 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-12-02 18:19:56,541 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 18:19:56,541 INFO L85 PathProgramCache]: Analyzing trace with hash -1746783647, now seen corresponding path program 1 times [2023-12-02 18:19:56,541 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 18:19:56,541 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2100401780] [2023-12-02 18:19:56,541 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 18:19:56,541 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 18:19:56,560 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-12-02 18:19:56,647 INFO L134 CoverageAnalysis]: Checked inductivity of 70 backedges. 36 proven. 0 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2023-12-02 18:19:56,648 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 18:19:56,648 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2100401780] [2023-12-02 18:19:56,648 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2100401780] provided 1 perfect and 0 imperfect interpolant sequences [2023-12-02 18:19:56,648 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2023-12-02 18:19:56,648 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2023-12-02 18:19:56,648 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1730941048] [2023-12-02 18:19:56,648 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2023-12-02 18:19:56,649 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2023-12-02 18:19:56,649 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 18:19:56,649 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2023-12-02 18:19:56,650 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2023-12-02 18:19:56,650 INFO L87 Difference]: Start difference. First operand 293 states and 338 transitions. Second operand has 5 states, 5 states have (on average 10.0) internal successors, (50), 5 states have internal predecessors, (50), 4 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (10), 4 states have call predecessors, (10), 4 states have call successors, (10) [2023-12-02 18:19:56,826 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 18:19:56,826 INFO L93 Difference]: Finished difference Result 716 states and 836 transitions. [2023-12-02 18:19:56,826 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2023-12-02 18:19:56,827 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 10.0) internal successors, (50), 5 states have internal predecessors, (50), 4 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (10), 4 states have call predecessors, (10), 4 states have call successors, (10) Word has length 93 [2023-12-02 18:19:56,827 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 18:19:56,830 INFO L225 Difference]: With dead ends: 716 [2023-12-02 18:19:56,830 INFO L226 Difference]: Without dead ends: 535 [2023-12-02 18:19:56,831 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2023-12-02 18:19:56,832 INFO L413 NwaCegarLoop]: 95 mSDtfsCounter, 105 mSDsluCounter, 104 mSDsCounter, 0 mSdLazyCounter, 173 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 105 SdHoareTripleChecker+Valid, 199 SdHoareTripleChecker+Invalid, 181 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 173 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2023-12-02 18:19:56,832 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [105 Valid, 199 Invalid, 181 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 173 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2023-12-02 18:19:56,833 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 535 states. [2023-12-02 18:19:56,879 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 535 to 524. [2023-12-02 18:19:56,881 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 524 states, 339 states have (on average 1.1504424778761062) internal successors, (390), 370 states have internal predecessors, (390), 92 states have call successors, (92), 82 states have call predecessors, (92), 92 states have return successors, (112), 95 states have call predecessors, (112), 92 states have call successors, (112) [2023-12-02 18:19:56,884 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 524 states to 524 states and 594 transitions. [2023-12-02 18:19:56,885 INFO L78 Accepts]: Start accepts. Automaton has 524 states and 594 transitions. Word has length 93 [2023-12-02 18:19:56,885 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 18:19:56,886 INFO L495 AbstractCegarLoop]: Abstraction has 524 states and 594 transitions. [2023-12-02 18:19:56,886 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 10.0) internal successors, (50), 5 states have internal predecessors, (50), 4 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (10), 4 states have call predecessors, (10), 4 states have call successors, (10) [2023-12-02 18:19:56,886 INFO L276 IsEmpty]: Start isEmpty. Operand 524 states and 594 transitions. [2023-12-02 18:19:56,888 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 97 [2023-12-02 18:19:56,888 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 18:19:56,888 INFO L195 NwaCegarLoop]: trace histogram [4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-12-02 18:19:56,889 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2023-12-02 18:19:56,889 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-12-02 18:19:56,889 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 18:19:56,889 INFO L85 PathProgramCache]: Analyzing trace with hash 1364117612, now seen corresponding path program 1 times [2023-12-02 18:19:56,889 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 18:19:56,890 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1235915358] [2023-12-02 18:19:56,890 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 18:19:56,890 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 18:19:56,910 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-12-02 18:19:57,150 INFO L134 CoverageAnalysis]: Checked inductivity of 70 backedges. 33 proven. 3 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2023-12-02 18:19:57,151 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 18:19:57,151 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1235915358] [2023-12-02 18:19:57,151 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1235915358] provided 0 perfect and 1 imperfect interpolant sequences [2023-12-02 18:19:57,151 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1813273786] [2023-12-02 18:19:57,151 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 18:19:57,151 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 18:19:57,151 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/z3 [2023-12-02 18:19:57,153 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-12-02 18:19:57,155 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2023-12-02 18:19:57,259 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-12-02 18:19:57,262 INFO L262 TraceCheckSpWp]: Trace formula consists of 367 conjuncts, 15 conjunts are in the unsatisfiable core [2023-12-02 18:19:57,267 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-12-02 18:19:57,499 INFO L134 CoverageAnalysis]: Checked inductivity of 70 backedges. 63 proven. 3 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2023-12-02 18:19:57,500 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2023-12-02 18:19:57,773 INFO L134 CoverageAnalysis]: Checked inductivity of 70 backedges. 45 proven. 3 refuted. 0 times theorem prover too weak. 22 trivial. 0 not checked. [2023-12-02 18:19:57,774 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1813273786] provided 0 perfect and 2 imperfect interpolant sequences [2023-12-02 18:19:57,774 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1917452255] [2023-12-02 18:19:57,777 INFO L159 IcfgInterpreter]: Started Sifa with 48 locations of interest [2023-12-02 18:19:57,777 INFO L166 IcfgInterpreter]: Building call graph [2023-12-02 18:19:57,778 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2023-12-02 18:19:57,778 INFO L176 IcfgInterpreter]: Starting interpretation [2023-12-02 18:19:57,778 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2023-12-02 18:20:00,293 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 18 for LOIs [2023-12-02 18:20:00,297 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 12 for LOIs [2023-12-02 18:20:00,397 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__lowWaterSensor with input of size 11 for LOIs [2023-12-02 18:20:00,414 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 11 for LOIs [2023-12-02 18:20:00,431 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 5 for LOIs [2023-12-02 18:20:00,432 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 17 for LOIs [2023-12-02 18:20:00,435 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 22 for LOIs [2023-12-02 18:20:00,437 INFO L180 IcfgInterpreter]: Interpretation finished [2023-12-02 18:20:02,777 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '8672#(and (= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| |timeShift_getWaterLevel_#res#1|) (= ~waterLevel~0 |timeShift_getWaterLevel_#res#1|) (<= 0 |old(~pumpRunning~0)|) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 1) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 0)) (<= |old(~pumpRunning~0)| 2147483647) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| 2)) (<= 0 (+ 2147483648 |timeShift_getWaterLevel_#res#1|)) (<= |timeShift_getWaterLevel_#res#1| 2147483647) (<= 0 ~pumpRunning~0) (= ~switchedOnBeforeTS~0 0) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1|))' at error location [2023-12-02 18:20:02,777 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2023-12-02 18:20:02,777 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2023-12-02 18:20:02,777 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 9, 9] total 20 [2023-12-02 18:20:02,777 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1797951340] [2023-12-02 18:20:02,777 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2023-12-02 18:20:02,778 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 20 states [2023-12-02 18:20:02,778 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 18:20:02,779 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 20 interpolants. [2023-12-02 18:20:02,780 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=328, Invalid=2978, Unknown=0, NotChecked=0, Total=3306 [2023-12-02 18:20:02,780 INFO L87 Difference]: Start difference. First operand 524 states and 594 transitions. Second operand has 20 states, 20 states have (on average 5.5) internal successors, (110), 20 states have internal predecessors, (110), 9 states have call successors, (24), 5 states have call predecessors, (24), 8 states have return successors, (25), 10 states have call predecessors, (25), 9 states have call successors, (25) [2023-12-02 18:20:04,167 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 18:20:04,167 INFO L93 Difference]: Finished difference Result 1551 states and 1913 transitions. [2023-12-02 18:20:04,167 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 34 states. [2023-12-02 18:20:04,168 INFO L78 Accepts]: Start accepts. Automaton has has 20 states, 20 states have (on average 5.5) internal successors, (110), 20 states have internal predecessors, (110), 9 states have call successors, (24), 5 states have call predecessors, (24), 8 states have return successors, (25), 10 states have call predecessors, (25), 9 states have call successors, (25) Word has length 96 [2023-12-02 18:20:04,168 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 18:20:04,173 INFO L225 Difference]: With dead ends: 1551 [2023-12-02 18:20:04,174 INFO L226 Difference]: Without dead ends: 1017 [2023-12-02 18:20:04,177 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 333 GetRequests, 248 SyntacticMatches, 0 SemanticMatches, 85 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2430 ImplicationChecksByTransitivity, 3.1s TimeCoverageRelationStatistics Valid=757, Invalid=6725, Unknown=0, NotChecked=0, Total=7482 [2023-12-02 18:20:04,178 INFO L413 NwaCegarLoop]: 58 mSDtfsCounter, 301 mSDsluCounter, 451 mSDsCounter, 0 mSdLazyCounter, 1357 mSolverCounterSat, 199 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 304 SdHoareTripleChecker+Valid, 509 SdHoareTripleChecker+Invalid, 1556 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 199 IncrementalHoareTripleChecker+Valid, 1357 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2023-12-02 18:20:04,178 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [304 Valid, 509 Invalid, 1556 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [199 Valid, 1357 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2023-12-02 18:20:04,180 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1017 states. [2023-12-02 18:20:04,279 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1017 to 652. [2023-12-02 18:20:04,281 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 652 states, 425 states have (on average 1.1247058823529412) internal successors, (478), 460 states have internal predecessors, (478), 107 states have call successors, (107), 101 states have call predecessors, (107), 119 states have return successors, (142), 119 states have call predecessors, (142), 107 states have call successors, (142) [2023-12-02 18:20:04,284 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 652 states to 652 states and 727 transitions. [2023-12-02 18:20:04,285 INFO L78 Accepts]: Start accepts. Automaton has 652 states and 727 transitions. Word has length 96 [2023-12-02 18:20:04,285 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 18:20:04,285 INFO L495 AbstractCegarLoop]: Abstraction has 652 states and 727 transitions. [2023-12-02 18:20:04,285 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 20 states, 20 states have (on average 5.5) internal successors, (110), 20 states have internal predecessors, (110), 9 states have call successors, (24), 5 states have call predecessors, (24), 8 states have return successors, (25), 10 states have call predecessors, (25), 9 states have call successors, (25) [2023-12-02 18:20:04,286 INFO L276 IsEmpty]: Start isEmpty. Operand 652 states and 727 transitions. [2023-12-02 18:20:04,288 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 102 [2023-12-02 18:20:04,288 INFO L187 NwaCegarLoop]: Found error trace [2023-12-02 18:20:04,288 INFO L195 NwaCegarLoop]: trace histogram [5, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-12-02 18:20:04,294 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2023-12-02 18:20:04,488 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 18:20:04,489 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2023-12-02 18:20:04,489 INFO L160 PredicateUnifier]: Initialized classic predicate unifier [2023-12-02 18:20:04,489 INFO L85 PathProgramCache]: Analyzing trace with hash 1451583464, now seen corresponding path program 1 times [2023-12-02 18:20:04,489 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2023-12-02 18:20:04,490 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [528616733] [2023-12-02 18:20:04,490 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 18:20:04,490 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2023-12-02 18:20:04,508 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-12-02 18:20:05,255 INFO L134 CoverageAnalysis]: Checked inductivity of 81 backedges. 10 proven. 43 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2023-12-02 18:20:05,255 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2023-12-02 18:20:05,255 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [528616733] [2023-12-02 18:20:05,256 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [528616733] provided 0 perfect and 1 imperfect interpolant sequences [2023-12-02 18:20:05,256 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1068646510] [2023-12-02 18:20:05,256 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2023-12-02 18:20:05,256 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2023-12-02 18:20:05,256 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/z3 [2023-12-02 18:20:05,257 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2023-12-02 18:20:05,259 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2023-12-02 18:20:05,359 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2023-12-02 18:20:05,361 INFO L262 TraceCheckSpWp]: Trace formula consists of 381 conjuncts, 26 conjunts are in the unsatisfiable core [2023-12-02 18:20:05,365 INFO L285 TraceCheckSpWp]: Computing forward predicates... [2023-12-02 18:20:05,745 INFO L134 CoverageAnalysis]: Checked inductivity of 81 backedges. 25 proven. 54 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2023-12-02 18:20:05,745 INFO L327 TraceCheckSpWp]: Computing backward predicates... [2023-12-02 18:20:06,274 INFO L134 CoverageAnalysis]: Checked inductivity of 81 backedges. 51 proven. 5 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2023-12-02 18:20:06,274 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1068646510] provided 0 perfect and 2 imperfect interpolant sequences [2023-12-02 18:20:06,274 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1687130890] [2023-12-02 18:20:06,277 INFO L159 IcfgInterpreter]: Started Sifa with 48 locations of interest [2023-12-02 18:20:06,277 INFO L166 IcfgInterpreter]: Building call graph [2023-12-02 18:20:06,277 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2023-12-02 18:20:06,277 INFO L176 IcfgInterpreter]: Starting interpretation [2023-12-02 18:20:06,277 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2023-12-02 18:20:08,854 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 3 for LOIs [2023-12-02 18:20:08,856 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 10 for LOIs [2023-12-02 18:20:08,972 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__lowWaterSensor with input of size 11 for LOIs [2023-12-02 18:20:08,986 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 11 for LOIs [2023-12-02 18:20:09,003 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 1 for LOIs [2023-12-02 18:20:09,004 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 15 for LOIs [2023-12-02 18:20:09,006 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 23 for LOIs [2023-12-02 18:20:09,008 INFO L180 IcfgInterpreter]: Interpretation finished [2023-12-02 18:20:11,172 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '12409#(and (= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| |timeShift_getWaterLevel_#res#1|) (<= 0 (+ |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| 2147483648)) (= ~waterLevel~0 |timeShift_getWaterLevel_#res#1|) (<= 0 (+ 2147483648 |old(~pumpRunning~0)|)) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 1) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 0)) (<= |old(~pumpRunning~0)| 2147483647) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| 2)) (<= |timeShift_getWaterLevel_#res#1| 2147483647) (<= 0 ~pumpRunning~0) (= ~switchedOnBeforeTS~0 0) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1|))' at error location [2023-12-02 18:20:11,172 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2023-12-02 18:20:11,172 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2023-12-02 18:20:11,172 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [19, 13, 11] total 35 [2023-12-02 18:20:11,173 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [4296638] [2023-12-02 18:20:11,173 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2023-12-02 18:20:11,173 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 35 states [2023-12-02 18:20:11,174 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2023-12-02 18:20:11,175 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 35 interpolants. [2023-12-02 18:20:11,176 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=405, Invalid=4151, Unknown=0, NotChecked=0, Total=4556 [2023-12-02 18:20:11,177 INFO L87 Difference]: Start difference. First operand 652 states and 727 transitions. Second operand has 35 states, 33 states have (on average 5.242424242424242) internal successors, (173), 34 states have internal predecessors, (173), 19 states have call successors, (39), 9 states have call predecessors, (39), 14 states have return successors, (38), 19 states have call predecessors, (38), 18 states have call successors, (38) [2023-12-02 18:20:13,454 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2023-12-02 18:20:13,454 INFO L93 Difference]: Finished difference Result 1579 states and 1819 transitions. [2023-12-02 18:20:13,455 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 44 states. [2023-12-02 18:20:13,455 INFO L78 Accepts]: Start accepts. Automaton has has 35 states, 33 states have (on average 5.242424242424242) internal successors, (173), 34 states have internal predecessors, (173), 19 states have call successors, (39), 9 states have call predecessors, (39), 14 states have return successors, (38), 19 states have call predecessors, (38), 18 states have call successors, (38) Word has length 101 [2023-12-02 18:20:13,455 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2023-12-02 18:20:13,456 INFO L225 Difference]: With dead ends: 1579 [2023-12-02 18:20:13,456 INFO L226 Difference]: Without dead ends: 0 [2023-12-02 18:20:13,464 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 384 GetRequests, 270 SyntacticMatches, 8 SemanticMatches, 106 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4373 ImplicationChecksByTransitivity, 3.5s TimeCoverageRelationStatistics Valid=1297, Invalid=10259, Unknown=0, NotChecked=0, Total=11556 [2023-12-02 18:20:13,465 INFO L413 NwaCegarLoop]: 101 mSDtfsCounter, 1241 mSDsluCounter, 598 mSDsCounter, 0 mSdLazyCounter, 1831 mSolverCounterSat, 985 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1242 SdHoareTripleChecker+Valid, 699 SdHoareTripleChecker+Invalid, 2816 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 985 IncrementalHoareTripleChecker+Valid, 1831 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.1s IncrementalHoareTripleChecker+Time [2023-12-02 18:20:13,465 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1242 Valid, 699 Invalid, 2816 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [985 Valid, 1831 Invalid, 0 Unknown, 0 Unchecked, 1.1s Time] [2023-12-02 18:20:13,466 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2023-12-02 18:20:13,466 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2023-12-02 18:20:13,466 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2023-12-02 18:20:13,466 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2023-12-02 18:20:13,467 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 101 [2023-12-02 18:20:13,467 INFO L84 Accepts]: Finished accepts. word is rejected. [2023-12-02 18:20:13,467 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2023-12-02 18:20:13,467 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 35 states, 33 states have (on average 5.242424242424242) internal successors, (173), 34 states have internal predecessors, (173), 19 states have call successors, (39), 9 states have call predecessors, (39), 14 states have return successors, (38), 19 states have call predecessors, (38), 18 states have call successors, (38) [2023-12-02 18:20:13,467 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2023-12-02 18:20:13,467 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2023-12-02 18:20:13,470 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2023-12-02 18:20:13,475 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2023-12-02 18:20:13,670 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2023-12-02 18:20:13,673 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2023-12-02 18:20:18,665 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 551 558) no Hoare annotation was computed. [2023-12-02 18:20:18,665 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 551 558) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (< ~switchedOnBeforeTS~0 1)) (.cse2 (not (= |old(~pumpRunning~0)| 1))) (.cse3 (= ~pumpRunning~0 1))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2 .cse3) (or .cse0 (< 0 ~waterLevel~0) .cse1 .cse2 .cse3))) [2023-12-02 18:20:18,665 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 458 464) no Hoare annotation was computed. [2023-12-02 18:20:18,665 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 458 464) the Hoare annotation is: true [2023-12-02 18:20:18,666 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 943 954) the Hoare annotation is: (let ((.cse2 (= ~methaneLevelCritical~0 0)) (.cse5 (= |old(~methaneLevelCritical~0)| 0))) (let ((.cse4 (not (= 2 ~waterLevel~0))) (.cse0 (not .cse5)) (.cse7 (not (= ~pumpRunning~0 1))) (.cse8 (< 2 ~waterLevel~0)) (.cse1 (not (= ~pumpRunning~0 0))) (.cse3 (not (= 1 ~systemActive~0))) (.cse6 (not .cse2))) (and (or .cse0 .cse1 .cse2 .cse3 (< 1 ~waterLevel~0)) (or .cse3 .cse4 .cse5 .cse6 .cse7) (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse8 .cse0 .cse2 .cse3 .cse7) (or .cse8 .cse1 .cse3 .cse5 .cse6)))) [2023-12-02 18:20:18,666 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 943 954) no Hoare annotation was computed. [2023-12-02 18:20:18,666 INFO L899 garLoopResultBuilder]: For program point L833(line 833) no Hoare annotation was computed. [2023-12-02 18:20:18,666 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 812 841) no Hoare annotation was computed. [2023-12-02 18:20:18,666 INFO L899 garLoopResultBuilder]: For program point L826(lines 826 830) no Hoare annotation was computed. [2023-12-02 18:20:18,666 INFO L895 garLoopResultBuilder]: At program point L826-1(lines 826 830) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= |old(~waterLevel~0)| 1)) (not (= 1 ~systemActive~0)) (and (= ~pumpRunning~0 0) (= ~waterLevel~0 1))) [2023-12-02 18:20:18,666 INFO L895 garLoopResultBuilder]: At program point L822-2(lines 822 836) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= |old(~waterLevel~0)| 1)) (not (= 1 ~systemActive~0)) (and (= ~pumpRunning~0 0) (= ~waterLevel~0 1))) [2023-12-02 18:20:18,666 INFO L895 garLoopResultBuilder]: At program point L818(line 818) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= |old(~waterLevel~0)| 1)) (not (= 1 ~systemActive~0)) (and (= ~pumpRunning~0 0) (= ~waterLevel~0 1))) [2023-12-02 18:20:18,666 INFO L899 garLoopResultBuilder]: For program point L818-1(line 818) no Hoare annotation was computed. [2023-12-02 18:20:18,666 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 812 841) the Hoare annotation is: (or (not (= |old(~pumpRunning~0)| 0)) (not (= |old(~waterLevel~0)| 1)) (not (= 1 ~systemActive~0)) (and (= ~pumpRunning~0 0) (= ~waterLevel~0 1))) [2023-12-02 18:20:18,667 INFO L899 garLoopResultBuilder]: For program point L837(lines 812 841) no Hoare annotation was computed. [2023-12-02 18:20:18,667 INFO L895 garLoopResultBuilder]: At program point L791(line 791) the Hoare annotation is: (let ((.cse10 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse9 (= ~pumpRunning~0 0)) (.cse2 (or (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) (<= 1 |old(~waterLevel~0)|)) (and (<= |old(~waterLevel~0)| 0) .cse10))) (.cse3 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| ~waterLevel~0)) (.cse4 (<= 1 ~switchedOnBeforeTS~0))) (let ((.cse5 (= ~pumpRunning~0 1)) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (and .cse9 .cse2 .cse3 .cse4)) (.cse6 (not (= |old(~pumpRunning~0)| 1))) (.cse11 (< 2 |old(~waterLevel~0)|))) (and (or (< 1 |old(~waterLevel~0)|) (< |old(~switchedOnBeforeTS~0)| 1) .cse0 .cse1 (and .cse2 .cse3 .cse4 .cse5) .cse6) (let ((.cse7 (= ~waterLevel~0 1)) (.cse8 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~9#1| 1))) (or .cse0 .cse6 (not (= |old(~waterLevel~0)| 2)) (and .cse7 .cse4 .cse8 .cse5) (and .cse9 .cse7 .cse4 .cse8))) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 (and .cse9 (<= ~waterLevel~0 1) .cse3 .cse10) .cse11) (or (= ~methaneLevelCritical~0 0) .cse0 .cse1 .cse6 .cse11))))) [2023-12-02 18:20:18,667 INFO L899 garLoopResultBuilder]: For program point L791-1(line 791) no Hoare annotation was computed. [2023-12-02 18:20:18,667 INFO L899 garLoopResultBuilder]: For program point L445-1(lines 445 451) no Hoare annotation was computed. [2023-12-02 18:20:18,667 INFO L895 garLoopResultBuilder]: At program point L532(line 532) the Hoare annotation is: (let ((.cse2 (< 2 |old(~waterLevel~0)|)) (.cse0 (not (= 1 ~systemActive~0))) (.cse3 (= |timeShift_processEnvironment_~tmp~5#1| 0)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse5 (= ~pumpRunning~0 1)) (.cse1 (not (= |old(~pumpRunning~0)| 1)))) (and (or (= ~methaneLevelCritical~0 0) .cse0 .cse1 .cse2) (or (< 1 |old(~waterLevel~0)|) (< |old(~switchedOnBeforeTS~0)| 1) .cse0 (and (or (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) (<= 1 |old(~waterLevel~0)|)) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse3 (<= ~waterLevel~0 0) .cse4 .cse5) .cse1) (or (not (= |old(~pumpRunning~0)| 0)) .cse0 .cse2) (or .cse0 (and .cse3 (= ~waterLevel~0 1) .cse4 .cse5) .cse1 (not (= |old(~waterLevel~0)| 2))))) [2023-12-02 18:20:18,667 INFO L895 garLoopResultBuilder]: At program point L528(line 528) the Hoare annotation is: (let ((.cse0 (= ~methaneLevelCritical~0 0))) (let ((.cse3 (= |timeShift_processEnvironment_~tmp~5#1| ~methaneLevelCritical~0)) (.cse4 (<= 1 ~switchedOnBeforeTS~0)) (.cse5 (= ~pumpRunning~0 1)) (.cse7 (< 2 |old(~waterLevel~0)|)) (.cse1 (not (= 1 ~systemActive~0))) (.cse8 (not .cse0)) (.cse2 (not (= |old(~pumpRunning~0)| 1))) (.cse6 (not (= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 (and .cse3 (= ~waterLevel~0 1) .cse4 .cse5) .cse6 .cse7) (or (< 1 |old(~waterLevel~0)|) .cse0 .cse1 .cse2 .cse7 (and (or (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) (<= 1 |old(~waterLevel~0)|)) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse3 (<= ~waterLevel~0 0) .cse4 .cse5)) (or (not (= |old(~pumpRunning~0)| 0)) .cse1 .cse7) (or (< |old(~switchedOnBeforeTS~0)| 1) .cse1 .cse8 .cse2 .cse7) (or .cse1 .cse8 .cse2 .cse6)))) [2023-12-02 18:20:18,668 INFO L899 garLoopResultBuilder]: For program point L912(line 912) no Hoare annotation was computed. [2023-12-02 18:20:18,668 INFO L895 garLoopResultBuilder]: At program point L776(line 776) the Hoare annotation is: (let ((.cse6 (= ~methaneLevelCritical~0 0))) (let ((.cse4 (not (= |old(~waterLevel~0)| 2))) (.cse10 (not (= |old(~pumpRunning~0)| 0))) (.cse7 (< 2 |old(~waterLevel~0)|)) (.cse0 (< |old(~switchedOnBeforeTS~0)| 1)) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not .cse6)) (.cse3 (not (= |old(~pumpRunning~0)| 1))) (.cse8 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse5 (<= 1 ~switchedOnBeforeTS~0)) (.cse9 (= ~pumpRunning~0 1))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse6 .cse1 .cse3 .cse7 (and .cse8 .cse9)) (or .cse10 .cse0 .cse1 .cse5 .cse7) (or .cse1 .cse3 .cse4 (and (= 2 ~waterLevel~0) .cse9)) (or .cse10 (and (= ~pumpRunning~0 0) .cse8) .cse1 .cse7) (or (< 1 |old(~waterLevel~0)|) .cse0 .cse1 .cse2 .cse3 (and .cse8 .cse5 .cse9))))) [2023-12-02 18:20:18,668 INFO L899 garLoopResultBuilder]: For program point L776-1(line 776) no Hoare annotation was computed. [2023-12-02 18:20:18,668 INFO L895 garLoopResultBuilder]: At program point L537(line 537) the Hoare annotation is: (let ((.cse1 (not (= |old(~pumpRunning~0)| 1))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (< 2 |old(~waterLevel~0)|))) (and (or (< |old(~switchedOnBeforeTS~0)| 1) .cse0 .cse1 .cse2) (or (= ~methaneLevelCritical~0 0) .cse0 .cse1 .cse2) (or .cse0 .cse1 (not (= |old(~waterLevel~0)| 2))) (or (not (= |old(~pumpRunning~0)| 0)) (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse0 .cse2))) [2023-12-02 18:20:18,668 INFO L899 garLoopResultBuilder]: For program point L793(lines 793 803) no Hoare annotation was computed. [2023-12-02 18:20:18,668 INFO L899 garLoopResultBuilder]: For program point L537-1(lines 518 542) no Hoare annotation was computed. [2023-12-02 18:20:18,668 INFO L899 garLoopResultBuilder]: For program point L789(lines 789 806) no Hoare annotation was computed. [2023-12-02 18:20:18,668 INFO L899 garLoopResultBuilder]: For program point L438-2(lines 434 456) no Hoare annotation was computed. [2023-12-02 18:20:18,668 INFO L899 garLoopResultBuilder]: For program point L789-1(lines 781 809) no Hoare annotation was computed. [2023-12-02 18:20:18,669 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 431 457) the Hoare annotation is: (let ((.cse6 (= ~methaneLevelCritical~0 0))) (let ((.cse4 (not (= |old(~waterLevel~0)| 2))) (.cse10 (not (= |old(~pumpRunning~0)| 0))) (.cse7 (< 2 |old(~waterLevel~0)|)) (.cse0 (< |old(~switchedOnBeforeTS~0)| 1)) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not .cse6)) (.cse3 (not (= |old(~pumpRunning~0)| 1))) (.cse8 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse5 (<= 1 ~switchedOnBeforeTS~0)) (.cse9 (= ~pumpRunning~0 1))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse6 .cse1 .cse3 .cse7 (and .cse8 .cse9)) (or .cse10 .cse0 .cse1 .cse5 .cse7) (or .cse1 .cse3 .cse4 (and (= 2 ~waterLevel~0) .cse9)) (or .cse10 (and (= ~pumpRunning~0 0) .cse8) .cse1 .cse7) (or (< 1 |old(~waterLevel~0)|) .cse0 .cse1 .cse2 .cse3 (and .cse8 .cse5 .cse9))))) [2023-12-02 18:20:18,669 INFO L899 garLoopResultBuilder]: For program point L794(lines 794 800) no Hoare annotation was computed. [2023-12-02 18:20:18,669 INFO L899 garLoopResultBuilder]: For program point L526(lines 526 534) no Hoare annotation was computed. [2023-12-02 18:20:18,669 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 431 457) no Hoare annotation was computed. [2023-12-02 18:20:18,669 INFO L899 garLoopResultBuilder]: For program point L522(lines 522 539) no Hoare annotation was computed. [2023-12-02 18:20:18,669 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 912) no Hoare annotation was computed. [2023-12-02 18:20:18,669 INFO L899 garLoopResultBuilder]: For program point L894(lines 894 901) no Hoare annotation was computed. [2023-12-02 18:20:18,669 INFO L899 garLoopResultBuilder]: For program point L894-2(lines 894 901) no Hoare annotation was computed. [2023-12-02 18:20:18,669 INFO L899 garLoopResultBuilder]: For program point L725(lines 725 731) no Hoare annotation was computed. [2023-12-02 18:20:18,669 INFO L899 garLoopResultBuilder]: For program point L725-1(lines 725 731) no Hoare annotation was computed. [2023-12-02 18:20:18,669 INFO L899 garLoopResultBuilder]: For program point L754(lines 695 758) no Hoare annotation was computed. [2023-12-02 18:20:18,670 INFO L895 garLoopResultBuilder]: At program point L717(line 717) the Hoare annotation is: (let ((.cse6 (= ~methaneLevelCritical~0 0))) (let ((.cse8 (<= 1 ~switchedOnBeforeTS~0)) (.cse7 (= ~pumpRunning~0 1)) (.cse5 (= 2 ~waterLevel~0)) (.cse3 (not .cse6)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse5 .cse6 .cse2 .cse4 .cse7) (and .cse5 .cse2 .cse3 .cse4 .cse7) (and .cse6 .cse2 .cse4 (= ~waterLevel~0 1) .cse8 .cse7) (and .cse6 .cse2 .cse4 (<= ~waterLevel~0 0) .cse8 .cse7) (and .cse0 .cse5 .cse6 .cse2 .cse4) (and .cse0 .cse5 .cse2 .cse3 .cse4) (and .cse0 .cse6 .cse1 .cse2 .cse4)))) [2023-12-02 18:20:18,670 INFO L895 garLoopResultBuilder]: At program point L751(lines 704 752) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2023-12-02 18:20:18,670 INFO L899 garLoopResultBuilder]: For program point L706(lines 705 750) no Hoare annotation was computed. [2023-12-02 18:20:18,670 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2023-12-02 18:20:18,670 INFO L895 garLoopResultBuilder]: At program point L727(line 727) the Hoare annotation is: (let ((.cse0 (= ~methaneLevelCritical~0 0))) (let ((.cse6 (= 2 ~waterLevel~0)) (.cse3 (= ~pumpRunning~0 1)) (.cse4 (= ~pumpRunning~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse7 (not .cse0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse5 (<= ~waterLevel~0 2))) (or (and .cse0 .cse1 .cse2 (= ~waterLevel~0 1) .cse3) (and .cse4 .cse0 .cse1 .cse2 .cse5) (and .cse6 .cse0 .cse1 .cse2 .cse3) (and .cse0 .cse1 .cse2 (<= ~waterLevel~0 0) .cse3) (and .cse6 .cse1 .cse7 .cse2 .cse3) (and .cse4 .cse1 .cse7 .cse2 .cse5)))) [2023-12-02 18:20:18,670 INFO L895 garLoopResultBuilder]: At program point L748(lines 705 750) the Hoare annotation is: (let ((.cse6 (= ~methaneLevelCritical~0 0))) (let ((.cse8 (<= 1 ~switchedOnBeforeTS~0)) (.cse7 (= ~pumpRunning~0 1)) (.cse5 (= 2 ~waterLevel~0)) (.cse3 (not .cse6)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (<= ~waterLevel~0 1)) (.cse2 (= 1 ~systemActive~0)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse5 .cse6 .cse2 .cse4 .cse7) (and .cse5 .cse2 .cse3 .cse4 .cse7) (and .cse6 .cse2 .cse4 (= ~waterLevel~0 1) .cse8 .cse7) (and .cse6 .cse2 .cse4 (<= ~waterLevel~0 0) .cse8 .cse7) (and .cse0 .cse5 .cse6 .cse2 .cse4) (and .cse0 .cse5 .cse2 .cse3 .cse4) (and .cse0 .cse6 .cse1 .cse2 .cse4)))) [2023-12-02 18:20:18,670 INFO L899 garLoopResultBuilder]: For program point L715(lines 715 721) no Hoare annotation was computed. [2023-12-02 18:20:18,670 INFO L899 garLoopResultBuilder]: For program point L715-1(lines 715 721) no Hoare annotation was computed. [2023-12-02 18:20:18,670 INFO L899 garLoopResultBuilder]: For program point $Ultimate##0(line -1) no Hoare annotation was computed. [2023-12-02 18:20:18,671 INFO L895 garLoopResultBuilder]: At program point L741-2(lines 735 746) the Hoare annotation is: (let ((.cse5 (= ~methaneLevelCritical~0 0))) (let ((.cse7 (= 2 ~waterLevel~0)) (.cse4 (= ~pumpRunning~0 0)) (.cse1 (not .cse5)) (.cse6 (<= ~waterLevel~0 2)) (.cse0 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse8 (<= 1 ~switchedOnBeforeTS~0)) (.cse3 (= ~pumpRunning~0 1))) (or (and (<= ~waterLevel~0 1) .cse0 .cse1 .cse2 .cse3) (and .cse4 .cse5 .cse0 .cse2 .cse6) (and .cse7 .cse5 .cse0 .cse2 .cse3) (and .cse7 .cse0 .cse1 .cse2 .cse3) (and .cse5 .cse0 .cse2 (= ~waterLevel~0 1) .cse8 .cse3) (and .cse4 .cse0 .cse1 .cse2 .cse6) (and .cse5 .cse0 .cse2 (<= ~waterLevel~0 0) .cse8 .cse3)))) [2023-12-02 18:20:18,671 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 466 490) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (< ~switchedOnBeforeTS~0 1)) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse3 (not (= |old(~pumpRunning~0)| 1))) (.cse4 (= ~pumpRunning~0 1))) (and (or (< 2 ~waterLevel~0) (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) .cse0) (or .cse0 (< 0 ~waterLevel~0) .cse1 .cse2 .cse3 .cse4) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2 .cse3 .cse4))) [2023-12-02 18:20:18,671 INFO L895 garLoopResultBuilder]: At program point L480(line 480) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (< ~switchedOnBeforeTS~0 1)) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse3 (not (= |old(~pumpRunning~0)| 1)))) (and (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2 .cse3) (or (< 2 ~waterLevel~0) (not (= |old(~pumpRunning~0)| 0)) .cse0 (and (= ~pumpRunning~0 0) (or (= 2 ~waterLevel~0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~3#1| 0)))) (or .cse0 (< 0 ~waterLevel~0) .cse1 .cse2 .cse3))) [2023-12-02 18:20:18,671 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 466 490) no Hoare annotation was computed. [2023-12-02 18:20:18,671 INFO L899 garLoopResultBuilder]: For program point L474(lines 474 482) no Hoare annotation was computed. [2023-12-02 18:20:18,671 INFO L899 garLoopResultBuilder]: For program point L470(lines 470 487) no Hoare annotation was computed. [2023-12-02 18:20:18,671 INFO L895 garLoopResultBuilder]: At program point L485(line 485) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (< ~switchedOnBeforeTS~0 1)) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse3 (not (= |old(~pumpRunning~0)| 1))) (.cse4 (= ~pumpRunning~0 1))) (and (or (< 2 ~waterLevel~0) (not (= |old(~pumpRunning~0)| 0)) .cse0) (or .cse0 (< 0 ~waterLevel~0) .cse1 .cse2 .cse3 .cse4) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2 .cse3 .cse4))) [2023-12-02 18:20:18,671 INFO L899 garLoopResultBuilder]: For program point L485-1(lines 466 490) no Hoare annotation was computed. [2023-12-02 18:20:18,671 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 931 942) no Hoare annotation was computed. [2023-12-02 18:20:18,671 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 931 942) the Hoare annotation is: (let ((.cse0 (not (= ~pumpRunning~0 0))) (.cse7 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (< ~switchedOnBeforeTS~0 1)) (.cse5 (not (= ~methaneLevelCritical~0 0))) (.cse1 (= 2 ~waterLevel~0)) (.cse2 (not (= 1 ~systemActive~0))) (.cse6 (not (= ~pumpRunning~0 1))) (.cse3 (not (= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse2 (< 0 |old(~waterLevel~0)|) .cse4 .cse5 .cse6 .cse7) (or (< 1 |old(~waterLevel~0)|) .cse0 .cse2 .cse7) (or (not (= |old(~waterLevel~0)| 1)) .cse2 .cse4 .cse5 .cse6 (= ~waterLevel~0 1)) (or .cse1 .cse2 .cse6 .cse3))) [2023-12-02 18:20:18,672 INFO L895 garLoopResultBuilder]: At program point L506(line 506) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (< ~switchedOnBeforeTS~0 1)) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse3 (not (= |old(~pumpRunning~0)| 1))) (.cse4 (= ~pumpRunning~0 1))) (and (or (< 2 ~waterLevel~0) (not (= |old(~pumpRunning~0)| 0)) .cse0) (or .cse0 (< 0 ~waterLevel~0) .cse1 .cse2 .cse3 .cse4) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2 .cse3 .cse4))) [2023-12-02 18:20:18,672 INFO L895 garLoopResultBuilder]: At program point L502(line 502) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (< ~switchedOnBeforeTS~0 1)) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse3 (not (= |old(~pumpRunning~0)| 1))) (.cse4 (= ~pumpRunning~0 1))) (and (or (< 2 ~waterLevel~0) (not (= |old(~pumpRunning~0)| 0)) .cse0) (or .cse0 (< 0 ~waterLevel~0) .cse1 .cse2 .cse3 .cse4) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2 .cse3 .cse4))) [2023-12-02 18:20:18,672 INFO L899 garLoopResultBuilder]: For program point L500(lines 500 508) no Hoare annotation was computed. [2023-12-02 18:20:18,672 INFO L899 garLoopResultBuilder]: For program point L496(lines 496 513) no Hoare annotation was computed. [2023-12-02 18:20:18,672 INFO L895 garLoopResultBuilder]: At program point $Ultimate##0(lines 492 516) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (< ~switchedOnBeforeTS~0 1)) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse3 (not (= |old(~pumpRunning~0)| 1))) (.cse4 (= ~pumpRunning~0 1))) (and (or (< 2 ~waterLevel~0) (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) .cse0) (or .cse0 (< 0 ~waterLevel~0) .cse1 .cse2 .cse3 .cse4) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2 .cse3 .cse4))) [2023-12-02 18:20:18,672 INFO L895 garLoopResultBuilder]: At program point L511(line 511) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (< ~switchedOnBeforeTS~0 1)) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse3 (not (= |old(~pumpRunning~0)| 1)))) (and (or (< 2 ~waterLevel~0) (not (= |old(~pumpRunning~0)| 0)) (= ~pumpRunning~0 0) .cse0) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2 .cse3) (or .cse0 (< 0 ~waterLevel~0) .cse1 .cse2 .cse3))) [2023-12-02 18:20:18,672 INFO L899 garLoopResultBuilder]: For program point L511-1(lines 492 516) no Hoare annotation was computed. [2023-12-02 18:20:18,672 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__lowWaterSensorEXIT(lines 492 516) no Hoare annotation was computed. [2023-12-02 18:20:18,672 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 570 578) no Hoare annotation was computed. [2023-12-02 18:20:18,673 INFO L902 garLoopResultBuilder]: At program point $Ultimate##0(lines 570 578) the Hoare annotation is: true [2023-12-02 18:20:18,675 INFO L445 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2023-12-02 18:20:18,676 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2023-12-02 18:20:18,686 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 02.12 06:20:18 BoogieIcfgContainer [2023-12-02 18:20:18,686 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2023-12-02 18:20:18,687 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2023-12-02 18:20:18,687 INFO L270 PluginConnector]: Initializing Witness Printer... [2023-12-02 18:20:18,687 INFO L274 PluginConnector]: Witness Printer initialized [2023-12-02 18:20:18,687 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 02.12 06:19:45" (3/4) ... [2023-12-02 18:20:18,689 INFO L137 WitnessPrinter]: Generating witness for correct program [2023-12-02 18:20:18,691 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2023-12-02 18:20:18,691 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2023-12-02 18:20:18,691 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2023-12-02 18:20:18,691 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2023-12-02 18:20:18,691 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2023-12-02 18:20:18,692 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2023-12-02 18:20:18,692 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2023-12-02 18:20:18,692 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__lowWaterSensor [2023-12-02 18:20:18,692 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2023-12-02 18:20:18,699 INFO L943 BoogieBacktranslator]: Reduced CFG by removing 50 nodes and edges [2023-12-02 18:20:18,699 INFO L943 BoogieBacktranslator]: Reduced CFG by removing 12 nodes and edges [2023-12-02 18:20:18,700 INFO L943 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2023-12-02 18:20:18,701 INFO L943 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2023-12-02 18:20:18,702 INFO L943 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2023-12-02 18:20:18,731 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || ((pumpRunning == 0) && (waterLevel == 1))) [2023-12-02 18:20:18,770 WARN L141 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || ((pumpRunning == 0) && (waterLevel == 1))) [2023-12-02 18:20:18,820 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/witness.graphml [2023-12-02 18:20:18,821 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/witness.yml [2023-12-02 18:20:18,821 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2023-12-02 18:20:18,822 INFO L158 Benchmark]: Toolchain (without parser) took 34042.11ms. Allocated memory was 167.8MB in the beginning and 778.0MB in the end (delta: 610.3MB). Free memory was 126.1MB in the beginning and 373.3MB in the end (delta: -247.2MB). Peak memory consumption was 365.0MB. Max. memory is 16.1GB. [2023-12-02 18:20:18,822 INFO L158 Benchmark]: CDTParser took 0.15ms. Allocated memory is still 167.8MB. Free memory is still 138.2MB. There was no memory consumed. Max. memory is 16.1GB. [2023-12-02 18:20:18,822 INFO L158 Benchmark]: CACSL2BoogieTranslator took 407.24ms. Allocated memory is still 167.8MB. Free memory was 126.1MB in the beginning and 106.1MB in the end (delta: 20.0MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2023-12-02 18:20:18,823 INFO L158 Benchmark]: Boogie Procedure Inliner took 43.57ms. Allocated memory is still 167.8MB. Free memory was 106.1MB in the beginning and 104.0MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2023-12-02 18:20:18,823 INFO L158 Benchmark]: Boogie Preprocessor took 27.47ms. Allocated memory is still 167.8MB. Free memory was 104.0MB in the beginning and 102.4MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2023-12-02 18:20:18,823 INFO L158 Benchmark]: RCFGBuilder took 500.75ms. Allocated memory is still 167.8MB. Free memory was 102.4MB in the beginning and 73.1MB in the end (delta: 29.4MB). Peak memory consumption was 29.4MB. Max. memory is 16.1GB. [2023-12-02 18:20:18,824 INFO L158 Benchmark]: TraceAbstraction took 32922.32ms. Allocated memory was 167.8MB in the beginning and 778.0MB in the end (delta: 610.3MB). Free memory was 72.6MB in the beginning and 380.7MB in the end (delta: -308.1MB). Peak memory consumption was 407.2MB. Max. memory is 16.1GB. [2023-12-02 18:20:18,824 INFO L158 Benchmark]: Witness Printer took 134.40ms. Allocated memory is still 778.0MB. Free memory was 380.7MB in the beginning and 373.3MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2023-12-02 18:20:18,826 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.15ms. Allocated memory is still 167.8MB. Free memory is still 138.2MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 407.24ms. Allocated memory is still 167.8MB. Free memory was 126.1MB in the beginning and 106.1MB in the end (delta: 20.0MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 43.57ms. Allocated memory is still 167.8MB. Free memory was 106.1MB in the beginning and 104.0MB in the end (delta: 2.1MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 27.47ms. Allocated memory is still 167.8MB. Free memory was 104.0MB in the beginning and 102.4MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 500.75ms. Allocated memory is still 167.8MB. Free memory was 102.4MB in the beginning and 73.1MB in the end (delta: 29.4MB). Peak memory consumption was 29.4MB. Max. memory is 16.1GB. * TraceAbstraction took 32922.32ms. Allocated memory was 167.8MB in the beginning and 778.0MB in the end (delta: 610.3MB). Free memory was 72.6MB in the beginning and 380.7MB in the end (delta: -308.1MB). Peak memory consumption was 407.2MB. Max. memory is 16.1GB. * Witness Printer took 134.40ms. Allocated memory is still 778.0MB. Free memory was 380.7MB in the beginning and 373.3MB in the end (delta: 7.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] - GenericResultAtLocation [Line: 415]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [415] - GenericResultAtLocation [Line: 653]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [653] - GenericResultAtLocation [Line: 691]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [691] - GenericResultAtLocation [Line: 759]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [759] - GenericResultAtLocation [Line: 810]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [810] - GenericResultAtLocation [Line: 907]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [907] - GenericResultAtLocation [Line: 916]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [916] * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 912]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 69 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 32.9s, OverallIterations: 11, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 6.0s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 5.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2425 SdHoareTripleChecker+Valid, 3.2s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2405 mSDsluCounter, 3144 SdHoareTripleChecker+Invalid, 2.6s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2269 mSDsCounter, 1503 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 4869 IncrementalHoareTripleChecker+Invalid, 6372 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 1503 mSolverCounterUnsat, 875 mSDtfsCounter, 4869 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 1031 GetRequests, 729 SyntacticMatches, 12 SemanticMatches, 290 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7982 ImplicationChecksByTransitivity, 9.9s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=652occurred in iteration=10, InterpolantAutomatonStates: 148, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 11 MinimizatonAttempts, 475 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 27 LocationsWithAnnotation, 1556 PreInvPairs, 1689 NumberOfFragments, 1955 HoareAnnotationTreeSize, 1556 FomulaSimplifications, 17814 FormulaSimplificationTreeSizeReduction, 0.6s HoareSimplificationTime, 27 FomulaSimplificationsInter, 21399 FormulaSimplificationTreeSizeReductionInter, 4.3s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.3s SatisfiabilityAnalysisTime, 3.8s InterpolantComputationTime, 889 NumberOfCodeBlocks, 889 NumberOfCodeBlocksAsserted, 14 NumberOfCheckSat, 1140 ConstructedInterpolants, 0 QuantifiedInterpolants, 3271 SizeOfPredicates, 20 NumberOfNonLiveVariables, 1047 ConjunctsInSsa, 49 ConjunctsInUnsatCore, 17 InterpolantComputations, 8 PerfectInterpolantSequences, 515/655 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 705]: Loop Invariant Derived loop invariant: ((((((((((((pumpRunning == 0) && (waterLevel <= 1)) && (1 == systemActive)) && !((methaneLevelCritical == 0))) && (splverifierCounter == 0)) || (((((2 == waterLevel) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (splverifierCounter == 0)) && (pumpRunning == 1))) || (((((2 == waterLevel) && (1 == systemActive)) && !((methaneLevelCritical == 0))) && (splverifierCounter == 0)) && (pumpRunning == 1))) || ((((((methaneLevelCritical == 0) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel == 1)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1))) || ((((((methaneLevelCritical == 0) && (1 == systemActive)) && (splverifierCounter == 0)) && (waterLevel <= 0)) && (1 <= switchedOnBeforeTS)) && (pumpRunning == 1))) || (((((pumpRunning == 0) && (2 == waterLevel)) && (methaneLevelCritical == 0)) && (1 == systemActive)) && (splverifierCounter == 0))) || (((((pumpRunning == 0) && (2 == waterLevel)) && (1 == systemActive)) && !((methaneLevelCritical == 0))) && (splverifierCounter == 0))) || (((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (1 == systemActive)) && (splverifierCounter == 0))) - InvariantResult [Line: 704]: Loop Invariant Derived loop invariant: (((pumpRunning == 0) && (1 == systemActive)) && (waterLevel == 1)) - InvariantResult [Line: 822]: Loop Invariant Derived loop invariant: (((!((\old(pumpRunning) == 0)) || !((\old(waterLevel) == 1))) || !((1 == systemActive))) || ((pumpRunning == 0) && (waterLevel == 1))) RESULT: Ultimate proved your program to be correct! [2023-12-02 18:20:18,845 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e311b274-882e-4b32-9845-bf62bb7ac867/bin/utaipan-verify-nQ1chXbOIh/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE