./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product43.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version a0165632 Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product43.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash e5a4c274bc0fec0eeea8ea2f72c4bc5bbc7aef2fd24f2cf907e22c2c7f3759d4 --- Real Ultimate output --- This is Ultimate 0.2.5-dev-a016563 [2024-11-09 06:45:26,368 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-09 06:45:26,495 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje/config/svcomp-Reach-32bit-Taipan_Default.epf [2024-11-09 06:45:26,503 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-09 06:45:26,505 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-09 06:45:26,548 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-09 06:45:26,551 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-09 06:45:26,552 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-09 06:45:26,553 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-09 06:45:26,555 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-09 06:45:26,555 INFO L153 SettingsManager]: * User list type=DISABLED [2024-11-09 06:45:26,557 INFO L151 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2024-11-09 06:45:26,557 INFO L153 SettingsManager]: * Explicit value domain=true [2024-11-09 06:45:26,558 INFO L153 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2024-11-09 06:45:26,560 INFO L153 SettingsManager]: * Octagon Domain=false [2024-11-09 06:45:26,561 INFO L153 SettingsManager]: * Abstract domain=CompoundDomain [2024-11-09 06:45:26,563 INFO L153 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2024-11-09 06:45:26,564 INFO L153 SettingsManager]: * Use the RCFG-of-the-future interface=true [2024-11-09 06:45:26,564 INFO L153 SettingsManager]: * Interval Domain=false [2024-11-09 06:45:26,565 INFO L151 SettingsManager]: Preferences of Sifa differ from their defaults: [2024-11-09 06:45:26,565 INFO L153 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2024-11-09 06:45:26,568 INFO L153 SettingsManager]: * Simplification Technique=POLY_PAC [2024-11-09 06:45:26,568 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-09 06:45:26,569 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-09 06:45:26,569 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-09 06:45:26,570 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-09 06:45:26,570 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-09 06:45:26,570 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-09 06:45:26,575 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-09 06:45:26,575 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-09 06:45:26,576 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-09 06:45:26,576 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-09 06:45:26,576 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-09 06:45:26,577 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-09 06:45:26,577 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-09 06:45:26,578 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-09 06:45:26,578 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-09 06:45:26,578 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-09 06:45:26,580 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2024-11-09 06:45:26,581 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-09 06:45:26,581 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-09 06:45:26,581 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-09 06:45:26,582 INFO L153 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2024-11-09 06:45:26,582 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-09 06:45:26,583 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-09 06:45:26,583 INFO L153 SettingsManager]: * Trace refinement exception blacklist=NONE [2024-11-09 06:45:26,583 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-09 06:45:26,583 INFO L153 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> e5a4c274bc0fec0eeea8ea2f72c4bc5bbc7aef2fd24f2cf907e22c2c7f3759d4 [2024-11-09 06:45:26,910 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-09 06:45:26,939 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-09 06:45:26,943 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-09 06:45:26,944 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-09 06:45:26,945 INFO L274 PluginConnector]: CDTParser initialized [2024-11-09 06:45:26,947 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje/../../sv-benchmarks/c/product-lines/minepump_spec5_product43.cil.c Unable to find full path for "g++" [2024-11-09 06:45:29,370 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-09 06:45:29,689 INFO L384 CDTParser]: Found 1 translation units. [2024-11-09 06:45:29,690 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/sv-benchmarks/c/product-lines/minepump_spec5_product43.cil.c [2024-11-09 06:45:29,708 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje/data/1538a6b33/edd8275fcaf34b4283d5f7cc99491770/FLAGdf3accc35 [2024-11-09 06:45:29,977 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje/data/1538a6b33/edd8275fcaf34b4283d5f7cc99491770 [2024-11-09 06:45:29,981 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-09 06:45:29,983 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-09 06:45:29,985 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-09 06:45:29,986 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-09 06:45:29,998 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-09 06:45:29,999 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.11 06:45:29" (1/1) ... [2024-11-09 06:45:30,001 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@5b4e6857 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:45:30, skipping insertion in model container [2024-11-09 06:45:30,001 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.11 06:45:29" (1/1) ... [2024-11-09 06:45:30,067 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-09 06:45:30,525 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/sv-benchmarks/c/product-lines/minepump_spec5_product43.cil.c[18537,18550] [2024-11-09 06:45:30,532 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-09 06:45:30,548 INFO L200 MainTranslator]: Completed pre-run [2024-11-09 06:45:30,564 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] [2024-11-09 06:45:30,566 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [415] [2024-11-09 06:45:30,566 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [521] [2024-11-09 06:45:30,567 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [589] [2024-11-09 06:45:30,567 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [786] [2024-11-09 06:45:30,567 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [881] [2024-11-09 06:45:30,568 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [931] [2024-11-09 06:45:30,568 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [966] [2024-11-09 06:45:30,698 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/sv-benchmarks/c/product-lines/minepump_spec5_product43.cil.c[18537,18550] [2024-11-09 06:45:30,699 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-09 06:45:30,740 INFO L204 MainTranslator]: Completed translation [2024-11-09 06:45:30,741 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:45:30 WrapperNode [2024-11-09 06:45:30,741 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-09 06:45:30,743 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-09 06:45:30,743 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-09 06:45:30,743 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-09 06:45:30,754 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:45:30" (1/1) ... [2024-11-09 06:45:30,780 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:45:30" (1/1) ... [2024-11-09 06:45:30,835 INFO L138 Inliner]: procedures = 56, calls = 100, calls flagged for inlining = 26, calls inlined = 23, statements flattened = 204 [2024-11-09 06:45:30,839 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-09 06:45:30,840 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-09 06:45:30,840 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-09 06:45:30,841 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-09 06:45:30,856 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:45:30" (1/1) ... [2024-11-09 06:45:30,857 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:45:30" (1/1) ... [2024-11-09 06:45:30,864 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:45:30" (1/1) ... [2024-11-09 06:45:30,864 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:45:30" (1/1) ... [2024-11-09 06:45:30,873 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:45:30" (1/1) ... [2024-11-09 06:45:30,882 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:45:30" (1/1) ... [2024-11-09 06:45:30,887 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:45:30" (1/1) ... [2024-11-09 06:45:30,893 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:45:30" (1/1) ... [2024-11-09 06:45:30,896 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-09 06:45:30,897 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-09 06:45:30,898 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-09 06:45:30,898 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-09 06:45:30,899 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:45:30" (1/1) ... [2024-11-09 06:45:30,907 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2024-11-09 06:45:30,939 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 06:45:30,977 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2024-11-09 06:45:30,985 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2024-11-09 06:45:31,026 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-09 06:45:31,027 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-09 06:45:31,027 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-09 06:45:31,027 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-09 06:45:31,027 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-09 06:45:31,028 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-09 06:45:31,028 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-09 06:45:31,028 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-09 06:45:31,028 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-09 06:45:31,029 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-09 06:45:31,029 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-09 06:45:31,029 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2024-11-09 06:45:31,029 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-09 06:45:31,030 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-09 06:45:31,030 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-09 06:45:31,030 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-09 06:45:31,169 INFO L238 CfgBuilder]: Building ICFG [2024-11-09 06:45:31,172 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-09 06:45:31,584 INFO L? ?]: Removed 42 outVars from TransFormulas that were not future-live. [2024-11-09 06:45:31,585 INFO L287 CfgBuilder]: Performing block encoding [2024-11-09 06:45:31,837 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-09 06:45:31,841 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-09 06:45:31,841 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.11 06:45:31 BoogieIcfgContainer [2024-11-09 06:45:31,842 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-09 06:45:31,847 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-09 06:45:31,847 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-09 06:45:31,852 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-09 06:45:31,852 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 09.11 06:45:29" (1/3) ... [2024-11-09 06:45:31,854 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@62ebc6c7 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.11 06:45:31, skipping insertion in model container [2024-11-09 06:45:31,854 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:45:30" (2/3) ... [2024-11-09 06:45:31,855 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@62ebc6c7 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.11 06:45:31, skipping insertion in model container [2024-11-09 06:45:31,855 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.11 06:45:31" (3/3) ... [2024-11-09 06:45:31,857 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product43.cil.c [2024-11-09 06:45:31,883 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-09 06:45:31,884 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-09 06:45:31,994 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-09 06:45:32,005 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@1c6d8be5, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-09 06:45:32,009 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-09 06:45:32,016 INFO L276 IsEmpty]: Start isEmpty. Operand has 51 states, 33 states have (on average 1.4242424242424243) internal successors, (47), 39 states have internal predecessors, (47), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) [2024-11-09 06:45:32,029 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2024-11-09 06:45:32,034 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:45:32,035 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:45:32,036 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 06:45:32,044 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:45:32,045 INFO L85 PathProgramCache]: Analyzing trace with hash -615339084, now seen corresponding path program 1 times [2024-11-09 06:45:32,060 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:45:32,061 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [859493098] [2024-11-09 06:45:32,062 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:45:32,063 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:45:32,249 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:45:32,398 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-11-09 06:45:32,399 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:45:32,400 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [859493098] [2024-11-09 06:45:32,401 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [859493098] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 06:45:32,401 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 06:45:32,402 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-09 06:45:32,404 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1933205752] [2024-11-09 06:45:32,405 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 06:45:32,412 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-09 06:45:32,412 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:45:32,448 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-09 06:45:32,449 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-09 06:45:32,453 INFO L87 Difference]: Start difference. First operand has 51 states, 33 states have (on average 1.4242424242424243) internal successors, (47), 39 states have internal predecessors, (47), 10 states have call successors, (10), 6 states have call predecessors, (10), 6 states have return successors, (10), 9 states have call predecessors, (10), 10 states have call successors, (10) Second operand has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-09 06:45:32,570 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:45:32,570 INFO L93 Difference]: Finished difference Result 100 states and 135 transitions. [2024-11-09 06:45:32,572 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-09 06:45:32,573 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 21 [2024-11-09 06:45:32,574 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:45:32,590 INFO L225 Difference]: With dead ends: 100 [2024-11-09 06:45:32,590 INFO L226 Difference]: Without dead ends: 46 [2024-11-09 06:45:32,595 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-09 06:45:32,601 INFO L432 NwaCegarLoop]: 49 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 15 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 49 SdHoareTripleChecker+Invalid, 16 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 15 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-09 06:45:32,603 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 49 Invalid, 16 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 15 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-09 06:45:32,626 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 46 states. [2024-11-09 06:45:32,657 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 46 to 46. [2024-11-09 06:45:32,659 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 46 states, 30 states have (on average 1.3) internal successors, (39), 35 states have internal predecessors, (39), 10 states have call successors, (10), 6 states have call predecessors, (10), 5 states have return successors, (9), 8 states have call predecessors, (9), 9 states have call successors, (9) [2024-11-09 06:45:32,661 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 46 states to 46 states and 58 transitions. [2024-11-09 06:45:32,664 INFO L78 Accepts]: Start accepts. Automaton has 46 states and 58 transitions. Word has length 21 [2024-11-09 06:45:32,664 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:45:32,664 INFO L471 AbstractCegarLoop]: Abstraction has 46 states and 58 transitions. [2024-11-09 06:45:32,665 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-09 06:45:32,665 INFO L276 IsEmpty]: Start isEmpty. Operand 46 states and 58 transitions. [2024-11-09 06:45:32,667 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2024-11-09 06:45:32,668 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:45:32,668 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:45:32,669 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-09 06:45:32,669 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 06:45:32,670 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:45:32,670 INFO L85 PathProgramCache]: Analyzing trace with hash -434839925, now seen corresponding path program 1 times [2024-11-09 06:45:32,671 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:45:32,671 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [182097073] [2024-11-09 06:45:32,671 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:45:32,672 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:45:32,711 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:45:33,106 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-11-09 06:45:33,106 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:45:33,107 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [182097073] [2024-11-09 06:45:33,107 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [182097073] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 06:45:33,107 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 06:45:33,108 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-11-09 06:45:33,108 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1178913532] [2024-11-09 06:45:33,108 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 06:45:33,110 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-09 06:45:33,110 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:45:33,111 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-09 06:45:33,112 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2024-11-09 06:45:33,112 INFO L87 Difference]: Start difference. First operand 46 states and 58 transitions. Second operand has 8 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 6 states have internal predecessors, (18), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-09 06:45:34,006 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:45:34,006 INFO L93 Difference]: Finished difference Result 189 states and 268 transitions. [2024-11-09 06:45:34,007 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2024-11-09 06:45:34,007 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 6 states have internal predecessors, (18), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 24 [2024-11-09 06:45:34,008 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:45:34,010 INFO L225 Difference]: With dead ends: 189 [2024-11-09 06:45:34,011 INFO L226 Difference]: Without dead ends: 132 [2024-11-09 06:45:34,012 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 21 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 17 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 46 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=71, Invalid=271, Unknown=0, NotChecked=0, Total=342 [2024-11-09 06:45:34,014 INFO L432 NwaCegarLoop]: 93 mSDtfsCounter, 107 mSDsluCounter, 303 mSDsCounter, 0 mSdLazyCounter, 415 mSolverCounterSat, 26 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 110 SdHoareTripleChecker+Valid, 396 SdHoareTripleChecker+Invalid, 441 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 26 IncrementalHoareTripleChecker+Valid, 415 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2024-11-09 06:45:34,015 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [110 Valid, 396 Invalid, 441 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [26 Valid, 415 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2024-11-09 06:45:34,016 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 132 states. [2024-11-09 06:45:34,061 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 132 to 110. [2024-11-09 06:45:34,061 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 110 states, 72 states have (on average 1.2222222222222223) internal successors, (88), 78 states have internal predecessors, (88), 23 states have call successors, (23), 16 states have call predecessors, (23), 14 states have return successors, (38), 20 states have call predecessors, (38), 20 states have call successors, (38) [2024-11-09 06:45:34,068 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 110 states to 110 states and 149 transitions. [2024-11-09 06:45:34,070 INFO L78 Accepts]: Start accepts. Automaton has 110 states and 149 transitions. Word has length 24 [2024-11-09 06:45:34,071 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:45:34,071 INFO L471 AbstractCegarLoop]: Abstraction has 110 states and 149 transitions. [2024-11-09 06:45:34,071 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 2.5714285714285716) internal successors, (18), 6 states have internal predecessors, (18), 2 states have call successors, (3), 1 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-09 06:45:34,072 INFO L276 IsEmpty]: Start isEmpty. Operand 110 states and 149 transitions. [2024-11-09 06:45:34,073 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2024-11-09 06:45:34,074 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:45:34,077 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:45:34,077 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-09 06:45:34,078 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 06:45:34,078 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:45:34,078 INFO L85 PathProgramCache]: Analyzing trace with hash 200565333, now seen corresponding path program 1 times [2024-11-09 06:45:34,079 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:45:34,079 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [807576818] [2024-11-09 06:45:34,079 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:45:34,079 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:45:34,132 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:45:34,598 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-09 06:45:34,598 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:45:34,599 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [807576818] [2024-11-09 06:45:34,599 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [807576818] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 06:45:34,599 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 06:45:34,600 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2024-11-09 06:45:34,600 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [637031538] [2024-11-09 06:45:34,600 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 06:45:34,601 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2024-11-09 06:45:34,601 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:45:34,602 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2024-11-09 06:45:34,602 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=56, Unknown=0, NotChecked=0, Total=72 [2024-11-09 06:45:34,603 INFO L87 Difference]: Start difference. First operand 110 states and 149 transitions. Second operand has 9 states, 8 states have (on average 2.75) internal successors, (22), 8 states have internal predecessors, (22), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-09 06:45:35,081 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:45:35,081 INFO L93 Difference]: Finished difference Result 304 states and 433 transitions. [2024-11-09 06:45:35,082 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2024-11-09 06:45:35,082 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 8 states have (on average 2.75) internal successors, (22), 8 states have internal predecessors, (22), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 27 [2024-11-09 06:45:35,083 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:45:35,086 INFO L225 Difference]: With dead ends: 304 [2024-11-09 06:45:35,086 INFO L226 Difference]: Without dead ends: 183 [2024-11-09 06:45:35,090 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 19 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 15 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 29 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=64, Invalid=208, Unknown=0, NotChecked=0, Total=272 [2024-11-09 06:45:35,091 INFO L432 NwaCegarLoop]: 41 mSDtfsCounter, 114 mSDsluCounter, 201 mSDsCounter, 0 mSdLazyCounter, 172 mSolverCounterSat, 48 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 116 SdHoareTripleChecker+Valid, 242 SdHoareTripleChecker+Invalid, 220 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 48 IncrementalHoareTripleChecker+Valid, 172 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-09 06:45:35,092 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [116 Valid, 242 Invalid, 220 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [48 Valid, 172 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-09 06:45:35,094 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 183 states. [2024-11-09 06:45:35,127 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 183 to 177. [2024-11-09 06:45:35,128 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 177 states, 117 states have (on average 1.2136752136752136) internal successors, (142), 125 states have internal predecessors, (142), 36 states have call successors, (36), 27 states have call predecessors, (36), 23 states have return successors, (64), 31 states have call predecessors, (64), 32 states have call successors, (64) [2024-11-09 06:45:35,130 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 177 states to 177 states and 242 transitions. [2024-11-09 06:45:35,131 INFO L78 Accepts]: Start accepts. Automaton has 177 states and 242 transitions. Word has length 27 [2024-11-09 06:45:35,132 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:45:35,132 INFO L471 AbstractCegarLoop]: Abstraction has 177 states and 242 transitions. [2024-11-09 06:45:35,132 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 8 states have (on average 2.75) internal successors, (22), 8 states have internal predecessors, (22), 2 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2024-11-09 06:45:35,133 INFO L276 IsEmpty]: Start isEmpty. Operand 177 states and 242 transitions. [2024-11-09 06:45:35,134 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2024-11-09 06:45:35,134 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:45:35,134 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:45:35,135 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-09 06:45:35,135 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 06:45:35,136 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:45:35,136 INFO L85 PathProgramCache]: Analyzing trace with hash -1037698329, now seen corresponding path program 1 times [2024-11-09 06:45:35,136 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:45:35,137 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [950109212] [2024-11-09 06:45:35,137 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:45:35,137 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:45:35,161 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:45:35,447 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-11-09 06:45:35,447 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:45:35,448 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [950109212] [2024-11-09 06:45:35,448 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [950109212] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 06:45:35,448 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 06:45:35,448 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-11-09 06:45:35,449 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [834844671] [2024-11-09 06:45:35,449 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 06:45:35,449 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-09 06:45:35,449 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:45:35,452 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-09 06:45:35,453 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=41, Unknown=0, NotChecked=0, Total=56 [2024-11-09 06:45:35,453 INFO L87 Difference]: Start difference. First operand 177 states and 242 transitions. Second operand has 8 states, 7 states have (on average 3.142857142857143) internal successors, (22), 7 states have internal predecessors, (22), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-09 06:45:36,050 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:45:36,050 INFO L93 Difference]: Finished difference Result 550 states and 797 transitions. [2024-11-09 06:45:36,051 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2024-11-09 06:45:36,051 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 3.142857142857143) internal successors, (22), 7 states have internal predecessors, (22), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 30 [2024-11-09 06:45:36,052 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:45:36,056 INFO L225 Difference]: With dead ends: 550 [2024-11-09 06:45:36,056 INFO L226 Difference]: Without dead ends: 323 [2024-11-09 06:45:36,059 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 7 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=43, Invalid=113, Unknown=0, NotChecked=0, Total=156 [2024-11-09 06:45:36,061 INFO L432 NwaCegarLoop]: 79 mSDtfsCounter, 130 mSDsluCounter, 264 mSDsCounter, 0 mSdLazyCounter, 296 mSolverCounterSat, 58 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 137 SdHoareTripleChecker+Valid, 343 SdHoareTripleChecker+Invalid, 354 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 58 IncrementalHoareTripleChecker+Valid, 296 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2024-11-09 06:45:36,061 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [137 Valid, 343 Invalid, 354 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [58 Valid, 296 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2024-11-09 06:45:36,063 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 323 states. [2024-11-09 06:45:36,172 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 323 to 266. [2024-11-09 06:45:36,173 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 266 states, 179 states have (on average 1.2122905027932962) internal successors, (217), 191 states have internal predecessors, (217), 49 states have call successors, (49), 38 states have call predecessors, (49), 37 states have return successors, (82), 46 states have call predecessors, (82), 45 states have call successors, (82) [2024-11-09 06:45:36,177 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 266 states to 266 states and 348 transitions. [2024-11-09 06:45:36,178 INFO L78 Accepts]: Start accepts. Automaton has 266 states and 348 transitions. Word has length 30 [2024-11-09 06:45:36,179 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:45:36,179 INFO L471 AbstractCegarLoop]: Abstraction has 266 states and 348 transitions. [2024-11-09 06:45:36,180 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 3.142857142857143) internal successors, (22), 7 states have internal predecessors, (22), 3 states have call successors, (4), 3 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-09 06:45:36,180 INFO L276 IsEmpty]: Start isEmpty. Operand 266 states and 348 transitions. [2024-11-09 06:45:36,182 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 31 [2024-11-09 06:45:36,183 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:45:36,183 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:45:36,183 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-09 06:45:36,184 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 06:45:36,185 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:45:36,185 INFO L85 PathProgramCache]: Analyzing trace with hash -321297443, now seen corresponding path program 1 times [2024-11-09 06:45:36,185 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:45:36,186 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1219137427] [2024-11-09 06:45:36,186 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:45:36,186 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:45:36,226 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:45:36,572 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-09 06:45:36,572 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:45:36,573 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1219137427] [2024-11-09 06:45:36,573 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1219137427] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 06:45:36,573 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 06:45:36,573 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [11] imperfect sequences [] total 11 [2024-11-09 06:45:36,574 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [654330139] [2024-11-09 06:45:36,574 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 06:45:36,574 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 11 states [2024-11-09 06:45:36,575 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:45:36,575 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 11 interpolants. [2024-11-09 06:45:36,576 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=20, Invalid=90, Unknown=0, NotChecked=0, Total=110 [2024-11-09 06:45:36,576 INFO L87 Difference]: Start difference. First operand 266 states and 348 transitions. Second operand has 11 states, 9 states have (on average 2.5555555555555554) internal successors, (23), 9 states have internal predecessors, (23), 3 states have call successors, (4), 3 states have call predecessors, (4), 3 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-09 06:45:37,724 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:45:37,724 INFO L93 Difference]: Finished difference Result 759 states and 1027 transitions. [2024-11-09 06:45:37,725 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 21 states. [2024-11-09 06:45:37,725 INFO L78 Accepts]: Start accepts. Automaton has has 11 states, 9 states have (on average 2.5555555555555554) internal successors, (23), 9 states have internal predecessors, (23), 3 states have call successors, (4), 3 states have call predecessors, (4), 3 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 30 [2024-11-09 06:45:37,725 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:45:37,730 INFO L225 Difference]: With dead ends: 759 [2024-11-09 06:45:37,731 INFO L226 Difference]: Without dead ends: 564 [2024-11-09 06:45:37,733 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 31 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 26 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 134 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=146, Invalid=610, Unknown=0, NotChecked=0, Total=756 [2024-11-09 06:45:37,735 INFO L432 NwaCegarLoop]: 22 mSDtfsCounter, 309 mSDsluCounter, 123 mSDsCounter, 0 mSdLazyCounter, 715 mSolverCounterSat, 177 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 313 SdHoareTripleChecker+Valid, 145 SdHoareTripleChecker+Invalid, 892 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 177 IncrementalHoareTripleChecker+Valid, 715 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2024-11-09 06:45:37,736 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [313 Valid, 145 Invalid, 892 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [177 Valid, 715 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2024-11-09 06:45:37,738 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 564 states. [2024-11-09 06:45:37,854 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 564 to 543. [2024-11-09 06:45:37,856 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 543 states, 362 states have (on average 1.2154696132596685) internal successors, (440), 390 states have internal predecessors, (440), 97 states have call successors, (97), 81 states have call predecessors, (97), 83 states have return successors, (153), 92 states have call predecessors, (153), 92 states have call successors, (153) [2024-11-09 06:45:37,862 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 543 states to 543 states and 690 transitions. [2024-11-09 06:45:37,864 INFO L78 Accepts]: Start accepts. Automaton has 543 states and 690 transitions. Word has length 30 [2024-11-09 06:45:37,864 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:45:37,865 INFO L471 AbstractCegarLoop]: Abstraction has 543 states and 690 transitions. [2024-11-09 06:45:37,865 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 11 states, 9 states have (on average 2.5555555555555554) internal successors, (23), 9 states have internal predecessors, (23), 3 states have call successors, (4), 3 states have call predecessors, (4), 3 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2024-11-09 06:45:37,865 INFO L276 IsEmpty]: Start isEmpty. Operand 543 states and 690 transitions. [2024-11-09 06:45:37,873 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 48 [2024-11-09 06:45:37,873 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:45:37,873 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:45:37,874 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-09 06:45:37,874 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 06:45:37,874 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:45:37,875 INFO L85 PathProgramCache]: Analyzing trace with hash 1103023466, now seen corresponding path program 1 times [2024-11-09 06:45:37,875 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:45:37,875 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1146231740] [2024-11-09 06:45:37,875 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:45:37,876 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:45:37,912 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:45:38,054 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 13 proven. 0 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-11-09 06:45:38,054 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:45:38,054 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1146231740] [2024-11-09 06:45:38,054 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1146231740] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 06:45:38,055 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 06:45:38,055 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-09 06:45:38,055 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1211790065] [2024-11-09 06:45:38,055 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 06:45:38,056 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-09 06:45:38,056 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:45:38,059 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-09 06:45:38,059 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-09 06:45:38,059 INFO L87 Difference]: Start difference. First operand 543 states and 690 transitions. Second operand has 3 states, 3 states have (on average 11.333333333333334) internal successors, (34), 3 states have internal predecessors, (34), 3 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 3 states have call successors, (5) [2024-11-09 06:45:38,228 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:45:38,228 INFO L93 Difference]: Finished difference Result 1054 states and 1377 transitions. [2024-11-09 06:45:38,229 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-09 06:45:38,229 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.333333333333334) internal successors, (34), 3 states have internal predecessors, (34), 3 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 3 states have call successors, (5) Word has length 47 [2024-11-09 06:45:38,231 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:45:38,237 INFO L225 Difference]: With dead ends: 1054 [2024-11-09 06:45:38,238 INFO L226 Difference]: Without dead ends: 403 [2024-11-09 06:45:38,241 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-09 06:45:38,243 INFO L432 NwaCegarLoop]: 61 mSDtfsCounter, 29 mSDsluCounter, 43 mSDsCounter, 0 mSdLazyCounter, 34 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 29 SdHoareTripleChecker+Valid, 104 SdHoareTripleChecker+Invalid, 34 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 34 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-09 06:45:38,244 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [29 Valid, 104 Invalid, 34 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 34 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-09 06:45:38,245 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 403 states. [2024-11-09 06:45:38,315 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 403 to 358. [2024-11-09 06:45:38,316 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 358 states, 239 states have (on average 1.1799163179916319) internal successors, (282), 259 states have internal predecessors, (282), 66 states have call successors, (66), 54 states have call predecessors, (66), 52 states have return successors, (91), 60 states have call predecessors, (91), 63 states have call successors, (91) [2024-11-09 06:45:38,319 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 358 states to 358 states and 439 transitions. [2024-11-09 06:45:38,320 INFO L78 Accepts]: Start accepts. Automaton has 358 states and 439 transitions. Word has length 47 [2024-11-09 06:45:38,320 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:45:38,321 INFO L471 AbstractCegarLoop]: Abstraction has 358 states and 439 transitions. [2024-11-09 06:45:38,321 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.333333333333334) internal successors, (34), 3 states have internal predecessors, (34), 3 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 3 states have call successors, (5) [2024-11-09 06:45:38,321 INFO L276 IsEmpty]: Start isEmpty. Operand 358 states and 439 transitions. [2024-11-09 06:45:38,326 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 54 [2024-11-09 06:45:38,326 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:45:38,326 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:45:38,326 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-09 06:45:38,327 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 06:45:38,327 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:45:38,327 INFO L85 PathProgramCache]: Analyzing trace with hash 188786564, now seen corresponding path program 1 times [2024-11-09 06:45:38,328 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:45:38,328 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [31255803] [2024-11-09 06:45:38,328 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:45:38,328 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:45:38,362 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:45:38,659 INFO L134 CoverageAnalysis]: Checked inductivity of 25 backedges. 17 proven. 0 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2024-11-09 06:45:38,660 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:45:38,660 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [31255803] [2024-11-09 06:45:38,660 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [31255803] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 06:45:38,660 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 06:45:38,660 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-11-09 06:45:38,661 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2133210525] [2024-11-09 06:45:38,661 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 06:45:38,661 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-09 06:45:38,661 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:45:38,662 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-09 06:45:38,662 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=22, Invalid=34, Unknown=0, NotChecked=0, Total=56 [2024-11-09 06:45:38,663 INFO L87 Difference]: Start difference. First operand 358 states and 439 transitions. Second operand has 8 states, 8 states have (on average 4.625) internal successors, (37), 8 states have internal predecessors, (37), 3 states have call successors, (7), 3 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 3 states have call successors, (6) [2024-11-09 06:45:39,003 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:45:39,004 INFO L93 Difference]: Finished difference Result 830 states and 1078 transitions. [2024-11-09 06:45:39,004 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 10 states. [2024-11-09 06:45:39,005 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 4.625) internal successors, (37), 8 states have internal predecessors, (37), 3 states have call successors, (7), 3 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 3 states have call successors, (6) Word has length 53 [2024-11-09 06:45:39,006 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:45:39,011 INFO L225 Difference]: With dead ends: 830 [2024-11-09 06:45:39,011 INFO L226 Difference]: Without dead ends: 575 [2024-11-09 06:45:39,013 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=46, Invalid=64, Unknown=0, NotChecked=0, Total=110 [2024-11-09 06:45:39,018 INFO L432 NwaCegarLoop]: 53 mSDtfsCounter, 82 mSDsluCounter, 100 mSDsCounter, 0 mSdLazyCounter, 105 mSolverCounterSat, 34 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 86 SdHoareTripleChecker+Valid, 153 SdHoareTripleChecker+Invalid, 139 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 34 IncrementalHoareTripleChecker+Valid, 105 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-09 06:45:39,018 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [86 Valid, 153 Invalid, 139 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [34 Valid, 105 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-09 06:45:39,020 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 575 states. [2024-11-09 06:45:39,132 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 575 to 551. [2024-11-09 06:45:39,133 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 551 states, 371 states have (on average 1.169811320754717) internal successors, (434), 397 states have internal predecessors, (434), 102 states have call successors, (102), 82 states have call predecessors, (102), 77 states have return successors, (148), 91 states have call predecessors, (148), 96 states have call successors, (148) [2024-11-09 06:45:39,140 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 551 states to 551 states and 684 transitions. [2024-11-09 06:45:39,144 INFO L78 Accepts]: Start accepts. Automaton has 551 states and 684 transitions. Word has length 53 [2024-11-09 06:45:39,144 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:45:39,144 INFO L471 AbstractCegarLoop]: Abstraction has 551 states and 684 transitions. [2024-11-09 06:45:39,145 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 4.625) internal successors, (37), 8 states have internal predecessors, (37), 3 states have call successors, (7), 3 states have call predecessors, (7), 2 states have return successors, (6), 3 states have call predecessors, (6), 3 states have call successors, (6) [2024-11-09 06:45:39,145 INFO L276 IsEmpty]: Start isEmpty. Operand 551 states and 684 transitions. [2024-11-09 06:45:39,148 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 59 [2024-11-09 06:45:39,148 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:45:39,148 INFO L215 NwaCegarLoop]: trace histogram [4, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:45:39,149 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-09 06:45:39,149 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 06:45:39,149 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:45:39,149 INFO L85 PathProgramCache]: Analyzing trace with hash -1935476027, now seen corresponding path program 1 times [2024-11-09 06:45:39,150 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:45:39,150 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [638433324] [2024-11-09 06:45:39,150 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:45:39,150 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:45:39,191 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:45:39,584 INFO L134 CoverageAnalysis]: Checked inductivity of 34 backedges. 20 proven. 0 refuted. 0 times theorem prover too weak. 14 trivial. 0 not checked. [2024-11-09 06:45:39,585 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:45:39,585 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [638433324] [2024-11-09 06:45:39,585 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [638433324] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 06:45:39,585 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 06:45:39,586 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-11-09 06:45:39,586 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [810040283] [2024-11-09 06:45:39,586 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 06:45:39,586 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-09 06:45:39,587 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:45:39,587 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-09 06:45:39,587 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=40, Unknown=0, NotChecked=0, Total=56 [2024-11-09 06:45:39,590 INFO L87 Difference]: Start difference. First operand 551 states and 684 transitions. Second operand has 8 states, 8 states have (on average 4.875) internal successors, (39), 8 states have internal predecessors, (39), 4 states have call successors, (8), 3 states have call predecessors, (8), 2 states have return successors, (7), 4 states have call predecessors, (7), 4 states have call successors, (7) [2024-11-09 06:45:40,020 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:45:40,020 INFO L93 Difference]: Finished difference Result 871 states and 1104 transitions. [2024-11-09 06:45:40,021 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2024-11-09 06:45:40,021 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 4.875) internal successors, (39), 8 states have internal predecessors, (39), 4 states have call successors, (8), 3 states have call predecessors, (8), 2 states have return successors, (7), 4 states have call predecessors, (7), 4 states have call successors, (7) Word has length 58 [2024-11-09 06:45:40,022 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:45:40,025 INFO L225 Difference]: With dead ends: 871 [2024-11-09 06:45:40,026 INFO L226 Difference]: Without dead ends: 452 [2024-11-09 06:45:40,028 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 15 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 15 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=44, Invalid=112, Unknown=0, NotChecked=0, Total=156 [2024-11-09 06:45:40,029 INFO L432 NwaCegarLoop]: 49 mSDtfsCounter, 89 mSDsluCounter, 111 mSDsCounter, 0 mSdLazyCounter, 151 mSolverCounterSat, 45 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 94 SdHoareTripleChecker+Valid, 160 SdHoareTripleChecker+Invalid, 196 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 45 IncrementalHoareTripleChecker+Valid, 151 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-09 06:45:40,030 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [94 Valid, 160 Invalid, 196 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [45 Valid, 151 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-09 06:45:40,031 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 452 states. [2024-11-09 06:45:40,114 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 452 to 392. [2024-11-09 06:45:40,115 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 392 states, 261 states have (on average 1.1685823754789273) internal successors, (305), 283 states have internal predecessors, (305), 72 states have call successors, (72), 60 states have call predecessors, (72), 58 states have return successors, (97), 66 states have call predecessors, (97), 69 states have call successors, (97) [2024-11-09 06:45:40,118 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 392 states to 392 states and 474 transitions. [2024-11-09 06:45:40,119 INFO L78 Accepts]: Start accepts. Automaton has 392 states and 474 transitions. Word has length 58 [2024-11-09 06:45:40,120 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:45:40,120 INFO L471 AbstractCegarLoop]: Abstraction has 392 states and 474 transitions. [2024-11-09 06:45:40,120 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 4.875) internal successors, (39), 8 states have internal predecessors, (39), 4 states have call successors, (8), 3 states have call predecessors, (8), 2 states have return successors, (7), 4 states have call predecessors, (7), 4 states have call successors, (7) [2024-11-09 06:45:40,120 INFO L276 IsEmpty]: Start isEmpty. Operand 392 states and 474 transitions. [2024-11-09 06:45:40,122 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 59 [2024-11-09 06:45:40,122 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:45:40,122 INFO L215 NwaCegarLoop]: trace histogram [4, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:45:40,128 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2024-11-09 06:45:40,128 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 06:45:40,129 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:45:40,129 INFO L85 PathProgramCache]: Analyzing trace with hash 836138842, now seen corresponding path program 1 times [2024-11-09 06:45:40,129 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:45:40,129 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [970518762] [2024-11-09 06:45:40,130 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:45:40,130 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:45:40,163 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:45:40,682 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 3 proven. 13 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2024-11-09 06:45:40,683 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:45:40,683 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [970518762] [2024-11-09 06:45:40,683 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [970518762] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 06:45:40,683 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1815126869] [2024-11-09 06:45:40,684 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:45:40,684 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 06:45:40,684 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 06:45:40,686 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 06:45:40,690 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-09 06:45:40,869 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:45:40,873 INFO L255 TraceCheckSpWp]: Trace formula consists of 249 conjuncts, 24 conjuncts are in the unsatisfiable core [2024-11-09 06:45:40,883 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 06:45:41,293 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 13 proven. 13 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2024-11-09 06:45:41,293 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 06:45:42,522 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 15 proven. 1 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2024-11-09 06:45:42,522 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1815126869] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-09 06:45:42,522 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [936484392] [2024-11-09 06:45:42,547 INFO L159 IcfgInterpreter]: Started Sifa with 34 locations of interest [2024-11-09 06:45:42,547 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 06:45:42,552 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 06:45:42,558 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 06:45:42,559 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 06:45:52,528 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 143 for LOIs [2024-11-09 06:45:52,668 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 45 for LOIs [2024-11-09 06:45:52,950 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 50 for LOIs [2024-11-09 06:45:52,971 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 35 for LOIs [2024-11-09 06:45:52,979 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 06:45:56,722 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '11462#(and (not (= ~pumpRunning~0 0)) (<= ~pumpRunning~0 1) (not (= 2 ~waterLevel~0)) (= |old(~pumpRunning~0)| 0) (<= 0 (+ ~waterLevel~0 2147483648)) (<= ~waterLevel~0 2147483647) (<= 0 ~pumpRunning~0) (= ~switchedOnBeforeTS~0 0) (= |old(~switchedOnBeforeTS~0)| 0))' at error location [2024-11-09 06:45:56,722 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 06:45:56,723 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-09 06:45:56,723 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 9, 9] total 16 [2024-11-09 06:45:56,723 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2118519106] [2024-11-09 06:45:56,723 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-09 06:45:56,724 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 16 states [2024-11-09 06:45:56,724 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:45:56,725 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 16 interpolants. [2024-11-09 06:45:56,725 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=211, Invalid=1271, Unknown=0, NotChecked=0, Total=1482 [2024-11-09 06:45:56,726 INFO L87 Difference]: Start difference. First operand 392 states and 474 transitions. Second operand has 16 states, 13 states have (on average 5.230769230769231) internal successors, (68), 16 states have internal predecessors, (68), 6 states have call successors, (15), 5 states have call predecessors, (15), 8 states have return successors, (15), 6 states have call predecessors, (15), 6 states have call successors, (15) [2024-11-09 06:45:58,240 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:45:58,241 INFO L93 Difference]: Finished difference Result 1059 states and 1352 transitions. [2024-11-09 06:45:58,241 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2024-11-09 06:45:58,242 INFO L78 Accepts]: Start accepts. Automaton has has 16 states, 13 states have (on average 5.230769230769231) internal successors, (68), 16 states have internal predecessors, (68), 6 states have call successors, (15), 5 states have call predecessors, (15), 8 states have return successors, (15), 6 states have call predecessors, (15), 6 states have call successors, (15) Word has length 58 [2024-11-09 06:45:58,242 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:45:58,249 INFO L225 Difference]: With dead ends: 1059 [2024-11-09 06:45:58,249 INFO L226 Difference]: Without dead ends: 826 [2024-11-09 06:45:58,253 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 212 GetRequests, 152 SyntacticMatches, 4 SemanticMatches, 56 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1196 ImplicationChecksByTransitivity, 4.5s TimeCoverageRelationStatistics Valid=462, Invalid=2844, Unknown=0, NotChecked=0, Total=3306 [2024-11-09 06:45:58,254 INFO L432 NwaCegarLoop]: 120 mSDtfsCounter, 380 mSDsluCounter, 433 mSDsCounter, 0 mSdLazyCounter, 605 mSolverCounterSat, 271 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 383 SdHoareTripleChecker+Valid, 553 SdHoareTripleChecker+Invalid, 876 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 271 IncrementalHoareTripleChecker+Valid, 605 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.9s IncrementalHoareTripleChecker+Time [2024-11-09 06:45:58,254 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [383 Valid, 553 Invalid, 876 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [271 Valid, 605 Invalid, 0 Unknown, 0 Unchecked, 0.9s Time] [2024-11-09 06:45:58,256 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 826 states. [2024-11-09 06:45:58,341 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 826 to 512. [2024-11-09 06:45:58,342 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 512 states, 340 states have (on average 1.1823529411764706) internal successors, (402), 370 states have internal predecessors, (402), 97 states have call successors, (97), 78 states have call predecessors, (97), 74 states have return successors, (142), 88 states have call predecessors, (142), 91 states have call successors, (142) [2024-11-09 06:45:58,347 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 512 states to 512 states and 641 transitions. [2024-11-09 06:45:58,349 INFO L78 Accepts]: Start accepts. Automaton has 512 states and 641 transitions. Word has length 58 [2024-11-09 06:45:58,349 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:45:58,349 INFO L471 AbstractCegarLoop]: Abstraction has 512 states and 641 transitions. [2024-11-09 06:45:58,350 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 16 states, 13 states have (on average 5.230769230769231) internal successors, (68), 16 states have internal predecessors, (68), 6 states have call successors, (15), 5 states have call predecessors, (15), 8 states have return successors, (15), 6 states have call predecessors, (15), 6 states have call successors, (15) [2024-11-09 06:45:58,350 INFO L276 IsEmpty]: Start isEmpty. Operand 512 states and 641 transitions. [2024-11-09 06:45:58,351 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 73 [2024-11-09 06:45:58,352 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:45:58,352 INFO L215 NwaCegarLoop]: trace histogram [4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:45:58,378 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2024-11-09 06:45:58,553 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 06:45:58,554 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 06:45:58,554 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:45:58,554 INFO L85 PathProgramCache]: Analyzing trace with hash 500539272, now seen corresponding path program 1 times [2024-11-09 06:45:58,554 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:45:58,555 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [512440605] [2024-11-09 06:45:58,555 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:45:58,555 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:45:58,592 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:45:58,910 INFO L134 CoverageAnalysis]: Checked inductivity of 60 backedges. 45 proven. 3 refuted. 0 times theorem prover too weak. 12 trivial. 0 not checked. [2024-11-09 06:45:58,911 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:45:58,911 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [512440605] [2024-11-09 06:45:58,911 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [512440605] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 06:45:58,911 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [342411713] [2024-11-09 06:45:58,912 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:45:58,912 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 06:45:58,912 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 06:45:58,914 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 06:45:58,916 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-11-09 06:45:59,054 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:45:59,056 INFO L255 TraceCheckSpWp]: Trace formula consists of 289 conjuncts, 12 conjuncts are in the unsatisfiable core [2024-11-09 06:45:59,062 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 06:45:59,423 INFO L134 CoverageAnalysis]: Checked inductivity of 60 backedges. 53 proven. 3 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2024-11-09 06:45:59,423 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 06:45:59,777 INFO L134 CoverageAnalysis]: Checked inductivity of 60 backedges. 45 proven. 3 refuted. 0 times theorem prover too weak. 12 trivial. 0 not checked. [2024-11-09 06:45:59,778 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [342411713] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-09 06:45:59,778 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [767020152] [2024-11-09 06:45:59,783 INFO L159 IcfgInterpreter]: Started Sifa with 34 locations of interest [2024-11-09 06:45:59,783 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 06:45:59,784 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 06:45:59,784 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 06:45:59,784 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 06:46:05,760 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 149 for LOIs [2024-11-09 06:46:05,845 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 51 for LOIs [2024-11-09 06:46:06,174 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 58 for LOIs [2024-11-09 06:46:06,200 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 38 for LOIs [2024-11-09 06:46:06,210 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 06:46:10,685 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '14401#(and (not (= ~pumpRunning~0 0)) (<= ~pumpRunning~0 2147483647) (not (= 2 ~waterLevel~0)) (<= 0 (+ 2147483648 |old(~pumpRunning~0)|)) (<= |old(~pumpRunning~0)| 2147483647) (<= 0 (+ ~waterLevel~0 2147483648)) (<= ~waterLevel~0 2147483647) (<= 0 (+ ~pumpRunning~0 2147483648)) (= ~switchedOnBeforeTS~0 0))' at error location [2024-11-09 06:46:10,685 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 06:46:10,685 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-09 06:46:10,686 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 9, 9] total 21 [2024-11-09 06:46:10,686 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [647720193] [2024-11-09 06:46:10,686 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-09 06:46:10,687 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 21 states [2024-11-09 06:46:10,687 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:46:10,688 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 21 interpolants. [2024-11-09 06:46:10,689 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=235, Invalid=1657, Unknown=0, NotChecked=0, Total=1892 [2024-11-09 06:46:10,689 INFO L87 Difference]: Start difference. First operand 512 states and 641 transitions. Second operand has 21 states, 21 states have (on average 3.7142857142857144) internal successors, (78), 21 states have internal predecessors, (78), 10 states have call successors, (17), 5 states have call predecessors, (17), 7 states have return successors, (17), 10 states have call predecessors, (17), 10 states have call successors, (17) [2024-11-09 06:46:12,641 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:46:12,643 INFO L93 Difference]: Finished difference Result 1489 states and 2172 transitions. [2024-11-09 06:46:12,643 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2024-11-09 06:46:12,644 INFO L78 Accepts]: Start accepts. Automaton has has 21 states, 21 states have (on average 3.7142857142857144) internal successors, (78), 21 states have internal predecessors, (78), 10 states have call successors, (17), 5 states have call predecessors, (17), 7 states have return successors, (17), 10 states have call predecessors, (17), 10 states have call successors, (17) Word has length 72 [2024-11-09 06:46:12,644 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:46:12,659 INFO L225 Difference]: With dead ends: 1489 [2024-11-09 06:46:12,659 INFO L226 Difference]: Without dead ends: 1023 [2024-11-09 06:46:12,665 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 259 GetRequests, 187 SyntacticMatches, 7 SemanticMatches, 65 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1327 ImplicationChecksByTransitivity, 5.6s TimeCoverageRelationStatistics Valid=586, Invalid=3836, Unknown=0, NotChecked=0, Total=4422 [2024-11-09 06:46:12,665 INFO L432 NwaCegarLoop]: 102 mSDtfsCounter, 463 mSDsluCounter, 437 mSDsCounter, 0 mSdLazyCounter, 843 mSolverCounterSat, 324 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.8s Time, 0 mProtectedPredicate, 0 mProtectedAction, 465 SdHoareTripleChecker+Valid, 539 SdHoareTripleChecker+Invalid, 1167 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 324 IncrementalHoareTripleChecker+Valid, 843 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.0s IncrementalHoareTripleChecker+Time [2024-11-09 06:46:12,668 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [465 Valid, 539 Invalid, 1167 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [324 Valid, 843 Invalid, 0 Unknown, 0 Unchecked, 1.0s Time] [2024-11-09 06:46:12,670 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1023 states. [2024-11-09 06:46:12,794 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1023 to 633. [2024-11-09 06:46:12,796 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 633 states, 421 states have (on average 1.156769596199525) internal successors, (487), 458 states have internal predecessors, (487), 121 states have call successors, (121), 94 states have call predecessors, (121), 90 states have return successors, (185), 111 states have call predecessors, (185), 113 states have call successors, (185) [2024-11-09 06:46:12,802 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 633 states to 633 states and 793 transitions. [2024-11-09 06:46:12,804 INFO L78 Accepts]: Start accepts. Automaton has 633 states and 793 transitions. Word has length 72 [2024-11-09 06:46:12,805 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:46:12,805 INFO L471 AbstractCegarLoop]: Abstraction has 633 states and 793 transitions. [2024-11-09 06:46:12,805 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 21 states, 21 states have (on average 3.7142857142857144) internal successors, (78), 21 states have internal predecessors, (78), 10 states have call successors, (17), 5 states have call predecessors, (17), 7 states have return successors, (17), 10 states have call predecessors, (17), 10 states have call successors, (17) [2024-11-09 06:46:12,806 INFO L276 IsEmpty]: Start isEmpty. Operand 633 states and 793 transitions. [2024-11-09 06:46:12,807 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 79 [2024-11-09 06:46:12,807 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:46:12,808 INFO L215 NwaCegarLoop]: trace histogram [5, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:46:12,833 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-11-09 06:46:13,012 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-09 06:46:13,013 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 06:46:13,013 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:46:13,014 INFO L85 PathProgramCache]: Analyzing trace with hash -1278047513, now seen corresponding path program 1 times [2024-11-09 06:46:13,014 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:46:13,014 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [230751543] [2024-11-09 06:46:13,014 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:46:13,015 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:46:13,043 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:46:13,232 INFO L134 CoverageAnalysis]: Checked inductivity of 72 backedges. 40 proven. 0 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2024-11-09 06:46:13,232 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:46:13,233 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [230751543] [2024-11-09 06:46:13,233 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [230751543] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 06:46:13,233 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 06:46:13,233 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-09 06:46:13,235 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1540309535] [2024-11-09 06:46:13,235 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 06:46:13,236 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-09 06:46:13,236 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:46:13,237 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-09 06:46:13,237 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2024-11-09 06:46:13,238 INFO L87 Difference]: Start difference. First operand 633 states and 793 transitions. Second operand has 4 states, 4 states have (on average 11.75) internal successors, (47), 4 states have internal predecessors, (47), 4 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (8), 4 states have call predecessors, (8), 4 states have call successors, (8) [2024-11-09 06:46:13,370 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:46:13,370 INFO L93 Difference]: Finished difference Result 875 states and 1083 transitions. [2024-11-09 06:46:13,371 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-11-09 06:46:13,371 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 11.75) internal successors, (47), 4 states have internal predecessors, (47), 4 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (8), 4 states have call predecessors, (8), 4 states have call successors, (8) Word has length 78 [2024-11-09 06:46:13,371 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:46:13,374 INFO L225 Difference]: With dead ends: 875 [2024-11-09 06:46:13,374 INFO L226 Difference]: Without dead ends: 0 [2024-11-09 06:46:13,378 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=6, Invalid=6, Unknown=0, NotChecked=0, Total=12 [2024-11-09 06:46:13,378 INFO L432 NwaCegarLoop]: 54 mSDtfsCounter, 14 mSDsluCounter, 54 mSDsCounter, 0 mSdLazyCounter, 53 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 14 SdHoareTripleChecker+Valid, 108 SdHoareTripleChecker+Invalid, 53 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 53 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-09 06:46:13,379 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [14 Valid, 108 Invalid, 53 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 53 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-09 06:46:13,379 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-09 06:46:13,380 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-09 06:46:13,380 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-09 06:46:13,380 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-09 06:46:13,382 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 78 [2024-11-09 06:46:13,382 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:46:13,382 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-09 06:46:13,382 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 11.75) internal successors, (47), 4 states have internal predecessors, (47), 4 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (8), 4 states have call predecessors, (8), 4 states have call successors, (8) [2024-11-09 06:46:13,382 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-09 06:46:13,383 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-09 06:46:13,386 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-09 06:46:13,386 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10 [2024-11-09 06:46:13,389 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:46:13,392 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-09 06:46:30,376 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-09 06:46:30,440 WARN L162 FloydHoareUtils]: Requires clause for changeMethaneLevel contained old-variable. Original clause: (let ((.cse1 (= |old(~methaneLevelCritical~0)| 0)) (.cse4 (= |old(~methaneLevelCritical~0)| 1))) (and (let ((.cse3 (= ~pumpRunning~0 0))) (let ((.cse0 (not .cse3)) (.cse2 (<= ~waterLevel~0 2)) (.cse6 (= 0 ~systemActive~0)) (.cse5 (= ~waterLevel~0 1)) (.cse7 (= 2 ~waterLevel~0))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse4 .cse5) (and (not (= ~switchedOnBeforeTS~0 0)) .cse0 .cse4 .cse2) (and .cse1 .cse6) (and .cse4 .cse6) (and .cse3 .cse7 .cse4) (and .cse1 .cse5) (and .cse7 .cse1)))) (or (not .cse1) (= ~methaneLevelCritical~0 0)) (or (= ~methaneLevelCritical~0 1) (not .cse4)))) Eliminated clause: (exists ((|old(~methaneLevelCritical~0)| Int)) (let ((.cse1 (= |old(~methaneLevelCritical~0)| 0)) (.cse4 (= |old(~methaneLevelCritical~0)| 1))) (and (let ((.cse3 (= ~pumpRunning~0 0))) (let ((.cse0 (not .cse3)) (.cse2 (<= ~waterLevel~0 2)) (.cse6 (= 0 ~systemActive~0)) (.cse5 (= ~waterLevel~0 1)) (.cse7 (= 2 ~waterLevel~0))) (or (and .cse0 .cse1 .cse2) (and .cse3 .cse4 .cse5) (and (not (= ~switchedOnBeforeTS~0 0)) .cse0 .cse4 .cse2) (and .cse1 .cse6) (and .cse4 .cse6) (and .cse3 .cse7 .cse4) (and .cse1 .cse5) (and .cse7 .cse1)))) (or (not .cse1) (= ~methaneLevelCritical~0 0)) (or (= ~methaneLevelCritical~0 1) (not .cse4))))) [2024-11-09 06:46:30,450 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-09 06:46:30,474 WARN L162 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (let ((.cse3 (= 0 ~systemActive~0))) (let ((.cse18 (= ~switchedOnBeforeTS~0 0)) (.cse12 (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) (.cse9 (= ~methaneLevelCritical~0 0)) (.cse7 (= ~methaneLevelCritical~0 1)) (.cse10 (= |old(~pumpRunning~0)| 0)) (.cse15 (not .cse3)) (.cse5 (= ~pumpRunning~0 0))) (let ((.cse13 (= |old(~waterLevel~0)| 2)) (.cse17 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse0 (not .cse5)) (.cse2 (and .cse10 .cse15)) (.cse6 (not .cse7)) (.cse1 (not .cse9)) (.cse4 (not .cse10)) (.cse16 (not .cse12)) (.cse14 (not .cse18)) (.cse11 (= |old(~switchedOnBeforeTS~0)| 0))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse5 .cse6) (or (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1)) (let ((.cse8 (<= |old(~waterLevel~0)| 2))) (or (and .cse7 .cse8) (and .cse9 .cse8) (and .cse9 .cse3) (and .cse7 .cse3) (and .cse10 .cse7) (and (not .cse11) .cse12) .cse13)) (or .cse14 .cse1 .cse15 .cse11) (or .cse16 .cse4 .cse5) (or .cse6 .cse17) (or .cse16 .cse17) (or (< 1 |old(~waterLevel~0)|) (<= ~waterLevel~0 1)) (or .cse17 .cse15) (or (and .cse10 (not .cse13)) .cse17) (or .cse0 .cse2 .cse6 .cse3) (or .cse4 .cse5 .cse1) (or .cse16 .cse4 .cse18) (or .cse16 (and .cse14 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) .cse11))))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int) (|old(~switchedOnBeforeTS~0)| Int) (|old(~waterLevel~0)| Int)) (let ((.cse4 (= |old(~pumpRunning~0)| 0)) (.cse15 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse18 (= ~switchedOnBeforeTS~0 0)) (.cse10 (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) (.cse8 (= ~methaneLevelCritical~0 0)) (.cse5 (= 0 ~systemActive~0)) (.cse1 (= ~pumpRunning~0 0)) (.cse6 (= ~methaneLevelCritical~0 1))) (let ((.cse2 (not .cse6)) (.cse3 (not .cse1)) (.cse14 (not .cse5)) (.cse11 (= |old(~waterLevel~0)| 2)) (.cse16 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse13 (not .cse8)) (.cse17 (not .cse10)) (.cse12 (not .cse18)) (.cse9 (not .cse15)) (.cse0 (not .cse4))) (and (or (< 1 |old(~waterLevel~0)|) (< ~waterLevel~0 2)) (or .cse0 .cse1 .cse2) (or (not (= |old(~waterLevel~0)| 1)) (= ~waterLevel~0 1)) (or .cse3 .cse4 .cse2 .cse5) (let ((.cse7 (<= |old(~waterLevel~0)| 2))) (or (and .cse6 .cse7) (and .cse8 .cse7) (and .cse8 .cse5) (and .cse6 .cse5) (and .cse4 .cse6) (and .cse9 .cse10) .cse11)) (or .cse12 .cse13 .cse14 .cse15) (or .cse2 .cse16) (or .cse3 .cse4 .cse13 .cse5) (or .cse17 .cse16) (or .cse16 .cse14) (or (and .cse4 (not .cse11)) .cse16) (or .cse0 .cse1 .cse13) (or .cse9 .cse0 .cse18) (or .cse17 (and .cse12 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) .cse15) (or .cse9 .cse0 .cse1))))) [2024-11-09 06:46:30,510 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-09 06:46:30,528 WARN L162 FloydHoareUtils]: Requires clause for cleanup contained old-variable. Original clause: (let ((.cse1 (= |old(~pumpRunning~0)| 0)) (.cse5 (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (let ((.cse0 (= |old(~waterLevel~0)| 2)) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse3 (= ~methaneLevelCritical~0 1)) (.cse7 (not .cse5)) (.cse10 (= ~switchedOnBeforeTS~0 0)) (.cse6 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse8 (not .cse1)) (.cse9 (= ~pumpRunning~0 0))) (and (or (= 2 ~waterLevel~0) (not .cse0)) (or .cse1 .cse2) (let ((.cse4 (= ~methaneLevelCritical~0 0))) (or (and .cse1 .cse3) (and .cse4 .cse1 (<= |old(~waterLevel~0)| 1)) (and .cse4 .cse5 (= 0 ~systemActive~0)) (and (not .cse6) .cse5) .cse0)) (or .cse7 .cse8 (and .cse9 .cse2 .cse10)) (or .cse8 (and .cse9 .cse2) (not .cse3)) (or .cse7 (and (not .cse10) (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) .cse6) (or (< 1 |old(~waterLevel~0)|) .cse8 (and .cse9 (<= ~waterLevel~0 1)))))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int) (|old(~switchedOnBeforeTS~0)| Int) (|old(~waterLevel~0)| Int)) (let ((.cse6 (= |old(~pumpRunning~0)| 0)) (.cse10 (= |old(~switchedOnBeforeTS~0)| 0))) (let ((.cse0 (not .cse10)) (.cse5 (= |old(~waterLevel~0)| 2)) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse7 (= ~methaneLevelCritical~0 1)) (.cse9 (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) (.cse4 (= ~switchedOnBeforeTS~0 0)) (.cse1 (not .cse6)) (.cse2 (= ~pumpRunning~0 0))) (and (or .cse0 .cse1 (and .cse2 .cse3 .cse4)) (or (= 2 ~waterLevel~0) (not .cse5)) (or .cse6 .cse3) (let ((.cse8 (= ~methaneLevelCritical~0 0))) (or (and .cse6 .cse7) (and .cse8 .cse6 (<= |old(~waterLevel~0)| 1)) (and .cse8 .cse9 (= 0 ~systemActive~0)) (and .cse0 .cse9) .cse5)) (or .cse1 (and .cse2 .cse3) (not .cse7)) (or (not .cse9) (and (not .cse4) (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) .cse10) (or (< 1 |old(~waterLevel~0)|) .cse1 (and .cse2 (<= ~waterLevel~0 1))))))) [2024-11-09 06:46:30,531 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-09 06:46:30,539 WARN L162 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (= |old(~waterLevel~0)| ~waterLevel~0) (let ((.cse0 (= ~pumpRunning~0 0))) (let ((.cse7 (= 0 ~systemActive~0)) (.cse4 (not .cse0)) (.cse2 (= ~methaneLevelCritical~0 1)) (.cse6 (<= |old(~waterLevel~0)| 2)) (.cse5 (= ~methaneLevelCritical~0 0)) (.cse1 (= |old(~waterLevel~0)| 1)) (.cse3 (= |old(~waterLevel~0)| 2))) (or (and .cse0 .cse1 .cse2) (and .cse0 .cse2 .cse3) (and .cse4 .cse5 .cse6) (and .cse5 .cse7) (and .cse2 .cse7) (and (not (= ~switchedOnBeforeTS~0 0)) .cse4 .cse2 .cse6) (and .cse5 (or .cse1 .cse3)))))) Eliminated clause: (let ((.cse5 (= ~pumpRunning~0 0))) (let ((.cse0 (not .cse5)) (.cse2 (<= ~waterLevel~0 2)) (.cse4 (= 0 ~systemActive~0)) (.cse3 (= ~methaneLevelCritical~0 1)) (.cse1 (= ~methaneLevelCritical~0 0)) (.cse6 (= 2 ~waterLevel~0)) (.cse7 (= ~waterLevel~0 1))) (or (and .cse0 .cse1 .cse2) (and (not (= ~switchedOnBeforeTS~0 0)) .cse0 .cse3 .cse2) (and .cse1 .cse4) (and .cse3 .cse4) (and .cse5 .cse6 .cse3) (and .cse5 .cse3 .cse7) (and .cse1 (or .cse6 .cse7))))) [2024-11-09 06:46:30,589 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 09.11 06:46:30 BoogieIcfgContainer [2024-11-09 06:46:30,589 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-09 06:46:30,590 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-09 06:46:30,590 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-09 06:46:30,590 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-09 06:46:30,591 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.11 06:45:31" (3/4) ... [2024-11-09 06:46:30,594 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-09 06:46:30,599 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-09 06:46:30,599 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-09 06:46:30,599 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-09 06:46:30,599 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-09 06:46:30,600 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-09 06:46:30,600 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-09 06:46:30,610 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 48 nodes and edges [2024-11-09 06:46:30,610 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 12 nodes and edges [2024-11-09 06:46:30,611 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-09 06:46:30,612 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-09 06:46:30,612 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-09 06:46:30,647 WARN L216 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel == 1)) || (((((switchedOnBeforeTS != 0) && (methaneLevelCritical == 1)) && (waterLevel <= 2)) && ((waterLevel < 2) || (2 < \old(waterLevel)))) && (pumpRunning == switchedOnBeforeTS))) || (((methaneLevelCritical == 0) && (0 == systemActive)) && (pumpRunning == switchedOnBeforeTS))) || (((methaneLevelCritical == 1) && (0 == systemActive)) && (pumpRunning == switchedOnBeforeTS))) || (((pumpRunning == 0) && (2 == waterLevel)) && (methaneLevelCritical == 1))) || ((((pumpRunning == 0) && (methaneLevelCritical == 1)) && (waterLevel == 1)) && (switchedOnBeforeTS == 0))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (0 == systemActive))) || (((pumpRunning == 0) && (methaneLevelCritical == 1)) && (0 == systemActive))) || ((((pumpRunning != 0) && (methaneLevelCritical == 0)) && (waterLevel <= 2)) && (pumpRunning == switchedOnBeforeTS))) || ((2 == waterLevel) && (methaneLevelCritical == 0))) [2024-11-09 06:46:30,648 WARN L216 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((\old(switchedOnBeforeTS) != \old(pumpRunning)) || ((pumpRunning == 0) && (switchedOnBeforeTS == 0))) || (methaneLevelCritical != 0)) || ((switchedOnBeforeTS != 0) && (pumpRunning == switchedOnBeforeTS))) || (0 != systemActive)) && ((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (methaneLevelCritical != 1)) || ((switchedOnBeforeTS != 0) && (pumpRunning == switchedOnBeforeTS)))) && (((2 == waterLevel) || (\old(waterLevel) != 2)) || ((switchedOnBeforeTS != 0) && (pumpRunning == switchedOnBeforeTS)))) && ((((((\old(pumpRunning) == 0) && (methaneLevelCritical == 1)) || (((methaneLevelCritical == 0) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 1))) || (((methaneLevelCritical == 0) && (\old(switchedOnBeforeTS) == \old(pumpRunning))) && (0 == systemActive))) || ((\old(switchedOnBeforeTS) != 0) && (\old(switchedOnBeforeTS) == \old(pumpRunning)))) || (\old(waterLevel) == 2))) && ((((1 < \old(waterLevel)) || (methaneLevelCritical != 0)) || ((switchedOnBeforeTS != 0) && (pumpRunning == switchedOnBeforeTS))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (switchedOnBeforeTS == 0)))) && (((\old(switchedOnBeforeTS) != \old(pumpRunning)) || ((switchedOnBeforeTS != 0) && (pumpRunning == switchedOnBeforeTS))) || (\old(switchedOnBeforeTS) == 0))) [2024-11-09 06:46:30,685 WARN L141 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((\old(switchedOnBeforeTS) != \old(pumpRunning)) || ((pumpRunning == 0) && (switchedOnBeforeTS == 0))) || (methaneLevelCritical != 0)) || ((switchedOnBeforeTS != 0) && (pumpRunning == switchedOnBeforeTS))) || (0 != systemActive)) && ((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (methaneLevelCritical != 1)) || ((switchedOnBeforeTS != 0) && (pumpRunning == switchedOnBeforeTS)))) && (((2 == waterLevel) || (\old(waterLevel) != 2)) || ((switchedOnBeforeTS != 0) && (pumpRunning == switchedOnBeforeTS)))) && ((((((\old(pumpRunning) == 0) && (methaneLevelCritical == 1)) || (((methaneLevelCritical == 0) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 1))) || (((methaneLevelCritical == 0) && (\old(switchedOnBeforeTS) == \old(pumpRunning))) && (0 == systemActive))) || ((\old(switchedOnBeforeTS) != 0) && (\old(switchedOnBeforeTS) == \old(pumpRunning)))) || (\old(waterLevel) == 2))) && ((((1 < \old(waterLevel)) || (methaneLevelCritical != 0)) || ((switchedOnBeforeTS != 0) && (pumpRunning == switchedOnBeforeTS))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (switchedOnBeforeTS == 0)))) && (((\old(switchedOnBeforeTS) != \old(pumpRunning)) || ((switchedOnBeforeTS != 0) && (pumpRunning == switchedOnBeforeTS))) || (\old(switchedOnBeforeTS) == 0))) [2024-11-09 06:46:30,688 WARN L141 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel == 1)) || (((((switchedOnBeforeTS != 0) && (methaneLevelCritical == 1)) && (waterLevel <= 2)) && ((waterLevel < 2) || (2 < \old(waterLevel)))) && (pumpRunning == switchedOnBeforeTS))) || (((methaneLevelCritical == 0) && (0 == systemActive)) && (pumpRunning == switchedOnBeforeTS))) || (((methaneLevelCritical == 1) && (0 == systemActive)) && (pumpRunning == switchedOnBeforeTS))) || (((pumpRunning == 0) && (2 == waterLevel)) && (methaneLevelCritical == 1))) || ((((pumpRunning == 0) && (methaneLevelCritical == 1)) && (waterLevel == 1)) && (switchedOnBeforeTS == 0))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (0 == systemActive))) || (((pumpRunning == 0) && (methaneLevelCritical == 1)) && (0 == systemActive))) || ((((pumpRunning != 0) && (methaneLevelCritical == 0)) && (waterLevel <= 2)) && (pumpRunning == switchedOnBeforeTS))) || ((2 == waterLevel) && (methaneLevelCritical == 0))) [2024-11-09 06:46:30,749 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje/witness.graphml [2024-11-09 06:46:30,750 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje/witness.yml [2024-11-09 06:46:30,750 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-09 06:46:30,751 INFO L158 Benchmark]: Toolchain (without parser) took 60767.98ms. Allocated memory was 138.4MB in the beginning and 1.2GB in the end (delta: 1.1GB). Free memory was 99.6MB in the beginning and 462.2MB in the end (delta: -362.6MB). Peak memory consumption was 731.4MB. Max. memory is 16.1GB. [2024-11-09 06:46:30,751 INFO L158 Benchmark]: CDTParser took 0.28ms. Allocated memory is still 138.4MB. Free memory is still 79.2MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-09 06:46:30,752 INFO L158 Benchmark]: CACSL2BoogieTranslator took 756.71ms. Allocated memory is still 138.4MB. Free memory was 99.3MB in the beginning and 77.6MB in the end (delta: 21.7MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. [2024-11-09 06:46:30,752 INFO L158 Benchmark]: Boogie Procedure Inliner took 96.75ms. Allocated memory is still 138.4MB. Free memory was 77.6MB in the beginning and 75.2MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-09 06:46:30,753 INFO L158 Benchmark]: Boogie Preprocessor took 56.19ms. Allocated memory is still 138.4MB. Free memory was 75.2MB in the beginning and 73.8MB in the end (delta: 1.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2024-11-09 06:46:30,753 INFO L158 Benchmark]: RCFGBuilder took 944.78ms. Allocated memory was 138.4MB in the beginning and 180.4MB in the end (delta: 41.9MB). Free memory was 73.4MB in the beginning and 127.3MB in the end (delta: -53.9MB). Peak memory consumption was 15.0MB. Max. memory is 16.1GB. [2024-11-09 06:46:30,754 INFO L158 Benchmark]: TraceAbstraction took 58742.63ms. Allocated memory was 180.4MB in the beginning and 1.2GB in the end (delta: 1.1GB). Free memory was 126.9MB in the beginning and 471.6MB in the end (delta: -344.7MB). Peak memory consumption was 724.8MB. Max. memory is 16.1GB. [2024-11-09 06:46:30,754 INFO L158 Benchmark]: Witness Printer took 160.39ms. Allocated memory is still 1.2GB. Free memory was 471.6MB in the beginning and 462.2MB in the end (delta: 9.4MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2024-11-09 06:46:30,756 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.28ms. Allocated memory is still 138.4MB. Free memory is still 79.2MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 756.71ms. Allocated memory is still 138.4MB. Free memory was 99.3MB in the beginning and 77.6MB in the end (delta: 21.7MB). Peak memory consumption was 21.0MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 96.75ms. Allocated memory is still 138.4MB. Free memory was 77.6MB in the beginning and 75.2MB in the end (delta: 2.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 56.19ms. Allocated memory is still 138.4MB. Free memory was 75.2MB in the beginning and 73.8MB in the end (delta: 1.4MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 944.78ms. Allocated memory was 138.4MB in the beginning and 180.4MB in the end (delta: 41.9MB). Free memory was 73.4MB in the beginning and 127.3MB in the end (delta: -53.9MB). Peak memory consumption was 15.0MB. Max. memory is 16.1GB. * TraceAbstraction took 58742.63ms. Allocated memory was 180.4MB in the beginning and 1.2GB in the end (delta: 1.1GB). Free memory was 126.9MB in the beginning and 471.6MB in the end (delta: -344.7MB). Peak memory consumption was 724.8MB. Max. memory is 16.1GB. * Witness Printer took 160.39ms. Allocated memory is still 1.2GB. Free memory was 471.6MB in the beginning and 462.2MB in the end (delta: 9.4MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [49] - GenericResultAtLocation [Line: 415]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [415] - GenericResultAtLocation [Line: 521]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [521] - GenericResultAtLocation [Line: 589]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [589] - GenericResultAtLocation [Line: 786]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [786] - GenericResultAtLocation [Line: 881]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [881] - GenericResultAtLocation [Line: 931]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [931] - GenericResultAtLocation [Line: 966]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [966] - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 971]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 7 procedures, 51 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 41.4s, OverallIterations: 11, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 8.0s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 1747 SdHoareTripleChecker+Valid, 4.5s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 1717 mSDsluCounter, 2792 SdHoareTripleChecker+Invalid, 3.7s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2069 mSDsCounter, 984 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 3404 IncrementalHoareTripleChecker+Invalid, 4388 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 984 mSolverCounterUnsat, 723 mSDtfsCounter, 3404 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 598 GetRequests, 374 SyntacticMatches, 11 SemanticMatches, 213 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2769 ImplicationChecksByTransitivity, 11.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=633occurred in iteration=10, InterpolantAutomatonStates: 146, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.9s AutomataMinimizationTime, 11 MinimizatonAttempts, 939 StatesRemovedByMinimization, 9 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.4s SatisfiabilityAnalysisTime, 5.9s InterpolantComputationTime, 628 NumberOfCodeBlocks, 628 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 743 ConstructedInterpolants, 0 QuantifiedInterpolants, 2640 SizeOfPredicates, 8 NumberOfNonLiveVariables, 538 ConjunctsInSsa, 36 ConjunctsInUnsatCore, 15 InterpolantComputations, 9 PerfectInterpolantSequences, 397/433 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 428]: Loop Invariant Derived loop invariant: ((((((((((\old(switchedOnBeforeTS) != \old(pumpRunning)) || ((pumpRunning == 0) && (switchedOnBeforeTS == 0))) || (methaneLevelCritical != 0)) || ((switchedOnBeforeTS != 0) && (pumpRunning == switchedOnBeforeTS))) || (0 != systemActive)) && ((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (methaneLevelCritical != 1)) || ((switchedOnBeforeTS != 0) && (pumpRunning == switchedOnBeforeTS)))) && (((2 == waterLevel) || (\old(waterLevel) != 2)) || ((switchedOnBeforeTS != 0) && (pumpRunning == switchedOnBeforeTS)))) && ((((((\old(pumpRunning) == 0) && (methaneLevelCritical == 1)) || (((methaneLevelCritical == 0) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 1))) || (((methaneLevelCritical == 0) && (\old(switchedOnBeforeTS) == \old(pumpRunning))) && (0 == systemActive))) || ((\old(switchedOnBeforeTS) != 0) && (\old(switchedOnBeforeTS) == \old(pumpRunning)))) || (\old(waterLevel) == 2))) && ((((1 < \old(waterLevel)) || (methaneLevelCritical != 0)) || ((switchedOnBeforeTS != 0) && (pumpRunning == switchedOnBeforeTS))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (switchedOnBeforeTS == 0)))) && (((\old(switchedOnBeforeTS) != \old(pumpRunning)) || ((switchedOnBeforeTS != 0) && (pumpRunning == switchedOnBeforeTS))) || (\old(switchedOnBeforeTS) == 0))) - InvariantResult [Line: 533]: Loop Invariant Derived loop invariant: ((((((((((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel == 1)) || (((((switchedOnBeforeTS != 0) && (methaneLevelCritical == 1)) && (waterLevel <= 2)) && ((waterLevel < 2) || (2 < \old(waterLevel)))) && (pumpRunning == switchedOnBeforeTS))) || (((methaneLevelCritical == 0) && (0 == systemActive)) && (pumpRunning == switchedOnBeforeTS))) || (((methaneLevelCritical == 1) && (0 == systemActive)) && (pumpRunning == switchedOnBeforeTS))) || (((pumpRunning == 0) && (2 == waterLevel)) && (methaneLevelCritical == 1))) || ((((pumpRunning == 0) && (methaneLevelCritical == 1)) && (waterLevel == 1)) && (switchedOnBeforeTS == 0))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (0 == systemActive))) || (((pumpRunning == 0) && (methaneLevelCritical == 1)) && (0 == systemActive))) || ((((pumpRunning != 0) && (methaneLevelCritical == 0)) && (waterLevel <= 2)) && (pumpRunning == switchedOnBeforeTS))) || ((2 == waterLevel) && (methaneLevelCritical == 0))) - InvariantResult [Line: 532]: Location Invariant Derived location invariant: (((((2 == waterLevel) || (((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 1))) || ((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (0 == systemActive)) && (switchedOnBeforeTS == 0))) || ((pumpRunning == 0) && (methaneLevelCritical == 1))) || ((switchedOnBeforeTS != 0) && (pumpRunning == switchedOnBeforeTS))) - ProcedureContractResult [Line: 629]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: ((((methaneLevelCritical == 0) && (waterLevel <= 2)) && (pumpRunning == switchedOnBeforeTS)) || (((methaneLevelCritical == 1) && (waterLevel <= 2)) && (pumpRunning == switchedOnBeforeTS))) Ensures: (((((methaneLevelCritical == 0) && (waterLevel <= 2)) && (pumpRunning == switchedOnBeforeTS)) || (((methaneLevelCritical == 1) && (waterLevel <= 2)) && (pumpRunning == switchedOnBeforeTS))) && (((((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 814]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Ensures: (((((methaneLevelCritical == 0) || (\old(methaneLevelCritical) != 1)) && ((\old(methaneLevelCritical) != 0) || (methaneLevelCritical == 1))) && ((((((((((pumpRunning != 0) && (\old(methaneLevelCritical) == 0)) && (waterLevel <= 2)) || (((pumpRunning == 0) && (\old(methaneLevelCritical) == 1)) && (waterLevel == 1))) || ((((switchedOnBeforeTS != 0) && (pumpRunning != 0)) && (\old(methaneLevelCritical) == 1)) && (waterLevel <= 2))) || ((\old(methaneLevelCritical) == 0) && (0 == systemActive))) || ((\old(methaneLevelCritical) == 1) && (0 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (\old(methaneLevelCritical) == 1))) || ((\old(methaneLevelCritical) == 0) && (waterLevel == 1))) || ((2 == waterLevel) && (\old(methaneLevelCritical) == 0)))) && ((((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 602]: Procedure Contract for timeShift Derived contract for procedure timeShift. Ensures: ((((((((((((((((((methaneLevelCritical != 1) || (pumpRunning == switchedOnBeforeTS)) || (0 != systemActive)) && ((((((\old(pumpRunning) == 0) && (0 != systemActive)) || ((pumpRunning != 0) && (((\old(waterLevel) == ((long long) waterLevel + 1)) && (1 <= \old(waterLevel))) || ((\old(waterLevel) <= 0) && (\old(waterLevel) == waterLevel))))) || (methaneLevelCritical != 1)) || ((0 == systemActive) && (pumpRunning == switchedOnBeforeTS))) || (2 < \old(waterLevel)))) && ((((((((methaneLevelCritical == 1) && (\old(waterLevel) <= 2)) || ((methaneLevelCritical == 0) && (\old(waterLevel) <= 2))) || ((methaneLevelCritical == 0) && (0 == systemActive))) || ((methaneLevelCritical == 1) && (0 == systemActive))) || ((\old(pumpRunning) == 0) && (methaneLevelCritical == 1))) || ((\old(switchedOnBeforeTS) != 0) && (\old(switchedOnBeforeTS) == \old(pumpRunning)))) || (\old(waterLevel) == 2))) && (((pumpRunning == 0) || (methaneLevelCritical != 1)) || ((switchedOnBeforeTS != 0) && (pumpRunning == switchedOnBeforeTS)))) && ((((\old(pumpRunning) != 0) || (2 == waterLevel)) || (methaneLevelCritical != 0)) || (\old(waterLevel) != 2))) && (((((methaneLevelCritical != 0) || ((\old(pumpRunning) == 0) && (0 != systemActive))) || (((pumpRunning != 0) && (((\old(waterLevel) == ((long long) waterLevel + 1)) && (1 <= \old(waterLevel))) || ((\old(waterLevel) <= 0) && (\old(waterLevel) == waterLevel)))) && (pumpRunning == switchedOnBeforeTS))) || ((0 == systemActive) && (pumpRunning == switchedOnBeforeTS))) || (2 < \old(waterLevel)))) && (((2 == waterLevel) || (\old(waterLevel) != 2)) || ((switchedOnBeforeTS != 0) && (pumpRunning == switchedOnBeforeTS)))) && (((((1 < \old(waterLevel)) || (\old(pumpRunning) != 0)) || (methaneLevelCritical != 0)) || ((switchedOnBeforeTS != 0) && (pumpRunning == switchedOnBeforeTS))) || (((pumpRunning == 0) && (waterLevel <= 1)) && (switchedOnBeforeTS == 0)))) && ((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (methaneLevelCritical != 1)) || (\old(waterLevel) != 2))) && ((((\old(pumpRunning) != 0) || ((pumpRunning == 0) && (switchedOnBeforeTS == 0))) || (methaneLevelCritical != 0)) || (0 != systemActive))) && ((((\old(pumpRunning) != 0) || ((pumpRunning == 0) && (switchedOnBeforeTS == 0))) || (methaneLevelCritical != 1)) || (0 != systemActive))) && (((\old(switchedOnBeforeTS) != \old(pumpRunning)) || ((switchedOnBeforeTS != 0) && (pumpRunning == switchedOnBeforeTS))) || (\old(switchedOnBeforeTS) == 0))) && ((((\old(pumpRunning) != 0) || (((pumpRunning == 0) && (0 == systemActive)) && (switchedOnBeforeTS == 0))) || (\old(waterLevel) != 1)) || ((waterLevel == 1) && (switchedOnBeforeTS == 0)))) && (((((\old(switchedOnBeforeTS) != \old(pumpRunning)) || (((pumpRunning == 0) && (0 == systemActive)) && (switchedOnBeforeTS == 0))) || (methaneLevelCritical != 0)) || ((switchedOnBeforeTS != 0) && (pumpRunning == switchedOnBeforeTS))) || (waterLevel < ((long long) \old(waterLevel) + 1)))) && (((methaneLevelCritical != 0) || (pumpRunning == switchedOnBeforeTS)) || (0 != systemActive))) && ((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 418]: Procedure Contract for cleanup Derived contract for procedure cleanup. Ensures: (((((((\old(pumpRunning) == 0) && (methaneLevelCritical == 1)) || (((methaneLevelCritical == 0) && (\old(pumpRunning) == 0)) && (\old(waterLevel) <= 1))) || (((methaneLevelCritical == 0) && (\old(switchedOnBeforeTS) == \old(pumpRunning))) && (0 == systemActive))) || ((\old(switchedOnBeforeTS) != 0) && (\old(switchedOnBeforeTS) == \old(pumpRunning)))) || (\old(waterLevel) == 2)) && ((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive))) && (methaneLevelCritical == \old(methaneLevelCritical)))) - ProcedureContractResult [Line: 802]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: (((((((((pumpRunning != 0) && (methaneLevelCritical == 0)) && (waterLevel <= 2)) || ((((switchedOnBeforeTS != 0) && (pumpRunning != 0)) && (methaneLevelCritical == 1)) && (waterLevel <= 2))) || ((methaneLevelCritical == 0) && (0 == systemActive))) || ((methaneLevelCritical == 1) && (0 == systemActive))) || (((pumpRunning == 0) && (2 == waterLevel)) && (methaneLevelCritical == 1))) || (((pumpRunning == 0) && (methaneLevelCritical == 1)) && (waterLevel == 1))) || ((methaneLevelCritical == 0) && ((2 == waterLevel) || (waterLevel == 1)))) Ensures: (((((((((pumpRunning != 0) || (2 == waterLevel)) || (\old(waterLevel) != 2)) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && (((((((((pumpRunning == 0) && (\old(waterLevel) == 1)) && (methaneLevelCritical == 1)) || (((pumpRunning == 0) && (methaneLevelCritical == 1)) && (\old(waterLevel) == 2))) || (((pumpRunning != 0) && (methaneLevelCritical == 0)) && (\old(waterLevel) <= 2))) || ((methaneLevelCritical == 0) && (0 == systemActive))) || ((methaneLevelCritical == 1) && (0 == systemActive))) || ((((switchedOnBeforeTS != 0) && (pumpRunning != 0)) && (methaneLevelCritical == 1)) && (\old(waterLevel) <= 2))) || ((methaneLevelCritical == 0) && ((\old(waterLevel) == 1) || (\old(waterLevel) == 2))))) && ((((pumpRunning == 0) || (((((long long) \old(waterLevel) + 1) == waterLevel) || ((2 == waterLevel) && (\old(waterLevel) == 2))) && (waterLevel <= 2))) || (2 < \old(waterLevel))) || (switchedOnBeforeTS == 0))) && (((((pumpRunning == 0) || (((long long) \old(waterLevel) + 1) == waterLevel)) || ((2 == waterLevel) && (\old(waterLevel) == 2))) || (methaneLevelCritical != 0)) || (2 < \old(waterLevel)))) && (((2 == waterLevel) || (methaneLevelCritical != 0)) || (\old(waterLevel) != 2))) && ((((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 707]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: ((((((((((((((pumpRunning != 0) || (0 == systemActive)) && (methaneLevelCritical == 0)) && (waterLevel <= 2)) || ((2 == waterLevel) && (methaneLevelCritical == 1))) || ((methaneLevelCritical == 1) && (pumpRunning == switchedOnBeforeTS))) || (((pumpRunning != 0) || (2 == waterLevel)) && (pumpRunning == switchedOnBeforeTS))) || (((methaneLevelCritical == 0) && (waterLevel <= 1)) && (pumpRunning == switchedOnBeforeTS))) || ((methaneLevelCritical == 0) && (0 == systemActive))) || ((methaneLevelCritical == 1) && (0 == systemActive))) || ((((pumpRunning != 0) || (0 == systemActive)) && (methaneLevelCritical == 1)) && (waterLevel <= 2))) || ((methaneLevelCritical == 0) && (waterLevel == 1))) || ((2 == waterLevel) && (methaneLevelCritical == 0))) || ((methaneLevelCritical == 1) && (waterLevel == 1))) Ensures: ((((((((((((((((pumpRunning != 0) || (0 == systemActive)) && (methaneLevelCritical == 0)) && (waterLevel <= 2)) || ((2 == waterLevel) && (methaneLevelCritical == 1))) || ((methaneLevelCritical == 1) && (pumpRunning == switchedOnBeforeTS))) || (((pumpRunning != 0) || (2 == waterLevel)) && (pumpRunning == switchedOnBeforeTS))) || (((methaneLevelCritical == 0) && (waterLevel <= 1)) && (pumpRunning == switchedOnBeforeTS))) || ((methaneLevelCritical == 0) && (0 == systemActive))) || ((methaneLevelCritical == 1) && (0 == systemActive))) || ((((pumpRunning != 0) || (0 == systemActive)) && (methaneLevelCritical == 1)) && (waterLevel <= 2))) || ((methaneLevelCritical == 0) && (waterLevel == 1))) || ((2 == waterLevel) && (methaneLevelCritical == 0))) || ((methaneLevelCritical == 1) && (waterLevel == 1))) && (pumpRunning == \result)) && (((((((head == \old(head)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) RESULT: Ultimate proved your program to be correct! [2024-11-09 06:46:30,812 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_38ca69f4-3e87-49d2-837f-c08ec7cb6b8f/bin/utaipan-verify-YMUCfTKeje/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE