./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product54.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version a0165632 Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product54.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 88f09ec5af0f641c9edfe2f7047937341e46c7f8baabeed0fd38f069cd3b5278 --- Real Ultimate output --- This is Ultimate 0.2.5-dev-a016563 [2024-11-09 06:09:51,125 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-09 06:09:51,223 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/config/svcomp-Reach-32bit-Taipan_Default.epf [2024-11-09 06:09:51,230 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-09 06:09:51,231 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-09 06:09:51,285 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-09 06:09:51,286 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-09 06:09:51,286 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-09 06:09:51,287 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-09 06:09:51,288 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-09 06:09:51,288 INFO L153 SettingsManager]: * User list type=DISABLED [2024-11-09 06:09:51,289 INFO L151 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2024-11-09 06:09:51,289 INFO L153 SettingsManager]: * Explicit value domain=true [2024-11-09 06:09:51,290 INFO L153 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2024-11-09 06:09:51,291 INFO L153 SettingsManager]: * Octagon Domain=false [2024-11-09 06:09:51,291 INFO L153 SettingsManager]: * Abstract domain=CompoundDomain [2024-11-09 06:09:51,292 INFO L153 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2024-11-09 06:09:51,292 INFO L153 SettingsManager]: * Use the RCFG-of-the-future interface=true [2024-11-09 06:09:51,293 INFO L153 SettingsManager]: * Interval Domain=false [2024-11-09 06:09:51,293 INFO L151 SettingsManager]: Preferences of Sifa differ from their defaults: [2024-11-09 06:09:51,294 INFO L153 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2024-11-09 06:09:51,295 INFO L153 SettingsManager]: * Simplification Technique=POLY_PAC [2024-11-09 06:09:51,295 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-09 06:09:51,296 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-09 06:09:51,296 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-09 06:09:51,297 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-09 06:09:51,297 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-09 06:09:51,298 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-09 06:09:51,298 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-09 06:09:51,299 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-09 06:09:51,299 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-09 06:09:51,300 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-09 06:09:51,300 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-09 06:09:51,300 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-09 06:09:51,301 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-09 06:09:51,301 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-09 06:09:51,302 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-09 06:09:51,303 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-09 06:09:51,303 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2024-11-09 06:09:51,304 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-09 06:09:51,304 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-09 06:09:51,305 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-09 06:09:51,305 INFO L153 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2024-11-09 06:09:51,306 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-09 06:09:51,306 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-09 06:09:51,307 INFO L153 SettingsManager]: * Trace refinement exception blacklist=NONE [2024-11-09 06:09:51,307 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-09 06:09:51,307 INFO L153 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 88f09ec5af0f641c9edfe2f7047937341e46c7f8baabeed0fd38f069cd3b5278 [2024-11-09 06:09:51,706 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-09 06:09:51,745 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-09 06:09:51,749 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-09 06:09:51,752 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-09 06:09:51,753 INFO L274 PluginConnector]: CDTParser initialized [2024-11-09 06:09:51,754 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/../../sv-benchmarks/c/product-lines/minepump_spec5_product54.cil.c Unable to find full path for "g++" [2024-11-09 06:09:54,310 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-09 06:09:54,576 INFO L384 CDTParser]: Found 1 translation units. [2024-11-09 06:09:54,576 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/sv-benchmarks/c/product-lines/minepump_spec5_product54.cil.c [2024-11-09 06:09:54,593 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/data/5a0b90c62/86002754ce304c5dbdeb072ce6766b2b/FLAG8f437d6ff [2024-11-09 06:09:54,609 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/data/5a0b90c62/86002754ce304c5dbdeb072ce6766b2b [2024-11-09 06:09:54,612 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-09 06:09:54,614 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-09 06:09:54,615 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-09 06:09:54,615 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-09 06:09:54,622 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-09 06:09:54,623 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.11 06:09:54" (1/1) ... [2024-11-09 06:09:54,624 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@28440494 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:09:54, skipping insertion in model container [2024-11-09 06:09:54,624 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 09.11 06:09:54" (1/1) ... [2024-11-09 06:09:54,680 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-09 06:09:54,966 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/sv-benchmarks/c/product-lines/minepump_spec5_product54.cil.c[3971,3984] [2024-11-09 06:09:55,163 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-09 06:09:55,188 INFO L200 MainTranslator]: Completed pre-run [2024-11-09 06:09:55,201 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [49] [2024-11-09 06:09:55,203 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [101] [2024-11-09 06:09:55,204 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [211] [2024-11-09 06:09:55,205 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [220] [2024-11-09 06:09:55,205 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [323] [2024-11-09 06:09:55,205 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [560] [2024-11-09 06:09:55,206 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [627] [2024-11-09 06:09:55,206 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [662] [2024-11-09 06:09:55,230 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/sv-benchmarks/c/product-lines/minepump_spec5_product54.cil.c[3971,3984] [2024-11-09 06:09:55,347 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-09 06:09:55,376 INFO L204 MainTranslator]: Completed translation [2024-11-09 06:09:55,377 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:09:55 WrapperNode [2024-11-09 06:09:55,377 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-09 06:09:55,378 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-09 06:09:55,378 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-09 06:09:55,378 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-09 06:09:55,387 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:09:55" (1/1) ... [2024-11-09 06:09:55,403 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:09:55" (1/1) ... [2024-11-09 06:09:55,467 INFO L138 Inliner]: procedures = 59, calls = 106, calls flagged for inlining = 26, calls inlined = 23, statements flattened = 235 [2024-11-09 06:09:55,469 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-09 06:09:55,470 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-09 06:09:55,471 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-09 06:09:55,471 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-09 06:09:55,483 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:09:55" (1/1) ... [2024-11-09 06:09:55,484 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:09:55" (1/1) ... [2024-11-09 06:09:55,487 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:09:55" (1/1) ... [2024-11-09 06:09:55,487 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:09:55" (1/1) ... [2024-11-09 06:09:55,494 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:09:55" (1/1) ... [2024-11-09 06:09:55,500 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:09:55" (1/1) ... [2024-11-09 06:09:55,502 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:09:55" (1/1) ... [2024-11-09 06:09:55,504 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:09:55" (1/1) ... [2024-11-09 06:09:55,524 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-09 06:09:55,529 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-09 06:09:55,529 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-09 06:09:55,529 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-09 06:09:55,530 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:09:55" (1/1) ... [2024-11-09 06:09:55,550 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2024-11-09 06:09:55,577 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 06:09:55,595 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2024-11-09 06:09:55,602 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2024-11-09 06:09:55,640 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-09 06:09:55,640 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-09 06:09:55,641 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-09 06:09:55,641 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-09 06:09:55,641 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-09 06:09:55,642 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-09 06:09:55,643 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-09 06:09:55,643 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-09 06:09:55,644 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-09 06:09:55,644 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-09 06:09:55,644 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-09 06:09:55,645 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__lowWaterSensor [2024-11-09 06:09:55,649 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__lowWaterSensor [2024-11-09 06:09:55,650 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-09 06:09:55,650 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-09 06:09:55,651 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-09 06:09:55,651 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-09 06:09:55,652 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2024-11-09 06:09:55,652 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-09 06:09:55,654 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-09 06:09:55,655 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-09 06:09:55,655 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-09 06:09:55,805 INFO L238 CfgBuilder]: Building ICFG [2024-11-09 06:09:55,808 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-09 06:09:56,356 INFO L? ?]: Removed 51 outVars from TransFormulas that were not future-live. [2024-11-09 06:09:56,357 INFO L287 CfgBuilder]: Performing block encoding [2024-11-09 06:09:56,525 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-09 06:09:56,526 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-09 06:09:56,526 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.11 06:09:56 BoogieIcfgContainer [2024-11-09 06:09:56,527 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-09 06:09:56,530 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-09 06:09:56,530 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-09 06:09:56,535 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-09 06:09:56,535 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 09.11 06:09:54" (1/3) ... [2024-11-09 06:09:56,536 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@23f0550f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.11 06:09:56, skipping insertion in model container [2024-11-09 06:09:56,537 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 09.11 06:09:55" (2/3) ... [2024-11-09 06:09:56,537 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@23f0550f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 09.11 06:09:56, skipping insertion in model container [2024-11-09 06:09:56,538 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.11 06:09:56" (3/3) ... [2024-11-09 06:09:56,539 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product54.cil.c [2024-11-09 06:09:56,565 INFO L214 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-09 06:09:56,565 INFO L154 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2024-11-09 06:09:56,657 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-09 06:09:56,665 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@55c7ab5c, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-09 06:09:56,666 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-09 06:09:56,670 INFO L276 IsEmpty]: Start isEmpty. Operand has 69 states, 42 states have (on average 1.4285714285714286) internal successors, (60), 52 states have internal predecessors, (60), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) [2024-11-09 06:09:56,683 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2024-11-09 06:09:56,683 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:09:56,684 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:09:56,685 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 06:09:56,692 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:09:56,692 INFO L85 PathProgramCache]: Analyzing trace with hash -130416555, now seen corresponding path program 1 times [2024-11-09 06:09:56,703 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:09:56,703 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [913337741] [2024-11-09 06:09:56,704 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:09:56,705 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:09:56,843 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:09:56,989 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-11-09 06:09:56,990 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:09:56,990 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [913337741] [2024-11-09 06:09:56,991 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [913337741] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 06:09:56,991 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 06:09:56,991 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-09 06:09:56,999 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [680808359] [2024-11-09 06:09:57,000 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 06:09:57,012 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-09 06:09:57,012 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:09:57,044 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-09 06:09:57,045 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-09 06:09:57,048 INFO L87 Difference]: Start difference. First operand has 69 states, 42 states have (on average 1.4285714285714286) internal successors, (60), 52 states have internal predecessors, (60), 16 states have call successors, (16), 9 states have call predecessors, (16), 9 states have return successors, (16), 11 states have call predecessors, (16), 16 states have call successors, (16) Second operand has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-09 06:09:57,163 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:09:57,163 INFO L93 Difference]: Finished difference Result 136 states and 185 transitions. [2024-11-09 06:09:57,165 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-09 06:09:57,167 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 21 [2024-11-09 06:09:57,167 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:09:57,179 INFO L225 Difference]: With dead ends: 136 [2024-11-09 06:09:57,179 INFO L226 Difference]: Without dead ends: 64 [2024-11-09 06:09:57,183 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-09 06:09:57,188 INFO L432 NwaCegarLoop]: 71 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 71 SdHoareTripleChecker+Invalid, 19 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-09 06:09:57,189 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 71 Invalid, 19 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-09 06:09:57,212 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 64 states. [2024-11-09 06:09:57,251 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 64 to 64. [2024-11-09 06:09:57,253 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 64 states, 39 states have (on average 1.3333333333333333) internal successors, (52), 48 states have internal predecessors, (52), 16 states have call successors, (16), 9 states have call predecessors, (16), 8 states have return successors, (15), 10 states have call predecessors, (15), 15 states have call successors, (15) [2024-11-09 06:09:57,255 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 64 states to 64 states and 83 transitions. [2024-11-09 06:09:57,258 INFO L78 Accepts]: Start accepts. Automaton has 64 states and 83 transitions. Word has length 21 [2024-11-09 06:09:57,258 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:09:57,258 INFO L471 AbstractCegarLoop]: Abstraction has 64 states and 83 transitions. [2024-11-09 06:09:57,259 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-09 06:09:57,259 INFO L276 IsEmpty]: Start isEmpty. Operand 64 states and 83 transitions. [2024-11-09 06:09:57,262 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2024-11-09 06:09:57,262 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:09:57,263 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:09:57,263 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-09 06:09:57,263 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 06:09:57,264 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:09:57,264 INFO L85 PathProgramCache]: Analyzing trace with hash 1331200684, now seen corresponding path program 1 times [2024-11-09 06:09:57,265 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:09:57,265 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [559708392] [2024-11-09 06:09:57,265 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:09:57,266 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:09:57,321 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:09:57,610 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-09 06:09:57,611 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:09:57,611 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [559708392] [2024-11-09 06:09:57,611 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [559708392] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 06:09:57,612 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 06:09:57,612 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-09 06:09:57,612 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1367402594] [2024-11-09 06:09:57,612 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 06:09:57,614 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-09 06:09:57,614 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:09:57,615 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-09 06:09:57,616 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-09 06:09:57,616 INFO L87 Difference]: Start difference. First operand 64 states and 83 transitions. Second operand has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-09 06:09:57,964 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:09:57,965 INFO L93 Difference]: Finished difference Result 172 states and 238 transitions. [2024-11-09 06:09:57,967 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-09 06:09:57,968 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 24 [2024-11-09 06:09:57,968 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:09:57,971 INFO L225 Difference]: With dead ends: 172 [2024-11-09 06:09:57,973 INFO L226 Difference]: Without dead ends: 110 [2024-11-09 06:09:57,975 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-09 06:09:57,977 INFO L432 NwaCegarLoop]: 76 mSDtfsCounter, 50 mSDsluCounter, 250 mSDsCounter, 0 mSdLazyCounter, 126 mSolverCounterSat, 7 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 51 SdHoareTripleChecker+Valid, 326 SdHoareTripleChecker+Invalid, 133 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 7 IncrementalHoareTripleChecker+Valid, 126 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-09 06:09:57,979 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [51 Valid, 326 Invalid, 133 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [7 Valid, 126 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-09 06:09:57,980 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 110 states. [2024-11-09 06:09:58,020 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 110 to 110. [2024-11-09 06:09:58,021 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 110 states, 70 states have (on average 1.2571428571428571) internal successors, (88), 78 states have internal predecessors, (88), 24 states have call successors, (24), 17 states have call predecessors, (24), 15 states have return successors, (32), 20 states have call predecessors, (32), 22 states have call successors, (32) [2024-11-09 06:09:58,027 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 110 states to 110 states and 144 transitions. [2024-11-09 06:09:58,031 INFO L78 Accepts]: Start accepts. Automaton has 110 states and 144 transitions. Word has length 24 [2024-11-09 06:09:58,032 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:09:58,032 INFO L471 AbstractCegarLoop]: Abstraction has 110 states and 144 transitions. [2024-11-09 06:09:58,032 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-09 06:09:58,032 INFO L276 IsEmpty]: Start isEmpty. Operand 110 states and 144 transitions. [2024-11-09 06:09:58,034 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 38 [2024-11-09 06:09:58,038 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:09:58,038 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:09:58,038 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-09 06:09:58,039 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 06:09:58,039 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:09:58,040 INFO L85 PathProgramCache]: Analyzing trace with hash -806558995, now seen corresponding path program 1 times [2024-11-09 06:09:58,040 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:09:58,040 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1500122605] [2024-11-09 06:09:58,044 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:09:58,044 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:09:58,073 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:09:58,488 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-11-09 06:09:58,489 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:09:58,489 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1500122605] [2024-11-09 06:09:58,489 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1500122605] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 06:09:58,490 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 06:09:58,490 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-09 06:09:58,492 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1453507388] [2024-11-09 06:09:58,492 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 06:09:58,493 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-09 06:09:58,495 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:09:58,496 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-09 06:09:58,497 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2024-11-09 06:09:58,497 INFO L87 Difference]: Start difference. First operand 110 states and 144 transitions. Second operand has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2024-11-09 06:09:58,900 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:09:58,901 INFO L93 Difference]: Finished difference Result 320 states and 423 transitions. [2024-11-09 06:09:58,901 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-09 06:09:58,902 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) Word has length 37 [2024-11-09 06:09:58,902 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:09:58,911 INFO L225 Difference]: With dead ends: 320 [2024-11-09 06:09:58,911 INFO L226 Difference]: Without dead ends: 204 [2024-11-09 06:09:58,913 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=16, Invalid=26, Unknown=0, NotChecked=0, Total=42 [2024-11-09 06:09:58,914 INFO L432 NwaCegarLoop]: 109 mSDtfsCounter, 120 mSDsluCounter, 174 mSDsCounter, 0 mSdLazyCounter, 148 mSolverCounterSat, 21 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 120 SdHoareTripleChecker+Valid, 283 SdHoareTripleChecker+Invalid, 169 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 21 IncrementalHoareTripleChecker+Valid, 148 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-09 06:09:58,918 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [120 Valid, 283 Invalid, 169 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [21 Valid, 148 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-09 06:09:58,920 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 204 states. [2024-11-09 06:09:58,984 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 204 to 198. [2024-11-09 06:09:58,988 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 198 states, 126 states have (on average 1.2301587301587302) internal successors, (155), 138 states have internal predecessors, (155), 42 states have call successors, (42), 31 states have call predecessors, (42), 29 states have return successors, (61), 36 states have call predecessors, (61), 39 states have call successors, (61) [2024-11-09 06:09:58,991 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 198 states to 198 states and 258 transitions. [2024-11-09 06:09:58,995 INFO L78 Accepts]: Start accepts. Automaton has 198 states and 258 transitions. Word has length 37 [2024-11-09 06:09:58,996 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:09:58,996 INFO L471 AbstractCegarLoop]: Abstraction has 198 states and 258 transitions. [2024-11-09 06:09:58,996 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.5) internal successors, (27), 6 states have internal predecessors, (27), 4 states have call successors, (5), 2 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2024-11-09 06:09:58,997 INFO L276 IsEmpty]: Start isEmpty. Operand 198 states and 258 transitions. [2024-11-09 06:09:58,999 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 41 [2024-11-09 06:09:59,001 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:09:59,002 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:09:59,002 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-09 06:09:59,002 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 06:09:59,003 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:09:59,007 INFO L85 PathProgramCache]: Analyzing trace with hash -383403695, now seen corresponding path program 1 times [2024-11-09 06:09:59,007 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:09:59,007 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [919885178] [2024-11-09 06:09:59,008 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:09:59,008 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:09:59,045 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:09:59,416 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-11-09 06:09:59,417 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:09:59,418 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [919885178] [2024-11-09 06:09:59,418 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [919885178] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 06:09:59,418 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 06:09:59,419 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-11-09 06:09:59,419 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [618358208] [2024-11-09 06:09:59,419 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 06:09:59,421 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-09 06:09:59,422 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:09:59,422 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-09 06:09:59,424 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=39, Unknown=0, NotChecked=0, Total=56 [2024-11-09 06:09:59,425 INFO L87 Difference]: Start difference. First operand 198 states and 258 transitions. Second operand has 8 states, 7 states have (on average 4.0) internal successors, (28), 7 states have internal predecessors, (28), 5 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 4 states have call predecessors, (5), 5 states have call successors, (5) [2024-11-09 06:10:00,213 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:10:00,213 INFO L93 Difference]: Finished difference Result 495 states and 673 transitions. [2024-11-09 06:10:00,215 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2024-11-09 06:10:00,215 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 4.0) internal successors, (28), 7 states have internal predecessors, (28), 5 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 4 states have call predecessors, (5), 5 states have call successors, (5) Word has length 40 [2024-11-09 06:10:00,218 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:10:00,226 INFO L225 Difference]: With dead ends: 495 [2024-11-09 06:10:00,230 INFO L226 Difference]: Without dead ends: 352 [2024-11-09 06:10:00,232 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 18 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=54, Invalid=102, Unknown=0, NotChecked=0, Total=156 [2024-11-09 06:10:00,234 INFO L432 NwaCegarLoop]: 76 mSDtfsCounter, 233 mSDsluCounter, 198 mSDsCounter, 0 mSdLazyCounter, 326 mSolverCounterSat, 108 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 241 SdHoareTripleChecker+Valid, 274 SdHoareTripleChecker+Invalid, 434 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 108 IncrementalHoareTripleChecker+Valid, 326 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2024-11-09 06:10:00,239 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [241 Valid, 274 Invalid, 434 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [108 Valid, 326 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2024-11-09 06:10:00,240 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 352 states. [2024-11-09 06:10:00,356 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 352 to 298. [2024-11-09 06:10:00,358 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 298 states, 194 states have (on average 1.2371134020618557) internal successors, (240), 211 states have internal predecessors, (240), 61 states have call successors, (61), 40 states have call predecessors, (61), 42 states have return successors, (91), 57 states have call predecessors, (91), 56 states have call successors, (91) [2024-11-09 06:10:00,367 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 298 states to 298 states and 392 transitions. [2024-11-09 06:10:00,368 INFO L78 Accepts]: Start accepts. Automaton has 298 states and 392 transitions. Word has length 40 [2024-11-09 06:10:00,370 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:10:00,370 INFO L471 AbstractCegarLoop]: Abstraction has 298 states and 392 transitions. [2024-11-09 06:10:00,371 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 4.0) internal successors, (28), 7 states have internal predecessors, (28), 5 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 4 states have call predecessors, (5), 5 states have call successors, (5) [2024-11-09 06:10:00,371 INFO L276 IsEmpty]: Start isEmpty. Operand 298 states and 392 transitions. [2024-11-09 06:10:00,379 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2024-11-09 06:10:00,379 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:10:00,380 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:10:00,380 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-09 06:10:00,380 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 06:10:00,381 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:10:00,381 INFO L85 PathProgramCache]: Analyzing trace with hash -947674106, now seen corresponding path program 1 times [2024-11-09 06:10:00,381 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:10:00,386 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1242952859] [2024-11-09 06:10:00,386 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:10:00,387 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:10:00,424 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:10:00,585 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 13 proven. 0 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-11-09 06:10:00,588 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:10:00,588 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1242952859] [2024-11-09 06:10:00,588 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1242952859] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 06:10:00,589 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 06:10:00,589 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2024-11-09 06:10:00,589 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2095410174] [2024-11-09 06:10:00,589 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 06:10:00,590 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2024-11-09 06:10:00,590 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:10:00,591 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2024-11-09 06:10:00,591 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-09 06:10:00,592 INFO L87 Difference]: Start difference. First operand 298 states and 392 transitions. Second operand has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 3 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) [2024-11-09 06:10:00,725 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:10:00,725 INFO L93 Difference]: Finished difference Result 594 states and 798 transitions. [2024-11-09 06:10:00,726 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2024-11-09 06:10:00,727 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 3 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) Word has length 57 [2024-11-09 06:10:00,727 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:10:00,732 INFO L225 Difference]: With dead ends: 594 [2024-11-09 06:10:00,733 INFO L226 Difference]: Without dead ends: 298 [2024-11-09 06:10:00,735 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2024-11-09 06:10:00,737 INFO L432 NwaCegarLoop]: 64 mSDtfsCounter, 63 mSDsluCounter, 63 mSDsCounter, 0 mSdLazyCounter, 36 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 63 SdHoareTripleChecker+Valid, 127 SdHoareTripleChecker+Invalid, 37 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 36 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-09 06:10:00,741 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [63 Valid, 127 Invalid, 37 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 36 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-09 06:10:00,743 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 298 states. [2024-11-09 06:10:00,800 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 298 to 298. [2024-11-09 06:10:00,801 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 298 states, 194 states have (on average 1.211340206185567) internal successors, (235), 211 states have internal predecessors, (235), 61 states have call successors, (61), 40 states have call predecessors, (61), 42 states have return successors, (91), 57 states have call predecessors, (91), 56 states have call successors, (91) [2024-11-09 06:10:00,805 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 298 states to 298 states and 387 transitions. [2024-11-09 06:10:00,807 INFO L78 Accepts]: Start accepts. Automaton has 298 states and 387 transitions. Word has length 57 [2024-11-09 06:10:00,809 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:10:00,809 INFO L471 AbstractCegarLoop]: Abstraction has 298 states and 387 transitions. [2024-11-09 06:10:00,810 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 10.0) internal successors, (40), 4 states have internal predecessors, (40), 3 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (7), 3 states have call predecessors, (7), 3 states have call successors, (7) [2024-11-09 06:10:00,810 INFO L276 IsEmpty]: Start isEmpty. Operand 298 states and 387 transitions. [2024-11-09 06:10:00,814 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 69 [2024-11-09 06:10:00,817 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:10:00,818 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:10:00,818 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-09 06:10:00,818 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 06:10:00,819 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:10:00,819 INFO L85 PathProgramCache]: Analyzing trace with hash 244035749, now seen corresponding path program 1 times [2024-11-09 06:10:00,819 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:10:00,820 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [6507433] [2024-11-09 06:10:00,820 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:10:00,820 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:10:00,858 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:10:00,935 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 9 proven. 0 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2024-11-09 06:10:00,935 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:10:00,936 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [6507433] [2024-11-09 06:10:00,936 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [6507433] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 06:10:00,936 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 06:10:00,936 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-09 06:10:00,937 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1843631934] [2024-11-09 06:10:00,937 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 06:10:00,937 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-09 06:10:00,938 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:10:00,938 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-09 06:10:00,939 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-09 06:10:00,939 INFO L87 Difference]: Start difference. First operand 298 states and 387 transitions. Second operand has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 3 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 3 states have call predecessors, (8), 3 states have call successors, (8) [2024-11-09 06:10:01,022 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:10:01,022 INFO L93 Difference]: Finished difference Result 453 states and 573 transitions. [2024-11-09 06:10:01,023 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-09 06:10:01,023 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 3 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 3 states have call predecessors, (8), 3 states have call successors, (8) Word has length 68 [2024-11-09 06:10:01,023 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:10:01,026 INFO L225 Difference]: With dead ends: 453 [2024-11-09 06:10:01,026 INFO L226 Difference]: Without dead ends: 258 [2024-11-09 06:10:01,027 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-09 06:10:01,030 INFO L432 NwaCegarLoop]: 56 mSDtfsCounter, 2 mSDsluCounter, 47 mSDsCounter, 0 mSdLazyCounter, 27 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 3 SdHoareTripleChecker+Valid, 103 SdHoareTripleChecker+Invalid, 27 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 27 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-09 06:10:01,031 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [3 Valid, 103 Invalid, 27 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 27 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-09 06:10:01,032 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 258 states. [2024-11-09 06:10:01,087 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 258 to 258. [2024-11-09 06:10:01,088 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 258 states, 169 states have (on average 1.21301775147929) internal successors, (205), 186 states have internal predecessors, (205), 46 states have call successors, (46), 35 states have call predecessors, (46), 42 states have return successors, (65), 47 states have call predecessors, (65), 46 states have call successors, (65) [2024-11-09 06:10:01,091 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 258 states to 258 states and 316 transitions. [2024-11-09 06:10:01,093 INFO L78 Accepts]: Start accepts. Automaton has 258 states and 316 transitions. Word has length 68 [2024-11-09 06:10:01,093 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:10:01,093 INFO L471 AbstractCegarLoop]: Abstraction has 258 states and 316 transitions. [2024-11-09 06:10:01,094 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 12.666666666666666) internal successors, (38), 3 states have internal predecessors, (38), 3 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 3 states have call predecessors, (8), 3 states have call successors, (8) [2024-11-09 06:10:01,094 INFO L276 IsEmpty]: Start isEmpty. Operand 258 states and 316 transitions. [2024-11-09 06:10:01,096 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 72 [2024-11-09 06:10:01,096 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:10:01,096 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:10:01,096 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-09 06:10:01,097 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 06:10:01,097 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:10:01,097 INFO L85 PathProgramCache]: Analyzing trace with hash -1479979777, now seen corresponding path program 1 times [2024-11-09 06:10:01,097 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:10:01,098 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1497708429] [2024-11-09 06:10:01,098 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:10:01,098 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:10:01,134 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:10:01,240 INFO L134 CoverageAnalysis]: Checked inductivity of 31 backedges. 8 proven. 0 refuted. 0 times theorem prover too weak. 23 trivial. 0 not checked. [2024-11-09 06:10:01,240 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:10:01,241 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1497708429] [2024-11-09 06:10:01,241 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1497708429] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 06:10:01,241 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 06:10:01,241 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-09 06:10:01,242 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2100597411] [2024-11-09 06:10:01,242 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 06:10:01,242 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-09 06:10:01,243 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:10:01,243 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-09 06:10:01,244 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-09 06:10:01,244 INFO L87 Difference]: Start difference. First operand 258 states and 316 transitions. Second operand has 5 states, 5 states have (on average 7.6) internal successors, (38), 5 states have internal predecessors, (38), 4 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (8), 3 states have call predecessors, (8), 4 states have call successors, (8) [2024-11-09 06:10:01,567 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:10:01,567 INFO L93 Difference]: Finished difference Result 401 states and 493 transitions. [2024-11-09 06:10:01,568 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-09 06:10:01,568 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 7.6) internal successors, (38), 5 states have internal predecessors, (38), 4 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (8), 3 states have call predecessors, (8), 4 states have call successors, (8) Word has length 71 [2024-11-09 06:10:01,569 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:10:01,571 INFO L225 Difference]: With dead ends: 401 [2024-11-09 06:10:01,571 INFO L226 Difference]: Without dead ends: 264 [2024-11-09 06:10:01,573 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 11 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=19, Invalid=37, Unknown=0, NotChecked=0, Total=56 [2024-11-09 06:10:01,576 INFO L432 NwaCegarLoop]: 80 mSDtfsCounter, 121 mSDsluCounter, 93 mSDsCounter, 0 mSdLazyCounter, 153 mSolverCounterSat, 53 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 124 SdHoareTripleChecker+Valid, 173 SdHoareTripleChecker+Invalid, 206 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 53 IncrementalHoareTripleChecker+Valid, 153 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-09 06:10:01,577 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [124 Valid, 173 Invalid, 206 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [53 Valid, 153 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-09 06:10:01,578 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 264 states. [2024-11-09 06:10:01,629 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 264 to 262. [2024-11-09 06:10:01,630 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 262 states, 171 states have (on average 1.1754385964912282) internal successors, (201), 187 states have internal predecessors, (201), 45 states have call successors, (45), 37 states have call predecessors, (45), 45 states have return successors, (56), 48 states have call predecessors, (56), 45 states have call successors, (56) [2024-11-09 06:10:01,631 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 262 states to 262 states and 302 transitions. [2024-11-09 06:10:01,632 INFO L78 Accepts]: Start accepts. Automaton has 262 states and 302 transitions. Word has length 71 [2024-11-09 06:10:01,635 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:10:01,635 INFO L471 AbstractCegarLoop]: Abstraction has 262 states and 302 transitions. [2024-11-09 06:10:01,635 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 7.6) internal successors, (38), 5 states have internal predecessors, (38), 4 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (8), 3 states have call predecessors, (8), 4 states have call successors, (8) [2024-11-09 06:10:01,636 INFO L276 IsEmpty]: Start isEmpty. Operand 262 states and 302 transitions. [2024-11-09 06:10:01,637 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 75 [2024-11-09 06:10:01,637 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:10:01,637 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:10:01,637 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2024-11-09 06:10:01,638 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 06:10:01,640 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:10:01,640 INFO L85 PathProgramCache]: Analyzing trace with hash -1220553049, now seen corresponding path program 1 times [2024-11-09 06:10:01,641 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:10:01,641 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1196344422] [2024-11-09 06:10:01,641 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:10:01,641 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:10:01,677 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:10:01,845 INFO L134 CoverageAnalysis]: Checked inductivity of 29 backedges. 7 proven. 1 refuted. 0 times theorem prover too weak. 21 trivial. 0 not checked. [2024-11-09 06:10:01,846 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:10:01,846 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1196344422] [2024-11-09 06:10:01,846 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1196344422] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 06:10:01,846 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [337215105] [2024-11-09 06:10:01,847 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:10:01,847 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 06:10:01,847 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 06:10:01,851 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 06:10:01,854 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-09 06:10:02,003 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:10:02,007 INFO L255 TraceCheckSpWp]: Trace formula consists of 280 conjuncts, 7 conjuncts are in the unsatisfiable core [2024-11-09 06:10:02,022 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 06:10:02,260 INFO L134 CoverageAnalysis]: Checked inductivity of 29 backedges. 20 proven. 9 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-09 06:10:02,260 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 06:10:02,527 INFO L134 CoverageAnalysis]: Checked inductivity of 29 backedges. 13 proven. 8 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2024-11-09 06:10:02,528 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [337215105] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-09 06:10:02,528 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [673924114] [2024-11-09 06:10:02,555 INFO L159 IcfgInterpreter]: Started Sifa with 48 locations of interest [2024-11-09 06:10:02,555 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 06:10:02,561 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 06:10:02,568 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 06:10:02,569 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 06:10:12,788 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 144 for LOIs [2024-11-09 06:10:12,887 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 174 for LOIs [2024-11-09 06:10:18,553 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__lowWaterSensor with input of size 8 for LOIs [2024-11-09 06:10:18,592 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 21 for LOIs [2024-11-09 06:10:18,641 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 1 for LOIs [2024-11-09 06:10:18,642 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 13 for LOIs [2024-11-09 06:10:18,644 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 06:10:34,508 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '6762#(and (not (= ~pumpRunning~0 0)) (<= ~pumpRunning~0 2147483647) (not (= 2 ~waterLevel~0)) (<= 0 (+ ~waterLevel~0 2147483648)) (<= ~waterLevel~0 2147483647) (<= 0 (+ ~pumpRunning~0 2147483648)) (= ~switchedOnBeforeTS~0 0))' at error location [2024-11-09 06:10:34,509 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 06:10:34,509 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-09 06:10:34,509 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [6, 6, 6] total 11 [2024-11-09 06:10:34,510 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1133827198] [2024-11-09 06:10:34,510 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-09 06:10:34,510 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 11 states [2024-11-09 06:10:34,511 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:10:34,512 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 11 interpolants. [2024-11-09 06:10:34,513 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=177, Invalid=1629, Unknown=0, NotChecked=0, Total=1806 [2024-11-09 06:10:34,514 INFO L87 Difference]: Start difference. First operand 262 states and 302 transitions. Second operand has 11 states, 8 states have (on average 9.625) internal successors, (77), 9 states have internal predecessors, (77), 4 states have call successors, (18), 3 states have call predecessors, (18), 6 states have return successors, (21), 6 states have call predecessors, (21), 4 states have call successors, (21) [2024-11-09 06:10:35,377 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:10:35,378 INFO L93 Difference]: Finished difference Result 358 states and 418 transitions. [2024-11-09 06:10:35,378 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 22 states. [2024-11-09 06:10:35,379 INFO L78 Accepts]: Start accepts. Automaton has has 11 states, 8 states have (on average 9.625) internal successors, (77), 9 states have internal predecessors, (77), 4 states have call successors, (18), 3 states have call predecessors, (18), 6 states have return successors, (21), 6 states have call predecessors, (21), 4 states have call successors, (21) Word has length 74 [2024-11-09 06:10:35,379 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:10:35,381 INFO L225 Difference]: With dead ends: 358 [2024-11-09 06:10:35,382 INFO L226 Difference]: Without dead ends: 356 [2024-11-09 06:10:35,383 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 243 GetRequests, 184 SyntacticMatches, 4 SemanticMatches, 55 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 972 ImplicationChecksByTransitivity, 16.3s TimeCoverageRelationStatistics Valid=280, Invalid=2912, Unknown=0, NotChecked=0, Total=3192 [2024-11-09 06:10:35,384 INFO L432 NwaCegarLoop]: 142 mSDtfsCounter, 161 mSDsluCounter, 454 mSDsCounter, 0 mSdLazyCounter, 528 mSolverCounterSat, 67 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 167 SdHoareTripleChecker+Valid, 596 SdHoareTripleChecker+Invalid, 595 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 67 IncrementalHoareTripleChecker+Valid, 528 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2024-11-09 06:10:35,385 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [167 Valid, 596 Invalid, 595 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [67 Valid, 528 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2024-11-09 06:10:35,386 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 356 states. [2024-11-09 06:10:35,416 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 356 to 298. [2024-11-09 06:10:35,417 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 298 states, 192 states have (on average 1.1666666666666667) internal successors, (224), 213 states have internal predecessors, (224), 53 states have call successors, (53), 45 states have call predecessors, (53), 52 states have return successors, (68), 54 states have call predecessors, (68), 53 states have call successors, (68) [2024-11-09 06:10:35,419 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 298 states to 298 states and 345 transitions. [2024-11-09 06:10:35,420 INFO L78 Accepts]: Start accepts. Automaton has 298 states and 345 transitions. Word has length 74 [2024-11-09 06:10:35,420 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:10:35,420 INFO L471 AbstractCegarLoop]: Abstraction has 298 states and 345 transitions. [2024-11-09 06:10:35,421 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 11 states, 8 states have (on average 9.625) internal successors, (77), 9 states have internal predecessors, (77), 4 states have call successors, (18), 3 states have call predecessors, (18), 6 states have return successors, (21), 6 states have call predecessors, (21), 4 states have call successors, (21) [2024-11-09 06:10:35,421 INFO L276 IsEmpty]: Start isEmpty. Operand 298 states and 345 transitions. [2024-11-09 06:10:35,422 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 94 [2024-11-09 06:10:35,422 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:10:35,422 INFO L215 NwaCegarLoop]: trace histogram [4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:10:35,442 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-09 06:10:35,623 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 06:10:35,624 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 06:10:35,624 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:10:35,624 INFO L85 PathProgramCache]: Analyzing trace with hash 1709264277, now seen corresponding path program 1 times [2024-11-09 06:10:35,624 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:10:35,624 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1425650936] [2024-11-09 06:10:35,624 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:10:35,624 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:10:35,643 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:10:35,720 INFO L134 CoverageAnalysis]: Checked inductivity of 70 backedges. 36 proven. 0 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2024-11-09 06:10:35,720 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:10:35,720 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1425650936] [2024-11-09 06:10:35,720 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1425650936] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-09 06:10:35,720 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-09 06:10:35,720 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2024-11-09 06:10:35,721 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1182852479] [2024-11-09 06:10:35,721 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-09 06:10:35,721 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2024-11-09 06:10:35,721 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:10:35,722 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2024-11-09 06:10:35,722 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=7, Invalid=13, Unknown=0, NotChecked=0, Total=20 [2024-11-09 06:10:35,722 INFO L87 Difference]: Start difference. First operand 298 states and 345 transitions. Second operand has 5 states, 5 states have (on average 10.0) internal successors, (50), 5 states have internal predecessors, (50), 4 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (10), 4 states have call predecessors, (10), 4 states have call successors, (10) [2024-11-09 06:10:35,975 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:10:35,975 INFO L93 Difference]: Finished difference Result 768 states and 896 transitions. [2024-11-09 06:10:35,976 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-09 06:10:35,976 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 10.0) internal successors, (50), 5 states have internal predecessors, (50), 4 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (10), 4 states have call predecessors, (10), 4 states have call successors, (10) Word has length 93 [2024-11-09 06:10:35,977 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:10:35,980 INFO L225 Difference]: With dead ends: 768 [2024-11-09 06:10:35,981 INFO L226 Difference]: Without dead ends: 592 [2024-11-09 06:10:35,982 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2024-11-09 06:10:35,983 INFO L432 NwaCegarLoop]: 106 mSDtfsCounter, 118 mSDsluCounter, 108 mSDsCounter, 0 mSdLazyCounter, 195 mSolverCounterSat, 3 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 118 SdHoareTripleChecker+Valid, 214 SdHoareTripleChecker+Invalid, 198 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 3 IncrementalHoareTripleChecker+Valid, 195 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-09 06:10:35,983 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [118 Valid, 214 Invalid, 198 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [3 Valid, 195 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-09 06:10:35,984 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 592 states. [2024-11-09 06:10:36,056 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 592 to 590. [2024-11-09 06:10:36,057 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 590 states, 381 states have (on average 1.162729658792651) internal successors, (443), 420 states have internal predecessors, (443), 104 states have call successors, (104), 90 states have call predecessors, (104), 104 states have return successors, (134), 108 states have call predecessors, (134), 104 states have call successors, (134) [2024-11-09 06:10:36,061 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 590 states to 590 states and 681 transitions. [2024-11-09 06:10:36,062 INFO L78 Accepts]: Start accepts. Automaton has 590 states and 681 transitions. Word has length 93 [2024-11-09 06:10:36,063 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:10:36,063 INFO L471 AbstractCegarLoop]: Abstraction has 590 states and 681 transitions. [2024-11-09 06:10:36,063 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 10.0) internal successors, (50), 5 states have internal predecessors, (50), 4 states have call successors, (10), 2 states have call predecessors, (10), 2 states have return successors, (10), 4 states have call predecessors, (10), 4 states have call successors, (10) [2024-11-09 06:10:36,063 INFO L276 IsEmpty]: Start isEmpty. Operand 590 states and 681 transitions. [2024-11-09 06:10:36,065 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 97 [2024-11-09 06:10:36,066 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:10:36,066 INFO L215 NwaCegarLoop]: trace histogram [4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:10:36,066 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8 [2024-11-09 06:10:36,067 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 06:10:36,067 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:10:36,067 INFO L85 PathProgramCache]: Analyzing trace with hash 53788931, now seen corresponding path program 1 times [2024-11-09 06:10:36,067 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:10:36,068 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1565634552] [2024-11-09 06:10:36,068 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:10:36,068 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:10:36,090 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:10:36,389 INFO L134 CoverageAnalysis]: Checked inductivity of 70 backedges. 33 proven. 3 refuted. 0 times theorem prover too weak. 34 trivial. 0 not checked. [2024-11-09 06:10:36,389 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:10:36,389 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1565634552] [2024-11-09 06:10:36,389 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1565634552] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 06:10:36,390 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1392837566] [2024-11-09 06:10:36,390 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:10:36,390 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 06:10:36,390 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 06:10:36,392 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 06:10:36,395 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-11-09 06:10:36,531 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:10:36,538 INFO L255 TraceCheckSpWp]: Trace formula consists of 343 conjuncts, 12 conjuncts are in the unsatisfiable core [2024-11-09 06:10:36,544 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 06:10:36,827 INFO L134 CoverageAnalysis]: Checked inductivity of 70 backedges. 63 proven. 3 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2024-11-09 06:10:36,829 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 06:10:37,260 INFO L134 CoverageAnalysis]: Checked inductivity of 70 backedges. 45 proven. 3 refuted. 0 times theorem prover too weak. 22 trivial. 0 not checked. [2024-11-09 06:10:37,261 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1392837566] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-09 06:10:37,261 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [251124209] [2024-11-09 06:10:37,264 INFO L159 IcfgInterpreter]: Started Sifa with 48 locations of interest [2024-11-09 06:10:37,265 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 06:10:37,265 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 06:10:37,266 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 06:10:37,266 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 06:10:40,415 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 172 for LOIs [2024-11-09 06:10:40,637 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 42 for LOIs [2024-11-09 06:10:40,954 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__lowWaterSensor with input of size 41 for LOIs [2024-11-09 06:10:41,009 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 41 for LOIs [2024-11-09 06:10:41,043 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 65 for LOIs [2024-11-09 06:10:41,070 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 3 for LOIs [2024-11-09 06:10:41,072 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 47 for LOIs [2024-11-09 06:10:41,081 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 06:10:49,683 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '10517#(and (<= ~methaneLevelCritical~0 1) (not (= 2 ~waterLevel~0)) (= |old(~pumpRunning~0)| 0) (<= 0 (+ ~waterLevel~0 2147483648)) (<= 0 ~methaneLevelCritical~0) (<= ~waterLevel~0 2147483647) (= ~switchedOnBeforeTS~0 0) (= ~pumpRunning~0 1))' at error location [2024-11-09 06:10:49,684 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 06:10:49,684 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-09 06:10:49,684 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 9, 9] total 20 [2024-11-09 06:10:49,684 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1572623950] [2024-11-09 06:10:49,684 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-09 06:10:49,685 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 20 states [2024-11-09 06:10:49,685 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:10:49,686 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 20 interpolants. [2024-11-09 06:10:49,687 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=267, Invalid=2283, Unknown=0, NotChecked=0, Total=2550 [2024-11-09 06:10:49,687 INFO L87 Difference]: Start difference. First operand 590 states and 681 transitions. Second operand has 20 states, 20 states have (on average 5.5) internal successors, (110), 20 states have internal predecessors, (110), 9 states have call successors, (24), 5 states have call predecessors, (24), 8 states have return successors, (25), 10 states have call predecessors, (25), 9 states have call successors, (25) [2024-11-09 06:10:51,715 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:10:51,715 INFO L93 Difference]: Finished difference Result 1716 states and 2176 transitions. [2024-11-09 06:10:51,716 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 30 states. [2024-11-09 06:10:51,716 INFO L78 Accepts]: Start accepts. Automaton has has 20 states, 20 states have (on average 5.5) internal successors, (110), 20 states have internal predecessors, (110), 9 states have call successors, (24), 5 states have call predecessors, (24), 8 states have return successors, (25), 10 states have call predecessors, (25), 9 states have call successors, (25) Word has length 96 [2024-11-09 06:10:51,717 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:10:51,725 INFO L225 Difference]: With dead ends: 1716 [2024-11-09 06:10:51,725 INFO L226 Difference]: Without dead ends: 1112 [2024-11-09 06:10:51,730 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 327 GetRequests, 248 SyntacticMatches, 5 SemanticMatches, 74 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2031 ImplicationChecksByTransitivity, 9.5s TimeCoverageRelationStatistics Valid=591, Invalid=5109, Unknown=0, NotChecked=0, Total=5700 [2024-11-09 06:10:51,731 INFO L432 NwaCegarLoop]: 58 mSDtfsCounter, 332 mSDsluCounter, 412 mSDsCounter, 0 mSdLazyCounter, 1244 mSolverCounterSat, 254 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 335 SdHoareTripleChecker+Valid, 470 SdHoareTripleChecker+Invalid, 1498 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 254 IncrementalHoareTripleChecker+Valid, 1244 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.2s IncrementalHoareTripleChecker+Time [2024-11-09 06:10:51,731 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [335 Valid, 470 Invalid, 1498 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [254 Valid, 1244 Invalid, 0 Unknown, 0 Unchecked, 1.2s Time] [2024-11-09 06:10:51,733 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1112 states. [2024-11-09 06:10:51,859 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1112 to 730. [2024-11-09 06:10:51,861 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 730 states, 473 states have (on average 1.1268498942917549) internal successors, (533), 516 states have internal predecessors, (533), 124 states have call successors, (124), 112 states have call predecessors, (124), 132 states have return successors, (164), 134 states have call predecessors, (164), 124 states have call successors, (164) [2024-11-09 06:10:51,865 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 730 states to 730 states and 821 transitions. [2024-11-09 06:10:51,868 INFO L78 Accepts]: Start accepts. Automaton has 730 states and 821 transitions. Word has length 96 [2024-11-09 06:10:51,869 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:10:51,869 INFO L471 AbstractCegarLoop]: Abstraction has 730 states and 821 transitions. [2024-11-09 06:10:51,870 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 20 states, 20 states have (on average 5.5) internal successors, (110), 20 states have internal predecessors, (110), 9 states have call successors, (24), 5 states have call predecessors, (24), 8 states have return successors, (25), 10 states have call predecessors, (25), 9 states have call successors, (25) [2024-11-09 06:10:51,870 INFO L276 IsEmpty]: Start isEmpty. Operand 730 states and 821 transitions. [2024-11-09 06:10:51,872 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 102 [2024-11-09 06:10:51,873 INFO L207 NwaCegarLoop]: Found error trace [2024-11-09 06:10:51,873 INFO L215 NwaCegarLoop]: trace histogram [5, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:10:51,899 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-11-09 06:10:52,073 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2024-11-09 06:10:52,075 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-09 06:10:52,075 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-09 06:10:52,075 INFO L85 PathProgramCache]: Analyzing trace with hash 63169998, now seen corresponding path program 1 times [2024-11-09 06:10:52,075 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-09 06:10:52,076 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2001995932] [2024-11-09 06:10:52,076 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:10:52,076 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-09 06:10:52,105 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:10:53,384 INFO L134 CoverageAnalysis]: Checked inductivity of 81 backedges. 15 proven. 38 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2024-11-09 06:10:53,384 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-09 06:10:53,384 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2001995932] [2024-11-09 06:10:53,385 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2001995932] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-09 06:10:53,385 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1232329713] [2024-11-09 06:10:53,385 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-09 06:10:53,385 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-09 06:10:53,385 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/z3 [2024-11-09 06:10:53,387 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-09 06:10:53,389 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2024-11-09 06:10:53,536 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-09 06:10:53,539 INFO L255 TraceCheckSpWp]: Trace formula consists of 355 conjuncts, 18 conjuncts are in the unsatisfiable core [2024-11-09 06:10:53,544 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-09 06:10:54,040 INFO L134 CoverageAnalysis]: Checked inductivity of 81 backedges. 60 proven. 15 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-11-09 06:10:54,040 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-09 06:10:54,612 INFO L134 CoverageAnalysis]: Checked inductivity of 81 backedges. 51 proven. 5 refuted. 0 times theorem prover too weak. 25 trivial. 0 not checked. [2024-11-09 06:10:54,612 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1232329713] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-09 06:10:54,612 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [662561877] [2024-11-09 06:10:54,615 INFO L159 IcfgInterpreter]: Started Sifa with 48 locations of interest [2024-11-09 06:10:54,616 INFO L166 IcfgInterpreter]: Building call graph [2024-11-09 06:10:54,617 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-09 06:10:54,617 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-09 06:10:54,617 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-09 06:10:57,054 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 151 for LOIs [2024-11-09 06:10:57,142 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 42 for LOIs [2024-11-09 06:10:57,474 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__lowWaterSensor with input of size 41 for LOIs [2024-11-09 06:10:57,554 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 41 for LOIs [2024-11-09 06:10:57,607 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 65 for LOIs [2024-11-09 06:10:57,630 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 17 for LOIs [2024-11-09 06:10:57,634 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 47 for LOIs [2024-11-09 06:10:57,645 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-09 06:11:04,228 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '14973#(and (<= ~methaneLevelCritical~0 1) (not (= 2 ~waterLevel~0)) (= |old(~pumpRunning~0)| 0) (<= 0 (+ ~waterLevel~0 2147483648)) (<= 0 ~methaneLevelCritical~0) (<= ~waterLevel~0 2147483647) (= ~switchedOnBeforeTS~0 0) (= ~pumpRunning~0 1))' at error location [2024-11-09 06:11:04,228 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-09 06:11:04,228 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-09 06:11:04,228 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [19, 11, 11] total 33 [2024-11-09 06:11:04,229 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [845792898] [2024-11-09 06:11:04,229 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-09 06:11:04,230 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 33 states [2024-11-09 06:11:04,230 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-09 06:11:04,231 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 33 interpolants. [2024-11-09 06:11:04,232 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=404, Invalid=3756, Unknown=0, NotChecked=0, Total=4160 [2024-11-09 06:11:04,233 INFO L87 Difference]: Start difference. First operand 730 states and 821 transitions. Second operand has 33 states, 31 states have (on average 4.838709677419355) internal successors, (150), 32 states have internal predecessors, (150), 18 states have call successors, (33), 8 states have call predecessors, (33), 13 states have return successors, (33), 18 states have call predecessors, (33), 17 states have call successors, (33) [2024-11-09 06:11:07,441 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-09 06:11:07,441 INFO L93 Difference]: Finished difference Result 1792 states and 2079 transitions. [2024-11-09 06:11:07,441 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 43 states. [2024-11-09 06:11:07,442 INFO L78 Accepts]: Start accepts. Automaton has has 33 states, 31 states have (on average 4.838709677419355) internal successors, (150), 32 states have internal predecessors, (150), 18 states have call successors, (33), 8 states have call predecessors, (33), 13 states have return successors, (33), 18 states have call predecessors, (33), 17 states have call successors, (33) Word has length 101 [2024-11-09 06:11:07,442 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-09 06:11:07,444 INFO L225 Difference]: With dead ends: 1792 [2024-11-09 06:11:07,445 INFO L226 Difference]: Without dead ends: 0 [2024-11-09 06:11:07,452 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 376 GetRequests, 265 SyntacticMatches, 11 SemanticMatches, 100 ConstructedPredicates, 0 IntricatePredicates, 1 DeprecatedPredicates, 4292 ImplicationChecksByTransitivity, 8.3s TimeCoverageRelationStatistics Valid=1153, Invalid=9149, Unknown=0, NotChecked=0, Total=10302 [2024-11-09 06:11:07,453 INFO L432 NwaCegarLoop]: 104 mSDtfsCounter, 1149 mSDsluCounter, 675 mSDsCounter, 0 mSdLazyCounter, 1893 mSolverCounterSat, 894 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1152 SdHoareTripleChecker+Valid, 779 SdHoareTripleChecker+Invalid, 2787 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 894 IncrementalHoareTripleChecker+Valid, 1893 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.8s IncrementalHoareTripleChecker+Time [2024-11-09 06:11:07,453 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [1152 Valid, 779 Invalid, 2787 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [894 Valid, 1893 Invalid, 0 Unknown, 0 Unchecked, 1.8s Time] [2024-11-09 06:11:07,454 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-09 06:11:07,454 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-09 06:11:07,454 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-09 06:11:07,454 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-09 06:11:07,456 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 101 [2024-11-09 06:11:07,456 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-09 06:11:07,456 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-09 06:11:07,457 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 33 states, 31 states have (on average 4.838709677419355) internal successors, (150), 32 states have internal predecessors, (150), 18 states have call successors, (33), 8 states have call predecessors, (33), 13 states have return successors, (33), 18 states have call predecessors, (33), 17 states have call successors, (33) [2024-11-09 06:11:07,457 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-09 06:11:07,457 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-09 06:11:07,460 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-09 06:11:07,485 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2024-11-09 06:11:07,664 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2024-11-09 06:11:07,667 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-09 06:11:07,668 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-09 06:11:27,437 INFO L170 ceAbstractionStarter]: Computing trace abstraction results [2024-11-09 06:11:27,480 WARN L162 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (let ((.cse0 (= |old(~pumpRunning~0)| 1)) (.cse1 (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)) (.cse2 (not (= 0 ~systemActive~0)))) (or (and .cse0 (<= ~waterLevel~0 0) .cse1 .cse2) (and .cse0 (= ~waterLevel~0 1) .cse1 .cse2))) (= ~pumpRunning~0 1)) Eliminated clause: (and (let ((.cse0 (= ~switchedOnBeforeTS~0 1)) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 (<= ~waterLevel~0 0) .cse1) (and .cse0 (= ~waterLevel~0 1) .cse1))) (= ~pumpRunning~0 1)) [2024-11-09 06:11:27,524 WARN L162 FloydHoareUtils]: Requires clause for changeMethaneLevel contained old-variable. Original clause: (let ((.cse7 (= |old(~methaneLevelCritical~0)| 0)) (.cse8 (= ~methaneLevelCritical~0 0))) (and (let ((.cse0 (= ~pumpRunning~0 0)) (.cse4 (<= ~waterLevel~0 2)) (.cse1 (= ~waterLevel~0 1)) (.cse5 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse3 (= 2 ~waterLevel~0)) (.cse2 (not (= 0 ~systemActive~0))) (.cse6 (= ~pumpRunning~0 1))) (or (and .cse0 .cse1 .cse2) (and .cse0 .cse3 .cse2) (and .cse0 .cse4 .cse5 .cse2) (and .cse0 .cse4 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and (<= ~waterLevel~0 0) .cse5 .cse2 .cse6) (and .cse1 .cse5 .cse2 .cse6) (and .cse3 .cse2 .cse6))) (or .cse7 (not .cse8)) (or (not .cse7) .cse8))) Eliminated clause: (and (let ((.cse0 (= ~pumpRunning~0 0)) (.cse6 (<= ~waterLevel~0 2)) (.cse4 (= ~switchedOnBeforeTS~0 1)) (.cse1 (= ~waterLevel~0 1)) (.cse3 (= 2 ~waterLevel~0)) (.cse2 (not (= 0 ~systemActive~0))) (.cse5 (= ~pumpRunning~0 1))) (or (and .cse0 .cse1 .cse2) (and .cse0 .cse3 .cse2) (and .cse4 (<= ~waterLevel~0 0) .cse2 .cse5) (and .cse0 .cse6 (= ~switchedOnBeforeTS~0 0) .cse2) (and .cse0 .cse6 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and .cse4 .cse1 .cse2 .cse5) (and .cse3 .cse2 .cse5))) (exists ((|old(~methaneLevelCritical~0)| Int)) (let ((.cse7 (= |old(~methaneLevelCritical~0)| 0)) (.cse8 (= ~methaneLevelCritical~0 0))) (and (or .cse7 (not .cse8)) (or (not .cse7) .cse8))))) [2024-11-09 06:11:27,550 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-09 06:11:27,568 WARN L162 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (let ((.cse1 (= 0 ~systemActive~0)) (.cse8 (= |old(~pumpRunning~0)| 0)) (.cse10 (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (let ((.cse2 (not .cse10)) (.cse0 (not .cse8)) (.cse5 (not .cse1)) (.cse3 (< |old(~pumpRunning~0)| 1)) (.cse4 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 (< |old(~switchedOnBeforeTS~0)| 1) .cse1 (<= 1 ~switchedOnBeforeTS~0)) (or .cse2 (= ~switchedOnBeforeTS~0 1) .cse3) (or .cse0 (and (= ~pumpRunning~0 0) .cse4)) (or .cse3 .cse5) (or .cse2 .cse0 .cse1 (= ~switchedOnBeforeTS~0 0)) (let ((.cse7 (= |old(~waterLevel~0)| 2)) (.cse6 (= |old(~pumpRunning~0)| 1)) (.cse9 (<= |old(~waterLevel~0)| 2))) (or (and .cse6 .cse7) (and .cse8 .cse5 .cse7) (and .cse8 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse9 .cse5) (and (= |old(~waterLevel~0)| 1) .cse8) (and .cse6 .cse10 .cse9) (and .cse8 .cse10 .cse9 .cse5))) (or .cse3 (and .cse4 (= ~pumpRunning~0 1)))))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int) (|old(~switchedOnBeforeTS~0)| Int) (|old(~waterLevel~0)| Int)) (let ((.cse6 (= |old(~pumpRunning~0)| 0)) (.cse2 (= 0 ~systemActive~0))) (let ((.cse7 (not .cse2)) (.cse8 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse1 (not .cse6)) (.cse0 (< |old(~pumpRunning~0)| 1)) (.cse9 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) (= ~switchedOnBeforeTS~0 1) .cse0) (or .cse1 (< |old(~switchedOnBeforeTS~0)| 1) (< 0 ~switchedOnBeforeTS~0) .cse2) (let ((.cse3 (= |old(~pumpRunning~0)| 1)) (.cse5 (= |old(~waterLevel~0)| 2)) (.cse4 (<= |old(~waterLevel~0)| 2))) (or (and (= |old(~switchedOnBeforeTS~0)| 1) .cse3 .cse4) (and .cse3 .cse5) (and .cse6 .cse7 .cse5) (and .cse6 (<= 1 |old(~switchedOnBeforeTS~0)|) .cse4 .cse7) (and (= |old(~waterLevel~0)| 1) .cse6) (and .cse6 .cse4 .cse7 .cse8))) (or .cse1 (and (= ~pumpRunning~0 0) .cse9)) (or .cse0 .cse7) (or (not .cse8) .cse1 .cse2 (= ~switchedOnBeforeTS~0 0)) (or .cse0 (and .cse9 (= ~pumpRunning~0 1))))))) [2024-11-09 06:11:27,590 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-09 06:11:27,595 WARN L162 FloydHoareUtils]: Requires clause for cleanup contained old-variable. Original clause: (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| 1) (= |old(~pumpRunning~0)| 0) (= ~waterLevel~0 1)) Eliminated clause: (and (= ~pumpRunning~0 0) (= ~waterLevel~0 1)) [2024-11-09 06:11:27,601 WARN L162 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (let ((.cse0 (= |old(~pumpRunning~0)| 0))) (and (or (not .cse0) (= ~pumpRunning~0 0)) (let ((.cse1 (= |old(~pumpRunning~0)| 1)) (.cse2 (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)) (.cse3 (not (= 0 ~systemActive~0)))) (or (and .cse1 (<= ~waterLevel~0 0) .cse2 .cse3) (and .cse1 (= ~waterLevel~0 1) .cse2 .cse3) (and .cse0 (<= ~waterLevel~0 2) .cse2 .cse3))) (or (< |old(~pumpRunning~0)| 1) (= ~pumpRunning~0 1)))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int)) (let ((.cse0 (= |old(~pumpRunning~0)| 0))) (and (or (not .cse0) (= ~pumpRunning~0 0)) (or (< |old(~pumpRunning~0)| 1) (= ~pumpRunning~0 1)) (let ((.cse1 (= ~switchedOnBeforeTS~0 1)) (.cse2 (= |old(~pumpRunning~0)| 1)) (.cse3 (not (= 0 ~systemActive~0)))) (or (and .cse1 .cse2 (<= ~waterLevel~0 0) .cse3) (and .cse1 .cse2 (= ~waterLevel~0 1) .cse3) (and .cse0 (<= ~waterLevel~0 2) (= ~switchedOnBeforeTS~0 0) .cse3)))))) [2024-11-09 06:11:27,607 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-09 06:11:27,617 WARN L162 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse1 (= |old(~waterLevel~0)| 2)) (.cse4 (= ~pumpRunning~0 1)) (.cse0 (= ~pumpRunning~0 0)) (.cse3 (<= |old(~waterLevel~0)| 2)) (.cse5 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse2 (not (= 0 ~systemActive~0)))) (or (and (or (and .cse0 .cse1) (and .cse0 (= |old(~waterLevel~0)| 1))) .cse2) (and .cse0 (<= 1 ~switchedOnBeforeTS~0) .cse3 .cse2) (and .cse2 .cse1 .cse4) (and .cse3 .cse5 .cse2 .cse4) (and .cse0 .cse3 .cse5 .cse2))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse1 (<= ~waterLevel~0 2)) (.cse4 (= ~pumpRunning~0 1)) (.cse3 (= 2 ~waterLevel~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse2 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 (= ~switchedOnBeforeTS~0 0) .cse2) (and .cse0 .cse1 (<= 1 ~switchedOnBeforeTS~0) .cse2) (and .cse3 .cse2 .cse4) (and (= ~switchedOnBeforeTS~0 1) .cse1 .cse2 .cse4) (and (or (and .cse0 .cse3) (and .cse0 (= ~waterLevel~0 1))) .cse2))) [2024-11-09 06:11:27,636 WARN L162 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__lowWaterSensor contained old-variable. Original clause: (let ((.cse0 (= |old(~pumpRunning~0)| 0))) (and (or (not .cse0) (= ~pumpRunning~0 0)) (let ((.cse1 (= |old(~pumpRunning~0)| 1)) (.cse2 (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)) (.cse3 (not (= 0 ~systemActive~0)))) (or (and .cse1 (<= ~waterLevel~0 0) .cse2 .cse3) (and .cse1 (= ~waterLevel~0 1) .cse2 .cse3) (and .cse0 (<= ~waterLevel~0 2) .cse2 .cse3))) (or (< |old(~pumpRunning~0)| 1) (= ~pumpRunning~0 1)))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int)) (let ((.cse0 (= |old(~pumpRunning~0)| 0))) (and (or (not .cse0) (= ~pumpRunning~0 0)) (or (< |old(~pumpRunning~0)| 1) (= ~pumpRunning~0 1)) (let ((.cse1 (= ~switchedOnBeforeTS~0 1)) (.cse2 (= |old(~pumpRunning~0)| 1)) (.cse3 (not (= 0 ~systemActive~0)))) (or (and .cse1 .cse2 (<= ~waterLevel~0 0) .cse3) (and .cse1 .cse2 (= ~waterLevel~0 1) .cse3) (and .cse0 (<= ~waterLevel~0 2) (= ~switchedOnBeforeTS~0 0) .cse3)))))) [2024-11-09 06:11:27,641 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-09 06:11:27,658 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 09.11 06:11:27 BoogieIcfgContainer [2024-11-09 06:11:27,658 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-09 06:11:27,659 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-09 06:11:27,659 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-09 06:11:27,659 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-09 06:11:27,660 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 09.11 06:09:56" (3/4) ... [2024-11-09 06:11:27,663 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-09 06:11:27,672 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-09 06:11:27,673 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-09 06:11:27,673 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-09 06:11:27,673 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-09 06:11:27,676 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-09 06:11:27,676 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-09 06:11:27,677 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-09 06:11:27,677 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__lowWaterSensor [2024-11-09 06:11:27,677 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-09 06:11:27,689 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 50 nodes and edges [2024-11-09 06:11:27,693 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 12 nodes and edges [2024-11-09 06:11:27,693 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-09 06:11:27,694 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-09 06:11:27,694 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-09 06:11:27,724 WARN L216 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((pumpRunning == 0) && (\old(waterLevel) == 1)) && (\old(pumpRunning) == 0)) && (waterLevel == 1)) [2024-11-09 06:11:27,767 WARN L141 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((pumpRunning == 0) && (\old(waterLevel) == 1)) && (\old(pumpRunning) == 0)) && (waterLevel == 1)) [2024-11-09 06:11:27,870 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/witness.graphml [2024-11-09 06:11:27,875 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/witness.yml [2024-11-09 06:11:27,876 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-09 06:11:27,876 INFO L158 Benchmark]: Toolchain (without parser) took 93262.83ms. Allocated memory was 134.2MB in the beginning and 700.4MB in the end (delta: 566.2MB). Free memory was 91.7MB in the beginning and 658.3MB in the end (delta: -566.7MB). Peak memory consumption was 272.2MB. Max. memory is 16.1GB. [2024-11-09 06:11:27,877 INFO L158 Benchmark]: CDTParser took 0.30ms. Allocated memory is still 134.2MB. Free memory is still 80.4MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-09 06:11:27,877 INFO L158 Benchmark]: CACSL2BoogieTranslator took 762.42ms. Allocated memory is still 134.2MB. Free memory was 91.3MB in the beginning and 69.3MB in the end (delta: 22.0MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. [2024-11-09 06:11:27,877 INFO L158 Benchmark]: Boogie Procedure Inliner took 91.50ms. Allocated memory was 134.2MB in the beginning and 174.1MB in the end (delta: 39.8MB). Free memory was 69.3MB in the beginning and 143.9MB in the end (delta: -74.6MB). Peak memory consumption was 6.9MB. Max. memory is 16.1GB. [2024-11-09 06:11:27,878 INFO L158 Benchmark]: Boogie Preprocessor took 53.75ms. Allocated memory is still 174.1MB. Free memory was 143.9MB in the beginning and 145.0MB in the end (delta: -1.1MB). Peak memory consumption was 5.0MB. Max. memory is 16.1GB. [2024-11-09 06:11:27,881 INFO L158 Benchmark]: RCFGBuilder took 1002.02ms. Allocated memory is still 174.1MB. Free memory was 145.0MB in the beginning and 113.6MB in the end (delta: 31.5MB). Peak memory consumption was 31.5MB. Max. memory is 16.1GB. [2024-11-09 06:11:27,886 INFO L158 Benchmark]: TraceAbstraction took 91128.29ms. Allocated memory was 174.1MB in the beginning and 700.4MB in the end (delta: 526.4MB). Free memory was 112.8MB in the beginning and 398.6MB in the end (delta: -285.8MB). Peak memory consumption was 395.2MB. Max. memory is 16.1GB. [2024-11-09 06:11:27,887 INFO L158 Benchmark]: Witness Printer took 217.17ms. Allocated memory is still 700.4MB. Free memory was 398.6MB in the beginning and 658.3MB in the end (delta: -259.8MB). Peak memory consumption was 10.8MB. Max. memory is 16.1GB. [2024-11-09 06:11:27,890 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.30ms. Allocated memory is still 134.2MB. Free memory is still 80.4MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 762.42ms. Allocated memory is still 134.2MB. Free memory was 91.3MB in the beginning and 69.3MB in the end (delta: 22.0MB). Peak memory consumption was 23.1MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 91.50ms. Allocated memory was 134.2MB in the beginning and 174.1MB in the end (delta: 39.8MB). Free memory was 69.3MB in the beginning and 143.9MB in the end (delta: -74.6MB). Peak memory consumption was 6.9MB. Max. memory is 16.1GB. * Boogie Preprocessor took 53.75ms. Allocated memory is still 174.1MB. Free memory was 143.9MB in the beginning and 145.0MB in the end (delta: -1.1MB). Peak memory consumption was 5.0MB. Max. memory is 16.1GB. * RCFGBuilder took 1002.02ms. Allocated memory is still 174.1MB. Free memory was 145.0MB in the beginning and 113.6MB in the end (delta: 31.5MB). Peak memory consumption was 31.5MB. Max. memory is 16.1GB. * TraceAbstraction took 91128.29ms. Allocated memory was 174.1MB in the beginning and 700.4MB in the end (delta: 526.4MB). Free memory was 112.8MB in the beginning and 398.6MB in the end (delta: -285.8MB). Peak memory consumption was 395.2MB. Max. memory is 16.1GB. * Witness Printer took 217.17ms. Allocated memory is still 700.4MB. Free memory was 398.6MB in the beginning and 658.3MB in the end (delta: -259.8MB). Peak memory consumption was 10.8MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [49] - GenericResultAtLocation [Line: 101]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [101] - GenericResultAtLocation [Line: 211]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [211] - GenericResultAtLocation [Line: 220]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [220] - GenericResultAtLocation [Line: 323]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [323] - GenericResultAtLocation [Line: 560]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [560] - GenericResultAtLocation [Line: 627]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [627] - GenericResultAtLocation [Line: 662]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [662] - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 216]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 10 procedures, 69 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 71.0s, OverallIterations: 11, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 8.8s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2374 SdHoareTripleChecker+Valid, 5.1s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2349 mSDsluCounter, 3416 SdHoareTripleChecker+Invalid, 4.3s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2474 mSDsCounter, 1409 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 4694 IncrementalHoareTripleChecker+Invalid, 6103 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 1409 mSolverCounterUnsat, 942 mSDtfsCounter, 4694 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 1012 GetRequests, 725 SyntacticMatches, 20 SemanticMatches, 267 ConstructedPredicates, 0 IntricatePredicates, 1 DeprecatedPredicates, 7322 ImplicationChecksByTransitivity, 34.5s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=730occurred in iteration=10, InterpolantAutomatonStates: 142, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.7s AutomataMinimizationTime, 11 MinimizatonAttempts, 504 StatesRemovedByMinimization, 6 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.4s SatisfiabilityAnalysisTime, 5.7s InterpolantComputationTime, 953 NumberOfCodeBlocks, 953 NumberOfCodeBlocksAsserted, 14 NumberOfCheckSat, 1207 ConstructedInterpolants, 0 QuantifiedInterpolants, 3137 SizeOfPredicates, 9 NumberOfNonLiveVariables, 978 ConjunctsInSsa, 37 ConjunctsInUnsatCore, 17 InterpolantComputations, 8 PerfectInterpolantSequences, 610/695 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 571]: Loop Invariant Derived loop invariant: ((((((((((((((((methaneLevelCritical != 0) && (switchedOnBeforeTS == 1)) && (splverifierCounter == 0)) && (waterLevel == 1)) && (0 != systemActive)) && (pumpRunning == 1)) || ((((((pumpRunning == 0) && (2 == waterLevel)) && (methaneLevelCritical == 0)) && (splverifierCounter == 0)) && (switchedOnBeforeTS == 0)) && (0 != systemActive))) || ((((((pumpRunning == 0) && (waterLevel <= 1)) && (methaneLevelCritical != 0)) && (splverifierCounter == 0)) && (switchedOnBeforeTS == 0)) && (0 != systemActive))) || ((((((pumpRunning == 0) && (2 == waterLevel)) && (methaneLevelCritical != 0)) && (splverifierCounter == 0)) && (switchedOnBeforeTS == 0)) && (0 != systemActive))) || ((((pumpRunning == 0) && (splverifierCounter == 0)) && (waterLevel == 1)) && (0 != systemActive))) || ((((((methaneLevelCritical == 0) && (switchedOnBeforeTS == 1)) && (splverifierCounter == 0)) && (waterLevel == 1)) && (0 != systemActive)) && (pumpRunning == 1))) || ((((((pumpRunning == 0) && (methaneLevelCritical == 0)) && (waterLevel <= 1)) && (splverifierCounter == 0)) && (switchedOnBeforeTS == 0)) && (0 != systemActive))) || ((((2 == waterLevel) && (splverifierCounter == 0)) && (0 != systemActive)) && (pumpRunning == 1))) || (((((pumpRunning == 0) && (waterLevel <= 1)) && (splverifierCounter == 0)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((((((methaneLevelCritical != 0) && (switchedOnBeforeTS == 1)) && (splverifierCounter == 0)) && (waterLevel <= 0)) && (0 != systemActive)) && (pumpRunning == 1))) || ((((((methaneLevelCritical == 0) && (switchedOnBeforeTS == 1)) && (splverifierCounter == 0)) && (waterLevel <= 0)) && (0 != systemActive)) && (pumpRunning == 1))) - InvariantResult [Line: 570]: Location Invariant Derived location invariant: ((pumpRunning == 0) && (waterLevel == 1)) - InvariantResult [Line: 233]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0) && (\old(waterLevel) == 1)) && (\old(pumpRunning) == 0)) && (waterLevel == 1)) - ProcedureContractResult [Line: 450]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: (((((switchedOnBeforeTS == 1) && (waterLevel <= 0)) && (0 != systemActive)) || (((switchedOnBeforeTS == 1) && (waterLevel == 1)) && (0 != systemActive))) && (pumpRunning == 1)) Ensures: (((pumpRunning == 0) && (((((switchedOnBeforeTS == 1) && (\old(pumpRunning) == 1)) && (waterLevel <= 0)) && (0 != systemActive)) || ((((switchedOnBeforeTS == 1) && (\old(pumpRunning) == 1)) && (waterLevel == 1)) && (0 != systemActive)))) && ((((((switchedOnBeforeTS == \old(switchedOnBeforeTS)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 357]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: ((((((switchedOnBeforeTS == 1) && (waterLevel <= 0)) && (0 != systemActive)) && (pumpRunning == 1)) || ((((pumpRunning == 0) && (waterLevel <= 2)) && (switchedOnBeforeTS == 0)) && (0 != systemActive))) || ((((switchedOnBeforeTS == 1) && (waterLevel == 1)) && (0 != systemActive)) && (pumpRunning == 1))) Ensures: (((((((switchedOnBeforeTS == 1) && (waterLevel <= 0)) && (0 != systemActive)) && (pumpRunning == 1)) || ((((pumpRunning == 0) && (waterLevel <= 2)) && (switchedOnBeforeTS == 0)) && (0 != systemActive))) || ((((switchedOnBeforeTS == 1) && (waterLevel == 1)) && (0 != systemActive)) && (pumpRunning == 1))) && (((((((switchedOnBeforeTS == \old(switchedOnBeforeTS)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 135]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: (((((((((pumpRunning == 0) && (waterLevel == 1)) && (0 != systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (0 != systemActive))) || ((((switchedOnBeforeTS == 1) && (waterLevel <= 0)) && (0 != systemActive)) && (pumpRunning == 1))) || ((((pumpRunning == 0) && (waterLevel <= 2)) && (switchedOnBeforeTS == 0)) && (0 != systemActive))) || ((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((((switchedOnBeforeTS == 1) && (waterLevel == 1)) && (0 != systemActive)) && (pumpRunning == 1))) || (((2 == waterLevel) && (0 != systemActive)) && (pumpRunning == 1))) Ensures: ((((((((((((pumpRunning == 0) && (waterLevel == 1)) && (0 != systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (0 != systemActive))) || ((((switchedOnBeforeTS == 1) && (waterLevel <= 0)) && (0 != systemActive)) && (pumpRunning == 1))) || ((((pumpRunning == 0) && (waterLevel <= 2)) && (switchedOnBeforeTS == 0)) && (0 != systemActive))) || ((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((((switchedOnBeforeTS == 1) && (waterLevel == 1)) && (0 != systemActive)) && (pumpRunning == 1))) || (((2 == waterLevel) && (0 != systemActive)) && (pumpRunning == 1))) && ((methaneLevelCritical == 0) || (\old(methaneLevelCritical) == 0))) && ((\old(methaneLevelCritical) != 0) || (methaneLevelCritical != 0))) && ((((((switchedOnBeforeTS == \old(switchedOnBeforeTS)) && (waterLevel == \old(waterLevel))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 330]: Procedure Contract for timeShift Derived contract for procedure timeShift. Ensures: ((((((((0 < \old(waterLevel)) || (\old(waterLevel) == waterLevel)) && (((\old(pumpRunning) != 0) || (\old(waterLevel) != 1)) || ((pumpRunning == 0) && (waterLevel == 1)))) && (((((((((\old(switchedOnBeforeTS) == 1) && (\old(pumpRunning) == 1)) && (\old(waterLevel) <= 2)) && (0 != systemActive)) || (((\old(pumpRunning) == 1) && (0 != systemActive)) && (\old(waterLevel) == 2))) || (((\old(pumpRunning) == 0) && (0 != systemActive)) && (\old(waterLevel) == 2))) || ((((\old(pumpRunning) == 0) && (1 <= \old(switchedOnBeforeTS))) && (\old(waterLevel) <= 2)) && (0 != systemActive))) || ((\old(waterLevel) == 1) && (\old(pumpRunning) == 0))) || ((((\old(pumpRunning) == 0) && (\old(waterLevel) <= 2)) && (0 != systemActive)) && (\old(switchedOnBeforeTS) == 0)))) && ((((1 < \old(waterLevel)) || (\old(pumpRunning) != 0)) || ((pumpRunning == 0) && (switchedOnBeforeTS == 0))) || (0 == systemActive))) && (((((pumpRunning == 0) && (1 <= switchedOnBeforeTS)) && ((\old(waterLevel) < 1) || (\old(waterLevel) == ((long long) waterLevel + 1)))) || (((switchedOnBeforeTS == 1) && ((\old(waterLevel) < 1) || (\old(waterLevel) == ((long long) waterLevel + 1)))) && (pumpRunning == 1))) || (\old(pumpRunning) < 1))) && ((((\old(pumpRunning) != 0) || (((pumpRunning == 0) && (2 == waterLevel)) && (switchedOnBeforeTS == 0))) || (\old(waterLevel) != 2)) || ((2 == waterLevel) && (pumpRunning == 1)))) && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 223]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: ((pumpRunning == 0) && (waterLevel == 1)) Ensures: (((\old(waterLevel) == 1) && (\old(pumpRunning) == 0)) && ((((methaneLevelCritical == \old(methaneLevelCritical)) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 365]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Ensures: ((((((\old(pumpRunning) < 1) || (pumpRunning == 1)) && ((((((switchedOnBeforeTS == 1) && (\old(pumpRunning) == 1)) && (waterLevel <= 0)) && (0 != systemActive)) || ((((switchedOnBeforeTS == 1) && (\old(pumpRunning) == 1)) && (waterLevel == 1)) && (0 != systemActive))) || ((((\old(pumpRunning) == 0) && (waterLevel <= 2)) && (switchedOnBeforeTS == 0)) && (0 != systemActive)))) && (((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (1 < waterLevel))) && ((pumpRunning == 0) || (pumpRunning == 1))) && ((((((switchedOnBeforeTS == \old(switchedOnBeforeTS)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 123]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((((((pumpRunning == 0) && (waterLevel <= 2)) && (switchedOnBeforeTS == 0)) && (0 != systemActive)) || ((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((2 == waterLevel) && (0 != systemActive)) && (pumpRunning == 1))) || ((((switchedOnBeforeTS == 1) && (waterLevel <= 2)) && (0 != systemActive)) && (pumpRunning == 1))) || ((((pumpRunning == 0) && (2 == waterLevel)) || ((pumpRunning == 0) && (waterLevel == 1))) && (0 != systemActive))) Ensures: ((((((((2 == waterLevel) && (0 != systemActive)) || (\old(waterLevel) != 2)) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && (((0 < \old(waterLevel)) || (pumpRunning != 1)) || (waterLevel < 2))) && ((((((((switchedOnBeforeTS == 1) && (\old(waterLevel) <= 2)) && (0 != systemActive)) && (pumpRunning == 1)) || ((((pumpRunning == 0) && (\old(waterLevel) == 2)) || ((pumpRunning == 0) && (\old(waterLevel) == 1))) && (0 != systemActive))) || ((((pumpRunning == 0) && (\old(waterLevel) <= 2)) && (switchedOnBeforeTS == 0)) && (0 != systemActive))) || ((((pumpRunning == 0) && (1 <= switchedOnBeforeTS)) && (\old(waterLevel) <= 2)) && (0 != systemActive))) || ((\old(waterLevel) == 2) && (pumpRunning == 1)))) && (waterLevel <= 2)) && ((((((switchedOnBeforeTS == \old(switchedOnBeforeTS)) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 391]: Procedure Contract for processEnvironment__wrappee__lowWaterSensor Derived contract for procedure processEnvironment__wrappee__lowWaterSensor. Ensures: (((((((((switchedOnBeforeTS == 1) && (\old(pumpRunning) == 1)) && (waterLevel <= 0)) && (0 != systemActive)) || ((((switchedOnBeforeTS == 1) && (\old(pumpRunning) == 1)) && (waterLevel == 1)) && (0 != systemActive))) || ((((\old(pumpRunning) == 0) && (waterLevel <= 2)) && (switchedOnBeforeTS == 0)) && (0 != systemActive))) && (((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (1 < waterLevel))) && ((pumpRunning == 0) || (pumpRunning == 1))) && ((((((switchedOnBeforeTS == \old(switchedOnBeforeTS)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (systemActive == \old(systemActive))) && (head == \old(head)))) - ProcedureContractResult [Line: 469]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: ((((((((pumpRunning == 0) && (waterLevel == 1)) && (0 != systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (0 != systemActive))) || ((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (switchedOnBeforeTS == 0)) && (0 != systemActive))) || (((2 == waterLevel) && (0 != systemActive)) && (pumpRunning == 1))) || ((((switchedOnBeforeTS == 1) && (waterLevel <= 2)) && (0 != systemActive)) && (pumpRunning == 1))) Ensures: (((((pumpRunning != 0) || (\result == 0)) && ((((((((pumpRunning == 0) && (waterLevel == 1)) && (0 != systemActive)) || (((pumpRunning == 0) && (2 == waterLevel)) && (0 != systemActive))) || ((((pumpRunning == 0) && (waterLevel <= 2)) && (1 <= switchedOnBeforeTS)) && (0 != systemActive))) || (((switchedOnBeforeTS == 1) && (waterLevel <= 2)) && (pumpRunning == 1))) || ((((pumpRunning == 0) && (waterLevel <= 1)) && (switchedOnBeforeTS == 0)) && (0 != systemActive))) || ((2 == waterLevel) && (pumpRunning == 1)))) && ((pumpRunning == 0) || ((\result == 1) && (0 != systemActive)))) && (((((((switchedOnBeforeTS == \old(switchedOnBeforeTS)) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (head == \old(head)))) RESULT: Ultimate proved your program to be correct! [2024-11-09 06:11:28,004 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_2ec69c2e-9280-4f85-ad95-26be8d0df72b/bin/utaipan-verify-YMUCfTKeje/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE