./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 826ab2ba Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/bin/utaipan-verify-sOmjnqqW8E/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/bin/utaipan-verify-sOmjnqqW8E/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/bin/utaipan-verify-sOmjnqqW8E/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/bin/utaipan-verify-sOmjnqqW8E/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/bin/utaipan-verify-sOmjnqqW8E/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/bin/utaipan-verify-sOmjnqqW8E --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 34b47c00ac265c7154b048b065075686f0b0d02157935b615817b802464c404c --- Real Ultimate output --- This is Ultimate 0.3.0-dev-826ab2b [2024-11-14 05:11:24,588 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-14 05:11:24,643 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/bin/utaipan-verify-sOmjnqqW8E/config/svcomp-Reach-32bit-Taipan_Default.epf [2024-11-14 05:11:24,648 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-14 05:11:24,648 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-14 05:11:24,670 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-14 05:11:24,671 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-14 05:11:24,671 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-14 05:11:24,671 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-14 05:11:24,672 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-14 05:11:24,672 INFO L153 SettingsManager]: * User list type=DISABLED [2024-11-14 05:11:24,672 INFO L151 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2024-11-14 05:11:24,672 INFO L153 SettingsManager]: * Explicit value domain=true [2024-11-14 05:11:24,672 INFO L153 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2024-11-14 05:11:24,672 INFO L153 SettingsManager]: * Octagon Domain=false [2024-11-14 05:11:24,672 INFO L153 SettingsManager]: * Abstract domain=CompoundDomain [2024-11-14 05:11:24,672 INFO L153 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2024-11-14 05:11:24,673 INFO L153 SettingsManager]: * Use the RCFG-of-the-future interface=true [2024-11-14 05:11:24,673 INFO L153 SettingsManager]: * Interval Domain=false [2024-11-14 05:11:24,673 INFO L151 SettingsManager]: Preferences of Sifa differ from their defaults: [2024-11-14 05:11:24,673 INFO L153 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2024-11-14 05:11:24,673 INFO L153 SettingsManager]: * Simplification Technique=POLY_PAC [2024-11-14 05:11:24,674 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-14 05:11:24,674 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-14 05:11:24,674 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-14 05:11:24,674 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-14 05:11:24,674 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-14 05:11:24,674 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-14 05:11:24,675 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-14 05:11:24,675 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-14 05:11:24,675 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-14 05:11:24,675 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-14 05:11:24,675 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-14 05:11:24,675 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-14 05:11:24,675 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-14 05:11:24,676 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-14 05:11:24,676 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-14 05:11:24,676 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-14 05:11:24,676 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2024-11-14 05:11:24,676 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-14 05:11:24,676 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-14 05:11:24,676 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-14 05:11:24,677 INFO L153 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2024-11-14 05:11:24,677 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-14 05:11:24,677 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-14 05:11:24,677 INFO L153 SettingsManager]: * Trace refinement exception blacklist=NONE [2024-11-14 05:11:24,677 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-14 05:11:24,677 INFO L153 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/bin/utaipan-verify-sOmjnqqW8E Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 34b47c00ac265c7154b048b065075686f0b0d02157935b615817b802464c404c [2024-11-14 05:11:24,945 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-14 05:11:24,956 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-14 05:11:24,961 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-14 05:11:24,963 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-14 05:11:24,964 INFO L274 PluginConnector]: CDTParser initialized [2024-11-14 05:11:24,966 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/bin/utaipan-verify-sOmjnqqW8E/../../sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c Unable to find full path for "g++" [2024-11-14 05:11:26,884 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-14 05:11:27,220 INFO L384 CDTParser]: Found 1 translation units. [2024-11-14 05:11:27,221 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c [2024-11-14 05:11:27,233 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/bin/utaipan-verify-sOmjnqqW8E/data/cd3115720/1de40205e98341369d40c721f354d3e1/FLAGba6f98557 [2024-11-14 05:11:27,255 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/bin/utaipan-verify-sOmjnqqW8E/data/cd3115720/1de40205e98341369d40c721f354d3e1 [2024-11-14 05:11:27,257 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-14 05:11:27,258 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-14 05:11:27,260 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-14 05:11:27,260 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-14 05:11:27,263 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-14 05:11:27,264 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 14.11 05:11:27" (1/1) ... [2024-11-14 05:11:27,265 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@6dfe2769 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:11:27, skipping insertion in model container [2024-11-14 05:11:27,265 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 14.11 05:11:27" (1/1) ... [2024-11-14 05:11:27,296 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-14 05:11:27,689 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c[19180,19193] [2024-11-14 05:11:27,697 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-14 05:11:27,713 INFO L200 MainTranslator]: Completed pre-run [2024-11-14 05:11:27,722 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] [2024-11-14 05:11:27,724 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [313] [2024-11-14 05:11:27,724 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [364] [2024-11-14 05:11:27,724 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [434] [2024-11-14 05:11:27,725 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [800] [2024-11-14 05:11:27,725 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [903] [2024-11-14 05:11:27,726 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1003] [2024-11-14 05:11:27,726 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1012] [2024-11-14 05:11:27,828 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/sv-benchmarks/c/product-lines/minepump_spec5_product62.cil.c[19180,19193] [2024-11-14 05:11:27,830 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-14 05:11:27,850 INFO L204 MainTranslator]: Completed translation [2024-11-14 05:11:27,850 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:11:27 WrapperNode [2024-11-14 05:11:27,851 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-14 05:11:27,852 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-14 05:11:27,852 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-14 05:11:27,852 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-14 05:11:27,858 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:11:27" (1/1) ... [2024-11-14 05:11:27,869 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:11:27" (1/1) ... [2024-11-14 05:11:27,898 INFO L138 Inliner]: procedures = 60, calls = 108, calls flagged for inlining = 26, calls inlined = 23, statements flattened = 243 [2024-11-14 05:11:27,898 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-14 05:11:27,903 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-14 05:11:27,903 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-14 05:11:27,903 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-14 05:11:27,913 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:11:27" (1/1) ... [2024-11-14 05:11:27,913 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:11:27" (1/1) ... [2024-11-14 05:11:27,915 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:11:27" (1/1) ... [2024-11-14 05:11:27,915 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:11:27" (1/1) ... [2024-11-14 05:11:27,922 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:11:27" (1/1) ... [2024-11-14 05:11:27,932 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:11:27" (1/1) ... [2024-11-14 05:11:27,934 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:11:27" (1/1) ... [2024-11-14 05:11:27,938 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:11:27" (1/1) ... [2024-11-14 05:11:27,944 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-14 05:11:27,945 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-14 05:11:27,945 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-14 05:11:27,945 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-14 05:11:27,950 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:11:27" (1/1) ... [2024-11-14 05:11:27,960 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2024-11-14 05:11:27,976 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/bin/utaipan-verify-sOmjnqqW8E/z3 [2024-11-14 05:11:27,990 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/bin/utaipan-verify-sOmjnqqW8E/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2024-11-14 05:11:27,995 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/bin/utaipan-verify-sOmjnqqW8E/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2024-11-14 05:11:28,025 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-14 05:11:28,026 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2024-11-14 05:11:28,026 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2024-11-14 05:11:28,026 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-14 05:11:28,026 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-14 05:11:28,026 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-14 05:11:28,026 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-14 05:11:28,026 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2024-11-14 05:11:28,027 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2024-11-14 05:11:28,027 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-14 05:11:28,027 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-14 05:11:28,028 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__methaneQuery [2024-11-14 05:11:28,028 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__methaneQuery [2024-11-14 05:11:28,028 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-14 05:11:28,028 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-14 05:11:28,028 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2024-11-14 05:11:28,029 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2024-11-14 05:11:28,030 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-14 05:11:28,030 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-14 05:11:28,030 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2024-11-14 05:11:28,030 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-14 05:11:28,030 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-14 05:11:28,030 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-14 05:11:28,030 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-14 05:11:28,142 INFO L238 CfgBuilder]: Building ICFG [2024-11-14 05:11:28,146 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-14 05:11:28,581 INFO L? ?]: Removed 52 outVars from TransFormulas that were not future-live. [2024-11-14 05:11:28,581 INFO L287 CfgBuilder]: Performing block encoding [2024-11-14 05:11:28,726 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-14 05:11:28,726 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-14 05:11:28,726 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.11 05:11:28 BoogieIcfgContainer [2024-11-14 05:11:28,726 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-14 05:11:28,729 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-14 05:11:28,729 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-14 05:11:28,734 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-14 05:11:28,734 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 14.11 05:11:27" (1/3) ... [2024-11-14 05:11:28,734 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3e0071ff and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 14.11 05:11:28, skipping insertion in model container [2024-11-14 05:11:28,735 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:11:27" (2/3) ... [2024-11-14 05:11:28,735 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@3e0071ff and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 14.11 05:11:28, skipping insertion in model container [2024-11-14 05:11:28,735 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.11 05:11:28" (3/3) ... [2024-11-14 05:11:28,736 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product62.cil.c [2024-11-14 05:11:28,752 INFO L217 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-14 05:11:28,754 INFO L154 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec5_product62.cil.c that has 11 procedures, 75 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2024-11-14 05:11:28,805 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-14 05:11:28,816 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@5f116743, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-14 05:11:28,816 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-14 05:11:28,820 INFO L276 IsEmpty]: Start isEmpty. Operand has 75 states, 45 states have (on average 1.4) internal successors, (63), 55 states have internal predecessors, (63), 18 states have call successors, (18), 10 states have call predecessors, (18), 10 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) [2024-11-14 05:11:28,829 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2024-11-14 05:11:28,829 INFO L207 NwaCegarLoop]: Found error trace [2024-11-14 05:11:28,830 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-14 05:11:28,830 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-14 05:11:28,834 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-14 05:11:28,835 INFO L85 PathProgramCache]: Analyzing trace with hash -14842909, now seen corresponding path program 1 times [2024-11-14 05:11:28,843 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-14 05:11:28,844 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1071583715] [2024-11-14 05:11:28,844 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-14 05:11:28,844 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-14 05:11:28,932 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-14 05:11:28,991 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-11-14 05:11:28,991 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-14 05:11:28,992 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1071583715] [2024-11-14 05:11:28,992 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1071583715] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-14 05:11:28,992 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-14 05:11:28,993 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-14 05:11:28,994 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [456897871] [2024-11-14 05:11:28,995 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-14 05:11:28,998 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-14 05:11:28,999 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-14 05:11:29,017 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-14 05:11:29,018 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-14 05:11:29,020 INFO L87 Difference]: Start difference. First operand has 75 states, 45 states have (on average 1.4) internal successors, (63), 55 states have internal predecessors, (63), 18 states have call successors, (18), 10 states have call predecessors, (18), 10 states have return successors, (18), 13 states have call predecessors, (18), 18 states have call successors, (18) Second operand has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-14 05:11:29,131 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-14 05:11:29,131 INFO L93 Difference]: Finished difference Result 148 states and 199 transitions. [2024-11-14 05:11:29,133 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-14 05:11:29,135 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 21 [2024-11-14 05:11:29,136 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-14 05:11:29,145 INFO L225 Difference]: With dead ends: 148 [2024-11-14 05:11:29,145 INFO L226 Difference]: Without dead ends: 70 [2024-11-14 05:11:29,148 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-14 05:11:29,151 INFO L432 NwaCegarLoop]: 78 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 78 SdHoareTripleChecker+Invalid, 19 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-14 05:11:29,152 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 78 Invalid, 19 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-14 05:11:29,165 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 70 states. [2024-11-14 05:11:29,186 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 70 to 70. [2024-11-14 05:11:29,187 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 70 states, 42 states have (on average 1.3095238095238095) internal successors, (55), 51 states have internal predecessors, (55), 18 states have call successors, (18), 10 states have call predecessors, (18), 9 states have return successors, (17), 12 states have call predecessors, (17), 17 states have call successors, (17) [2024-11-14 05:11:29,192 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 70 states to 70 states and 90 transitions. [2024-11-14 05:11:29,194 INFO L78 Accepts]: Start accepts. Automaton has 70 states and 90 transitions. Word has length 21 [2024-11-14 05:11:29,194 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-14 05:11:29,194 INFO L471 AbstractCegarLoop]: Abstraction has 70 states and 90 transitions. [2024-11-14 05:11:29,194 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-14 05:11:29,195 INFO L276 IsEmpty]: Start isEmpty. Operand 70 states and 90 transitions. [2024-11-14 05:11:29,196 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2024-11-14 05:11:29,197 INFO L207 NwaCegarLoop]: Found error trace [2024-11-14 05:11:29,197 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-14 05:11:29,197 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-14 05:11:29,197 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-14 05:11:29,198 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-14 05:11:29,198 INFO L85 PathProgramCache]: Analyzing trace with hash -1851967162, now seen corresponding path program 1 times [2024-11-14 05:11:29,198 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-14 05:11:29,198 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [283532886] [2024-11-14 05:11:29,198 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-14 05:11:29,198 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-14 05:11:29,230 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-14 05:11:29,512 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2024-11-14 05:11:29,512 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-14 05:11:29,516 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [283532886] [2024-11-14 05:11:29,516 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [283532886] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-14 05:11:29,516 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-14 05:11:29,516 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-14 05:11:29,516 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [597702826] [2024-11-14 05:11:29,516 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-14 05:11:29,517 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-14 05:11:29,517 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-14 05:11:29,518 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-14 05:11:29,518 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-14 05:11:29,518 INFO L87 Difference]: Start difference. First operand 70 states and 90 transitions. Second operand has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-14 05:11:29,898 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-14 05:11:29,898 INFO L93 Difference]: Finished difference Result 186 states and 253 transitions. [2024-11-14 05:11:29,899 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-14 05:11:29,899 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 24 [2024-11-14 05:11:29,899 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-14 05:11:29,902 INFO L225 Difference]: With dead ends: 186 [2024-11-14 05:11:29,902 INFO L226 Difference]: Without dead ends: 118 [2024-11-14 05:11:29,905 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-14 05:11:29,906 INFO L432 NwaCegarLoop]: 78 mSDtfsCounter, 54 mSDsluCounter, 256 mSDsCounter, 0 mSdLazyCounter, 130 mSolverCounterSat, 7 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 55 SdHoareTripleChecker+Valid, 334 SdHoareTripleChecker+Invalid, 137 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 7 IncrementalHoareTripleChecker+Valid, 130 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-14 05:11:29,906 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [55 Valid, 334 Invalid, 137 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [7 Valid, 130 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-14 05:11:29,908 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 118 states. [2024-11-14 05:11:29,924 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 118 to 118. [2024-11-14 05:11:29,924 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 118 states, 74 states have (on average 1.2432432432432432) internal successors, (92), 82 states have internal predecessors, (92), 26 states have call successors, (26), 19 states have call predecessors, (26), 17 states have return successors, (34), 22 states have call predecessors, (34), 24 states have call successors, (34) [2024-11-14 05:11:29,926 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 118 states to 118 states and 152 transitions. [2024-11-14 05:11:29,927 INFO L78 Accepts]: Start accepts. Automaton has 118 states and 152 transitions. Word has length 24 [2024-11-14 05:11:29,927 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-14 05:11:29,927 INFO L471 AbstractCegarLoop]: Abstraction has 118 states and 152 transitions. [2024-11-14 05:11:29,927 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 3.8) internal successors, (19), 5 states have internal predecessors, (19), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2024-11-14 05:11:29,927 INFO L276 IsEmpty]: Start isEmpty. Operand 118 states and 152 transitions. [2024-11-14 05:11:29,929 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 54 [2024-11-14 05:11:29,929 INFO L207 NwaCegarLoop]: Found error trace [2024-11-14 05:11:29,929 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-14 05:11:29,929 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-14 05:11:29,930 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-14 05:11:29,930 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-14 05:11:29,930 INFO L85 PathProgramCache]: Analyzing trace with hash -1933468463, now seen corresponding path program 1 times [2024-11-14 05:11:29,930 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-14 05:11:29,930 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2005578916] [2024-11-14 05:11:29,930 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-14 05:11:29,931 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-14 05:11:29,952 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-14 05:11:30,114 INFO L134 CoverageAnalysis]: Checked inductivity of 12 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2024-11-14 05:11:30,115 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-14 05:11:30,115 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2005578916] [2024-11-14 05:11:30,115 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2005578916] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-14 05:11:30,115 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-14 05:11:30,115 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-14 05:11:30,116 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1209684971] [2024-11-14 05:11:30,116 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-14 05:11:30,116 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-14 05:11:30,116 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-14 05:11:30,117 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-14 05:11:30,117 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-14 05:11:30,117 INFO L87 Difference]: Start difference. First operand 118 states and 152 transitions. Second operand has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2024-11-14 05:11:30,182 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-14 05:11:30,184 INFO L93 Difference]: Finished difference Result 192 states and 242 transitions. [2024-11-14 05:11:30,185 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-14 05:11:30,185 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 53 [2024-11-14 05:11:30,185 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-14 05:11:30,187 INFO L225 Difference]: With dead ends: 192 [2024-11-14 05:11:30,190 INFO L226 Difference]: Without dead ends: 102 [2024-11-14 05:11:30,191 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-14 05:11:30,191 INFO L432 NwaCegarLoop]: 64 mSDtfsCounter, 7 mSDsluCounter, 55 mSDsCounter, 0 mSdLazyCounter, 27 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 10 SdHoareTripleChecker+Valid, 119 SdHoareTripleChecker+Invalid, 27 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 27 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2024-11-14 05:11:30,192 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [10 Valid, 119 Invalid, 27 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 27 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2024-11-14 05:11:30,195 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 102 states. [2024-11-14 05:11:30,217 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 102 to 102. [2024-11-14 05:11:30,220 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 102 states, 64 states have (on average 1.25) internal successors, (80), 72 states have internal predecessors, (80), 20 states have call successors, (20), 17 states have call predecessors, (20), 17 states have return successors, (26), 18 states have call predecessors, (26), 20 states have call successors, (26) [2024-11-14 05:11:30,222 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 102 states to 102 states and 126 transitions. [2024-11-14 05:11:30,226 INFO L78 Accepts]: Start accepts. Automaton has 102 states and 126 transitions. Word has length 53 [2024-11-14 05:11:30,226 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-14 05:11:30,226 INFO L471 AbstractCegarLoop]: Abstraction has 102 states and 126 transitions. [2024-11-14 05:11:30,227 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 11.666666666666666) internal successors, (35), 3 states have internal predecessors, (35), 2 states have call successors, (9), 2 states have call predecessors, (9), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2024-11-14 05:11:30,227 INFO L276 IsEmpty]: Start isEmpty. Operand 102 states and 126 transitions. [2024-11-14 05:11:30,228 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 42 [2024-11-14 05:11:30,228 INFO L207 NwaCegarLoop]: Found error trace [2024-11-14 05:11:30,228 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-14 05:11:30,228 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-14 05:11:30,228 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-14 05:11:30,229 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-14 05:11:30,230 INFO L85 PathProgramCache]: Analyzing trace with hash -376629127, now seen corresponding path program 1 times [2024-11-14 05:11:30,231 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-14 05:11:30,231 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [257533376] [2024-11-14 05:11:30,231 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-14 05:11:30,231 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-14 05:11:30,275 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-14 05:11:30,677 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-11-14 05:11:30,679 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-14 05:11:30,679 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [257533376] [2024-11-14 05:11:30,679 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [257533376] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-14 05:11:30,680 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-14 05:11:30,680 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-14 05:11:30,680 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [215412389] [2024-11-14 05:11:30,680 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-14 05:11:30,680 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-14 05:11:30,680 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-14 05:11:30,681 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-14 05:11:30,681 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=19, Unknown=0, NotChecked=0, Total=30 [2024-11-14 05:11:30,681 INFO L87 Difference]: Start difference. First operand 102 states and 126 transitions. Second operand has 6 states, 6 states have (on average 4.833333333333333) internal successors, (29), 6 states have internal predecessors, (29), 5 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 5 states have call successors, (5) [2024-11-14 05:11:30,960 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-14 05:11:30,960 INFO L93 Difference]: Finished difference Result 289 states and 357 transitions. [2024-11-14 05:11:30,961 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2024-11-14 05:11:30,961 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 4.833333333333333) internal successors, (29), 6 states have internal predecessors, (29), 5 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 5 states have call successors, (5) Word has length 41 [2024-11-14 05:11:30,961 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-14 05:11:30,964 INFO L225 Difference]: With dead ends: 289 [2024-11-14 05:11:30,964 INFO L226 Difference]: Without dead ends: 189 [2024-11-14 05:11:30,965 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=16, Invalid=26, Unknown=0, NotChecked=0, Total=42 [2024-11-14 05:11:30,965 INFO L432 NwaCegarLoop]: 92 mSDtfsCounter, 97 mSDsluCounter, 170 mSDsCounter, 0 mSdLazyCounter, 137 mSolverCounterSat, 22 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 97 SdHoareTripleChecker+Valid, 262 SdHoareTripleChecker+Invalid, 159 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 22 IncrementalHoareTripleChecker+Valid, 137 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2024-11-14 05:11:30,968 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [97 Valid, 262 Invalid, 159 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [22 Valid, 137 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2024-11-14 05:11:30,970 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 189 states. [2024-11-14 05:11:31,007 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 189 to 185. [2024-11-14 05:11:31,007 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 185 states, 116 states have (on average 1.2241379310344827) internal successors, (142), 129 states have internal predecessors, (142), 36 states have call successors, (36), 31 states have call predecessors, (36), 32 states have return successors, (48), 33 states have call predecessors, (48), 36 states have call successors, (48) [2024-11-14 05:11:31,009 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 185 states to 185 states and 226 transitions. [2024-11-14 05:11:31,010 INFO L78 Accepts]: Start accepts. Automaton has 185 states and 226 transitions. Word has length 41 [2024-11-14 05:11:31,010 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-14 05:11:31,010 INFO L471 AbstractCegarLoop]: Abstraction has 185 states and 226 transitions. [2024-11-14 05:11:31,010 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 4.833333333333333) internal successors, (29), 6 states have internal predecessors, (29), 5 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 3 states have call predecessors, (5), 5 states have call successors, (5) [2024-11-14 05:11:31,010 INFO L276 IsEmpty]: Start isEmpty. Operand 185 states and 226 transitions. [2024-11-14 05:11:31,012 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 45 [2024-11-14 05:11:31,012 INFO L207 NwaCegarLoop]: Found error trace [2024-11-14 05:11:31,012 INFO L215 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-14 05:11:31,012 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-14 05:11:31,012 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-14 05:11:31,013 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-14 05:11:31,013 INFO L85 PathProgramCache]: Analyzing trace with hash 586275110, now seen corresponding path program 1 times [2024-11-14 05:11:31,013 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-14 05:11:31,013 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [55492510] [2024-11-14 05:11:31,013 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-14 05:11:31,013 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-14 05:11:31,034 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-14 05:11:31,451 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2024-11-14 05:11:31,451 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-14 05:11:31,451 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [55492510] [2024-11-14 05:11:31,451 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [55492510] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-14 05:11:31,451 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-14 05:11:31,451 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-11-14 05:11:31,451 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1124448868] [2024-11-14 05:11:31,451 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-14 05:11:31,452 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-14 05:11:31,452 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-14 05:11:31,452 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-14 05:11:31,452 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=39, Unknown=0, NotChecked=0, Total=56 [2024-11-14 05:11:31,453 INFO L87 Difference]: Start difference. First operand 185 states and 226 transitions. Second operand has 8 states, 7 states have (on average 4.285714285714286) internal successors, (30), 7 states have internal predecessors, (30), 5 states have call successors, (7), 3 states have call predecessors, (7), 2 states have return successors, (6), 4 states have call predecessors, (6), 5 states have call successors, (6) [2024-11-14 05:11:32,035 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-14 05:11:32,035 INFO L93 Difference]: Finished difference Result 421 states and 526 transitions. [2024-11-14 05:11:32,035 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2024-11-14 05:11:32,036 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 4.285714285714286) internal successors, (30), 7 states have internal predecessors, (30), 5 states have call successors, (7), 3 states have call predecessors, (7), 2 states have return successors, (6), 4 states have call predecessors, (6), 5 states have call successors, (6) Word has length 44 [2024-11-14 05:11:32,036 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-14 05:11:32,042 INFO L225 Difference]: With dead ends: 421 [2024-11-14 05:11:32,043 INFO L226 Difference]: Without dead ends: 291 [2024-11-14 05:11:32,044 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 18 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=54, Invalid=102, Unknown=0, NotChecked=0, Total=156 [2024-11-14 05:11:32,044 INFO L432 NwaCegarLoop]: 65 mSDtfsCounter, 242 mSDsluCounter, 156 mSDsCounter, 0 mSdLazyCounter, 288 mSolverCounterSat, 107 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 251 SdHoareTripleChecker+Valid, 221 SdHoareTripleChecker+Invalid, 395 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 107 IncrementalHoareTripleChecker+Valid, 288 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2024-11-14 05:11:32,045 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [251 Valid, 221 Invalid, 395 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [107 Valid, 288 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2024-11-14 05:11:32,048 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 291 states. [2024-11-14 05:11:32,112 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 291 to 275. [2024-11-14 05:11:32,114 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 275 states, 177 states have (on average 1.231638418079096) internal successors, (218), 195 states have internal predecessors, (218), 51 states have call successors, (51), 39 states have call predecessors, (51), 46 states have return successors, (70), 52 states have call predecessors, (70), 51 states have call successors, (70) [2024-11-14 05:11:32,118 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 275 states to 275 states and 339 transitions. [2024-11-14 05:11:32,118 INFO L78 Accepts]: Start accepts. Automaton has 275 states and 339 transitions. Word has length 44 [2024-11-14 05:11:32,118 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-14 05:11:32,119 INFO L471 AbstractCegarLoop]: Abstraction has 275 states and 339 transitions. [2024-11-14 05:11:32,121 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 4.285714285714286) internal successors, (30), 7 states have internal predecessors, (30), 5 states have call successors, (7), 3 states have call predecessors, (7), 2 states have return successors, (6), 4 states have call predecessors, (6), 5 states have call successors, (6) [2024-11-14 05:11:32,121 INFO L276 IsEmpty]: Start isEmpty. Operand 275 states and 339 transitions. [2024-11-14 05:11:32,123 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 62 [2024-11-14 05:11:32,123 INFO L207 NwaCegarLoop]: Found error trace [2024-11-14 05:11:32,123 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-14 05:11:32,123 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-14 05:11:32,123 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-14 05:11:32,125 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-14 05:11:32,127 INFO L85 PathProgramCache]: Analyzing trace with hash 1095366207, now seen corresponding path program 1 times [2024-11-14 05:11:32,127 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-14 05:11:32,127 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1793662926] [2024-11-14 05:11:32,127 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-14 05:11:32,128 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-14 05:11:32,166 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-14 05:11:32,364 INFO L134 CoverageAnalysis]: Checked inductivity of 19 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2024-11-14 05:11:32,365 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-14 05:11:32,365 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1793662926] [2024-11-14 05:11:32,365 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1793662926] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-14 05:11:32,365 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-14 05:11:32,365 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-11-14 05:11:32,365 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1271343308] [2024-11-14 05:11:32,365 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-14 05:11:32,365 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-14 05:11:32,365 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-14 05:11:32,366 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-14 05:11:32,366 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2024-11-14 05:11:32,366 INFO L87 Difference]: Start difference. First operand 275 states and 339 transitions. Second operand has 8 states, 7 states have (on average 5.285714285714286) internal successors, (37), 6 states have internal predecessors, (37), 2 states have call successors, (7), 1 states have call predecessors, (7), 2 states have return successors, (8), 3 states have call predecessors, (8), 2 states have call successors, (8) [2024-11-14 05:11:32,995 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-14 05:11:32,995 INFO L93 Difference]: Finished difference Result 547 states and 702 transitions. [2024-11-14 05:11:32,995 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2024-11-14 05:11:32,995 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 5.285714285714286) internal successors, (37), 6 states have internal predecessors, (37), 2 states have call successors, (7), 1 states have call predecessors, (7), 2 states have return successors, (8), 3 states have call predecessors, (8), 2 states have call successors, (8) Word has length 61 [2024-11-14 05:11:32,996 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-14 05:11:32,999 INFO L225 Difference]: With dead ends: 547 [2024-11-14 05:11:32,999 INFO L226 Difference]: Without dead ends: 398 [2024-11-14 05:11:33,000 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 21 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 17 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 46 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=71, Invalid=271, Unknown=0, NotChecked=0, Total=342 [2024-11-14 05:11:33,001 INFO L432 NwaCegarLoop]: 103 mSDtfsCounter, 115 mSDsluCounter, 308 mSDsCounter, 0 mSdLazyCounter, 468 mSolverCounterSat, 36 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 119 SdHoareTripleChecker+Valid, 411 SdHoareTripleChecker+Invalid, 504 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 36 IncrementalHoareTripleChecker+Valid, 468 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2024-11-14 05:11:33,001 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [119 Valid, 411 Invalid, 504 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [36 Valid, 468 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2024-11-14 05:11:33,002 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 398 states. [2024-11-14 05:11:33,054 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 398 to 379. [2024-11-14 05:11:33,055 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 379 states, 244 states have (on average 1.2049180327868851) internal successors, (294), 272 states have internal predecessors, (294), 70 states have call successors, (70), 54 states have call predecessors, (70), 64 states have return successors, (103), 70 states have call predecessors, (103), 70 states have call successors, (103) [2024-11-14 05:11:33,058 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 379 states to 379 states and 467 transitions. [2024-11-14 05:11:33,059 INFO L78 Accepts]: Start accepts. Automaton has 379 states and 467 transitions. Word has length 61 [2024-11-14 05:11:33,059 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-14 05:11:33,059 INFO L471 AbstractCegarLoop]: Abstraction has 379 states and 467 transitions. [2024-11-14 05:11:33,059 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 5.285714285714286) internal successors, (37), 6 states have internal predecessors, (37), 2 states have call successors, (7), 1 states have call predecessors, (7), 2 states have return successors, (8), 3 states have call predecessors, (8), 2 states have call successors, (8) [2024-11-14 05:11:33,059 INFO L276 IsEmpty]: Start isEmpty. Operand 379 states and 467 transitions. [2024-11-14 05:11:33,062 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 79 [2024-11-14 05:11:33,063 INFO L207 NwaCegarLoop]: Found error trace [2024-11-14 05:11:33,063 INFO L215 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-14 05:11:33,063 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-14 05:11:33,063 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-14 05:11:33,063 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-14 05:11:33,063 INFO L85 PathProgramCache]: Analyzing trace with hash 1532284064, now seen corresponding path program 1 times [2024-11-14 05:11:33,064 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-14 05:11:33,064 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [81921449] [2024-11-14 05:11:33,064 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-14 05:11:33,064 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-14 05:11:33,086 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-14 05:11:33,305 INFO L134 CoverageAnalysis]: Checked inductivity of 36 backedges. 9 proven. 13 refuted. 0 times theorem prover too weak. 14 trivial. 0 not checked. [2024-11-14 05:11:33,305 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-14 05:11:33,306 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [81921449] [2024-11-14 05:11:33,306 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [81921449] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-14 05:11:33,306 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1956081032] [2024-11-14 05:11:33,306 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-14 05:11:33,306 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-14 05:11:33,306 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/bin/utaipan-verify-sOmjnqqW8E/z3 [2024-11-14 05:11:33,310 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-14 05:11:33,312 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-14 05:11:33,446 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-14 05:11:33,455 INFO L255 TraceCheckSpWp]: Trace formula consists of 292 conjuncts, 14 conjuncts are in the unsatisfiable core [2024-11-14 05:11:33,465 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-14 05:11:33,672 INFO L134 CoverageAnalysis]: Checked inductivity of 36 backedges. 35 proven. 1 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2024-11-14 05:11:33,672 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-14 05:11:33,895 INFO L134 CoverageAnalysis]: Checked inductivity of 36 backedges. 15 proven. 1 refuted. 0 times theorem prover too weak. 20 trivial. 0 not checked. [2024-11-14 05:11:33,895 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1956081032] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-14 05:11:33,895 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1262446297] [2024-11-14 05:11:33,925 INFO L159 IcfgInterpreter]: Started Sifa with 45 locations of interest [2024-11-14 05:11:33,925 INFO L166 IcfgInterpreter]: Building call graph [2024-11-14 05:11:33,930 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-14 05:11:33,934 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-14 05:11:33,935 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-14 05:11:43,277 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 44 for LOIs [2024-11-14 05:11:43,285 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 26 for LOIs [2024-11-14 05:11:43,396 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 35 for LOIs [2024-11-14 05:11:43,403 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__methaneQuery with input of size 23 for LOIs [2024-11-14 05:11:43,426 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 23 for LOIs [2024-11-14 05:11:43,465 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneAlarm with input of size 24 for LOIs [2024-11-14 05:11:43,468 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-14 05:11:47,004 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '5108#(and (<= 1 |#StackHeapBarrier|) (= ~methaneLevelCritical~0 0) (not (= 2 ~waterLevel~0)) (= ~head~0.offset 0) (<= 2 ~waterLevel~0) (= |old(~pumpRunning~0)| 0) (<= ~waterLevel~0 2147483647) (= |old(~waterLevel~0)| ~waterLevel~0) (= ~head~0.base 0) (= ~switchedOnBeforeTS~0 0) (not (= 0 ~systemActive~0)) (= ~pumpRunning~0 1) (= ~cleanupTimeShifts~0 4) (= |old(~switchedOnBeforeTS~0)| 0))' at error location [2024-11-14 05:11:47,005 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-14 05:11:47,005 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-14 05:11:47,005 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 6, 6] total 13 [2024-11-14 05:11:47,005 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1364976728] [2024-11-14 05:11:47,005 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-14 05:11:47,006 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 13 states [2024-11-14 05:11:47,010 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-14 05:11:47,010 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 13 interpolants. [2024-11-14 05:11:47,012 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=211, Invalid=1511, Unknown=0, NotChecked=0, Total=1722 [2024-11-14 05:11:47,013 INFO L87 Difference]: Start difference. First operand 379 states and 467 transitions. Second operand has 13 states, 12 states have (on average 7.416666666666667) internal successors, (89), 12 states have internal predecessors, (89), 5 states have call successors, (20), 4 states have call predecessors, (20), 5 states have return successors, (21), 7 states have call predecessors, (21), 5 states have call successors, (21) [2024-11-14 05:11:49,639 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-14 05:11:49,640 INFO L93 Difference]: Finished difference Result 3189 states and 4285 transitions. [2024-11-14 05:11:49,640 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 60 states. [2024-11-14 05:11:49,641 INFO L78 Accepts]: Start accepts. Automaton has has 13 states, 12 states have (on average 7.416666666666667) internal successors, (89), 12 states have internal predecessors, (89), 5 states have call successors, (20), 4 states have call predecessors, (20), 5 states have return successors, (21), 7 states have call predecessors, (21), 5 states have call successors, (21) Word has length 78 [2024-11-14 05:11:49,641 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-14 05:11:49,682 INFO L225 Difference]: With dead ends: 3189 [2024-11-14 05:11:49,682 INFO L226 Difference]: Without dead ends: 2750 [2024-11-14 05:11:49,692 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 303 GetRequests, 213 SyntacticMatches, 1 SemanticMatches, 89 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2847 ImplicationChecksByTransitivity, 4.5s TimeCoverageRelationStatistics Valid=785, Invalid=7405, Unknown=0, NotChecked=0, Total=8190 [2024-11-14 05:11:49,693 INFO L432 NwaCegarLoop]: 237 mSDtfsCounter, 609 mSDsluCounter, 1256 mSDsCounter, 0 mSdLazyCounter, 1543 mSolverCounterSat, 273 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 615 SdHoareTripleChecker+Valid, 1493 SdHoareTripleChecker+Invalid, 1816 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 273 IncrementalHoareTripleChecker+Valid, 1543 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.4s IncrementalHoareTripleChecker+Time [2024-11-14 05:11:49,695 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [615 Valid, 1493 Invalid, 1816 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [273 Valid, 1543 Invalid, 0 Unknown, 0 Unchecked, 1.4s Time] [2024-11-14 05:11:49,703 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2750 states. [2024-11-14 05:11:50,020 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2750 to 2381. [2024-11-14 05:11:50,026 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2381 states, 1558 states have (on average 1.1983311938382541) internal successors, (1867), 1701 states have internal predecessors, (1867), 430 states have call successors, (430), 364 states have call predecessors, (430), 392 states have return successors, (746), 409 states have call predecessors, (746), 430 states have call successors, (746) [2024-11-14 05:11:50,042 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2381 states to 2381 states and 3043 transitions. [2024-11-14 05:11:50,045 INFO L78 Accepts]: Start accepts. Automaton has 2381 states and 3043 transitions. Word has length 78 [2024-11-14 05:11:50,045 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-14 05:11:50,045 INFO L471 AbstractCegarLoop]: Abstraction has 2381 states and 3043 transitions. [2024-11-14 05:11:50,045 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 13 states, 12 states have (on average 7.416666666666667) internal successors, (89), 12 states have internal predecessors, (89), 5 states have call successors, (20), 4 states have call predecessors, (20), 5 states have return successors, (21), 7 states have call predecessors, (21), 5 states have call successors, (21) [2024-11-14 05:11:50,045 INFO L276 IsEmpty]: Start isEmpty. Operand 2381 states and 3043 transitions. [2024-11-14 05:11:50,056 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 111 [2024-11-14 05:11:50,057 INFO L207 NwaCegarLoop]: Found error trace [2024-11-14 05:11:50,057 INFO L215 NwaCegarLoop]: trace histogram [5, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-14 05:11:50,079 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2024-11-14 05:11:50,257 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-14 05:11:50,258 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-14 05:11:50,258 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-14 05:11:50,258 INFO L85 PathProgramCache]: Analyzing trace with hash 443039679, now seen corresponding path program 1 times [2024-11-14 05:11:50,258 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-14 05:11:50,258 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1104529177] [2024-11-14 05:11:50,258 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-14 05:11:50,259 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-14 05:11:50,286 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-14 05:11:50,448 INFO L134 CoverageAnalysis]: Checked inductivity of 89 backedges. 40 proven. 1 refuted. 0 times theorem prover too weak. 48 trivial. 0 not checked. [2024-11-14 05:11:50,448 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-14 05:11:50,449 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1104529177] [2024-11-14 05:11:50,449 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1104529177] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-14 05:11:50,449 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [138734661] [2024-11-14 05:11:50,449 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-14 05:11:50,449 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-14 05:11:50,449 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/bin/utaipan-verify-sOmjnqqW8E/z3 [2024-11-14 05:11:50,452 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-14 05:11:50,453 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-11-14 05:11:50,573 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-14 05:11:50,577 INFO L255 TraceCheckSpWp]: Trace formula consists of 376 conjuncts, 18 conjuncts are in the unsatisfiable core [2024-11-14 05:11:50,582 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-14 05:11:51,011 INFO L134 CoverageAnalysis]: Checked inductivity of 89 backedges. 66 proven. 15 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2024-11-14 05:11:51,011 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-14 05:11:51,578 INFO L134 CoverageAnalysis]: Checked inductivity of 89 backedges. 53 proven. 5 refuted. 0 times theorem prover too weak. 31 trivial. 0 not checked. [2024-11-14 05:11:51,578 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [138734661] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-14 05:11:51,578 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1100802415] [2024-11-14 05:11:51,581 INFO L159 IcfgInterpreter]: Started Sifa with 51 locations of interest [2024-11-14 05:11:51,581 INFO L166 IcfgInterpreter]: Building call graph [2024-11-14 05:11:51,582 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-14 05:11:51,582 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-14 05:11:51,582 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-14 05:11:58,001 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 37 for LOIs [2024-11-14 05:11:58,009 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 30 for LOIs [2024-11-14 05:11:58,196 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 39 for LOIs [2024-11-14 05:11:58,208 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__methaneQuery with input of size 23 for LOIs [2024-11-14 05:11:58,231 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 23 for LOIs [2024-11-14 05:11:58,278 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneAlarm with input of size 36 for LOIs [2024-11-14 05:11:58,292 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-14 05:12:01,552 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '14490#(and (<= 1 |#StackHeapBarrier|) (= ~methaneLevelCritical~0 0) (not (= 2 ~waterLevel~0)) (= ~head~0.offset 0) (<= 2 ~waterLevel~0) (<= |old(~switchedOnBeforeTS~0)| 2147483647) (= |old(~pumpRunning~0)| 0) (<= 0 (+ |old(~switchedOnBeforeTS~0)| 2147483648)) (<= ~waterLevel~0 2147483647) (= |old(~waterLevel~0)| ~waterLevel~0) (= ~head~0.base 0) (= ~switchedOnBeforeTS~0 0) (not (= 0 ~systemActive~0)) (= ~pumpRunning~0 1) (= ~cleanupTimeShifts~0 4))' at error location [2024-11-14 05:12:01,552 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-14 05:12:01,552 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-14 05:12:01,552 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 11, 11] total 24 [2024-11-14 05:12:01,553 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1772824846] [2024-11-14 05:12:01,553 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-14 05:12:01,553 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 24 states [2024-11-14 05:12:01,553 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-14 05:12:01,554 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 24 interpolants. [2024-11-14 05:12:01,555 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=359, Invalid=2503, Unknown=0, NotChecked=0, Total=2862 [2024-11-14 05:12:01,555 INFO L87 Difference]: Start difference. First operand 2381 states and 3043 transitions. Second operand has 24 states, 23 states have (on average 6.130434782608695) internal successors, (141), 23 states have internal predecessors, (141), 13 states have call successors, (35), 5 states have call predecessors, (35), 10 states have return successors, (35), 14 states have call predecessors, (35), 12 states have call successors, (35) [2024-11-14 05:12:07,668 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-14 05:12:07,668 INFO L93 Difference]: Finished difference Result 8467 states and 11641 transitions. [2024-11-14 05:12:07,669 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 103 states. [2024-11-14 05:12:07,669 INFO L78 Accepts]: Start accepts. Automaton has has 24 states, 23 states have (on average 6.130434782608695) internal successors, (141), 23 states have internal predecessors, (141), 13 states have call successors, (35), 5 states have call predecessors, (35), 10 states have return successors, (35), 14 states have call predecessors, (35), 12 states have call successors, (35) Word has length 110 [2024-11-14 05:12:07,669 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-14 05:12:07,675 INFO L225 Difference]: With dead ends: 8467 [2024-11-14 05:12:07,675 INFO L226 Difference]: Without dead ends: 0 [2024-11-14 05:12:07,709 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 486 GetRequests, 323 SyntacticMatches, 10 SemanticMatches, 153 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 8861 ImplicationChecksByTransitivity, 6.7s TimeCoverageRelationStatistics Valid=2327, Invalid=21543, Unknown=0, NotChecked=0, Total=23870 [2024-11-14 05:12:07,710 INFO L432 NwaCegarLoop]: 115 mSDtfsCounter, 1069 mSDsluCounter, 742 mSDsCounter, 0 mSdLazyCounter, 2600 mSolverCounterSat, 919 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 2.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1069 SdHoareTripleChecker+Valid, 857 SdHoareTripleChecker+Invalid, 3519 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 919 IncrementalHoareTripleChecker+Valid, 2600 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.3s IncrementalHoareTripleChecker+Time [2024-11-14 05:12:07,710 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [1069 Valid, 857 Invalid, 3519 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [919 Valid, 2600 Invalid, 0 Unknown, 0 Unchecked, 2.3s Time] [2024-11-14 05:12:07,711 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-14 05:12:07,711 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-14 05:12:07,711 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-14 05:12:07,711 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-14 05:12:07,715 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 110 [2024-11-14 05:12:07,716 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-14 05:12:07,716 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-14 05:12:07,716 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 24 states, 23 states have (on average 6.130434782608695) internal successors, (141), 23 states have internal predecessors, (141), 13 states have call successors, (35), 5 states have call predecessors, (35), 10 states have return successors, (35), 14 states have call predecessors, (35), 12 states have call successors, (35) [2024-11-14 05:12:07,716 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-14 05:12:07,716 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-14 05:12:07,719 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-14 05:12:07,738 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Ended with exit code 0 [2024-11-14 05:12:07,923 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable7 [2024-11-14 05:12:07,926 INFO L407 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1] [2024-11-14 05:12:07,928 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-14 05:12:57,005 INFO L173 ceAbstractionStarter]: Computing trace abstraction results [2024-11-14 05:12:57,024 WARN L162 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (not (= ~switchedOnBeforeTS~0 0)) (<= ~waterLevel~0 2) (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|) (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) Eliminated clause: (and (not (= ~switchedOnBeforeTS~0 0)) (<= ~waterLevel~0 2) (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) [2024-11-14 05:12:57,039 WARN L162 FloydHoareUtils]: Requires clause for changeMethaneLevel contained old-variable. Original clause: (let ((.cse0 (= |old(~methaneLevelCritical~0)| 0))) (let ((.cse1 (= ~methaneLevelCritical~0 0)) (.cse2 (not .cse0))) (and (or .cse0 (not .cse1)) (or .cse2 .cse1) (let ((.cse3 (= 2 ~waterLevel~0)) (.cse4 (= ~pumpRunning~0 0))) (or (and .cse3 (or .cse2 (= ~pumpRunning~0 1))) (and .cse4 .cse3) (and (<= ~waterLevel~0 2) (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (and .cse4 (<= ~waterLevel~0 1))))))) Eliminated clause: (exists ((|old(~methaneLevelCritical~0)| Int)) (let ((.cse0 (= |old(~methaneLevelCritical~0)| 0))) (let ((.cse1 (= ~methaneLevelCritical~0 0)) (.cse2 (not .cse0))) (and (or .cse0 (not .cse1)) (or .cse2 .cse1) (let ((.cse3 (= 2 ~waterLevel~0)) (.cse4 (= ~pumpRunning~0 0))) (or (and .cse3 (or .cse2 (= ~pumpRunning~0 1))) (and .cse4 .cse3) (and (<= ~waterLevel~0 2) (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (and .cse4 (<= ~waterLevel~0 1)))))))) [2024-11-14 05:12:57,044 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-14 05:12:57,051 WARN L162 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (let ((.cse1 (= |old(~pumpRunning~0)| 0)) (.cse0 (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) (.cse7 (= ~switchedOnBeforeTS~0 0))) (let ((.cse3 (not .cse7)) (.cse5 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse6 (not .cse0)) (.cse2 (not .cse1)) (.cse4 (= ~pumpRunning~0 0))) (and (or (and .cse0 (<= |old(~waterLevel~0)| 1)) (and .cse1 (<= |old(~waterLevel~0)| 2)) (= |old(~waterLevel~0)| 2)) (or (not (= |old(~pumpRunning~0)| 1)) (= ~pumpRunning~0 1)) (or .cse2 (and .cse3 .cse4) .cse5) (= |old(~waterLevel~0)| ~waterLevel~0) (or .cse6 (and .cse3 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) .cse5) (or .cse6 .cse2 (and .cse4 .cse7))))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int) (|old(~switchedOnBeforeTS~0)| Int)) (let ((.cse0 (= |old(~pumpRunning~0)| 0)) (.cse6 (= ~switchedOnBeforeTS~0 0))) (let ((.cse1 (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) (.cse3 (not .cse6)) (.cse5 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse2 (not .cse0)) (.cse4 (= ~pumpRunning~0 0))) (and (or (= 2 ~waterLevel~0) (and .cse0 (<= ~waterLevel~0 2)) (and (<= ~waterLevel~0 1) .cse1)) (or (not (= |old(~pumpRunning~0)| 1)) (= ~pumpRunning~0 1)) (or .cse2 (and .cse3 .cse4) .cse5) (or (not .cse1) (and .cse3 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) .cse5) (or (not .cse5) .cse2 (and .cse4 .cse6)))))) [2024-11-14 05:12:57,081 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-14 05:12:57,085 WARN L162 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__highWaterSensor contained old-variable. Original clause: (and (<= ~waterLevel~0 2) (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|) (= ~pumpRunning~0 ~switchedOnBeforeTS~0) (or (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0))) Eliminated clause: (and (<= ~waterLevel~0 2) (= ~pumpRunning~0 ~switchedOnBeforeTS~0) (or (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0))) [2024-11-14 05:12:57,093 WARN L162 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (and (let ((.cse1 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse0 (= |old(~waterLevel~0)| 2)) (.cse2 (= ~pumpRunning~0 0))) (or (and (or (not (= ~methaneLevelCritical~0 0)) (= ~pumpRunning~0 1)) .cse0) (and (<= |old(~waterLevel~0)| 1) .cse1) (and .cse1 .cse0) (and .cse2 .cse0) (and (or (< |old(~waterLevel~0)| 1) (= |old(~waterLevel~0)| 1)) .cse2))) (= |old(~waterLevel~0)| ~waterLevel~0)) Eliminated clause: (let ((.cse0 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (= 2 ~waterLevel~0))) (or (and (<= ~waterLevel~0 1) .cse0) (and .cse1 (or (< ~waterLevel~0 1) (= ~waterLevel~0 1))) (and .cse2 .cse0) (and .cse1 .cse2) (and .cse2 (or (not (= ~methaneLevelCritical~0 0)) (= ~pumpRunning~0 1))))) [2024-11-14 05:12:57,101 WARN L162 FloydHoareUtils]: Requires clause for processEnvironment__wrappee__methaneQuery contained old-variable. Original clause: (and (<= ~waterLevel~0 2) (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|) (= ~pumpRunning~0 ~switchedOnBeforeTS~0) (or (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0))) Eliminated clause: (and (<= ~waterLevel~0 2) (= ~pumpRunning~0 ~switchedOnBeforeTS~0) (or (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0))) [2024-11-14 05:12:57,111 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 14.11 05:12:57 BoogieIcfgContainer [2024-11-14 05:12:57,112 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-14 05:12:57,112 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-14 05:12:57,113 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-14 05:12:57,113 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-14 05:12:57,114 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.11 05:11:28" (3/4) ... [2024-11-14 05:12:57,116 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-14 05:12:57,119 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-14 05:12:57,120 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2024-11-14 05:12:57,120 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-14 05:12:57,120 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-14 05:12:57,120 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-14 05:12:57,120 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2024-11-14 05:12:57,120 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-14 05:12:57,120 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__methaneQuery [2024-11-14 05:12:57,121 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-14 05:12:57,121 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2024-11-14 05:12:57,128 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 51 nodes and edges [2024-11-14 05:12:57,128 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 12 nodes and edges [2024-11-14 05:12:57,129 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-14 05:12:57,129 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-14 05:12:57,130 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-14 05:12:57,162 WARN L216 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((2 == waterLevel) && (splverifierCounter == 0)) && (2 < \old(waterLevel))) && (pumpRunning == switchedOnBeforeTS)) || (((pumpRunning == 0) && (splverifierCounter == 0)) && ((waterLevel < 1) || (waterLevel == 1)))) || (((pumpRunning == 0) && (2 == waterLevel)) && (splverifierCounter == 0))) || (((waterLevel <= 1) && (splverifierCounter == 0)) && (pumpRunning == switchedOnBeforeTS))) || (((2 == waterLevel) && (methaneLevelCritical != 0)) && (splverifierCounter == 0))) || (((2 == waterLevel) && (splverifierCounter == 0)) && (pumpRunning == 1))) [2024-11-14 05:12:57,194 WARN L141 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((2 == waterLevel) && (splverifierCounter == 0)) && (2 < \old(waterLevel))) && (pumpRunning == switchedOnBeforeTS)) || (((pumpRunning == 0) && (splverifierCounter == 0)) && ((waterLevel < 1) || (waterLevel == 1)))) || (((pumpRunning == 0) && (2 == waterLevel)) && (splverifierCounter == 0))) || (((waterLevel <= 1) && (splverifierCounter == 0)) && (pumpRunning == switchedOnBeforeTS))) || (((2 == waterLevel) && (methaneLevelCritical != 0)) && (splverifierCounter == 0))) || (((2 == waterLevel) && (splverifierCounter == 0)) && (pumpRunning == 1))) [2024-11-14 05:12:57,243 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/bin/utaipan-verify-sOmjnqqW8E/witness.graphml [2024-11-14 05:12:57,244 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/bin/utaipan-verify-sOmjnqqW8E/witness.yml [2024-11-14 05:12:57,244 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-14 05:12:57,245 INFO L158 Benchmark]: Toolchain (without parser) took 89986.56ms. Allocated memory was 142.6MB in the beginning and 1.8GB in the end (delta: 1.7GB). Free memory was 116.0MB in the beginning and 1.6GB in the end (delta: -1.5GB). Peak memory consumption was 189.0MB. Max. memory is 16.1GB. [2024-11-14 05:12:57,246 INFO L158 Benchmark]: CDTParser took 1.64ms. Allocated memory is still 117.4MB. Free memory is still 74.9MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-14 05:12:57,246 INFO L158 Benchmark]: CACSL2BoogieTranslator took 591.39ms. Allocated memory is still 142.6MB. Free memory was 115.8MB in the beginning and 96.5MB in the end (delta: 19.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-14 05:12:57,247 INFO L158 Benchmark]: Boogie Procedure Inliner took 46.68ms. Allocated memory is still 142.6MB. Free memory was 96.5MB in the beginning and 94.5MB in the end (delta: 2.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-14 05:12:57,247 INFO L158 Benchmark]: Boogie Preprocessor took 41.15ms. Allocated memory is still 142.6MB. Free memory was 94.5MB in the beginning and 93.3MB in the end (delta: 1.3MB). There was no memory consumed. Max. memory is 16.1GB. [2024-11-14 05:12:57,247 INFO L158 Benchmark]: RCFGBuilder took 781.85ms. Allocated memory is still 142.6MB. Free memory was 93.1MB in the beginning and 63.1MB in the end (delta: 30.0MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. [2024-11-14 05:12:57,247 INFO L158 Benchmark]: TraceAbstraction took 88383.16ms. Allocated memory was 142.6MB in the beginning and 1.8GB in the end (delta: 1.7GB). Free memory was 62.6MB in the beginning and 1.6GB in the end (delta: -1.5GB). Peak memory consumption was 1.1GB. Max. memory is 16.1GB. [2024-11-14 05:12:57,248 INFO L158 Benchmark]: Witness Printer took 131.78ms. Allocated memory is still 1.8GB. Free memory was 1.6GB in the beginning and 1.6GB in the end (delta: 4.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-14 05:12:57,251 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 1.64ms. Allocated memory is still 117.4MB. Free memory is still 74.9MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 591.39ms. Allocated memory is still 142.6MB. Free memory was 115.8MB in the beginning and 96.5MB in the end (delta: 19.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 46.68ms. Allocated memory is still 142.6MB. Free memory was 96.5MB in the beginning and 94.5MB in the end (delta: 2.0MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Preprocessor took 41.15ms. Allocated memory is still 142.6MB. Free memory was 94.5MB in the beginning and 93.3MB in the end (delta: 1.3MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 781.85ms. Allocated memory is still 142.6MB. Free memory was 93.1MB in the beginning and 63.1MB in the end (delta: 30.0MB). Peak memory consumption was 25.2MB. Max. memory is 16.1GB. * TraceAbstraction took 88383.16ms. Allocated memory was 142.6MB in the beginning and 1.8GB in the end (delta: 1.7GB). Free memory was 62.6MB in the beginning and 1.6GB in the end (delta: -1.5GB). Peak memory consumption was 1.1GB. Max. memory is 16.1GB. * Witness Printer took 131.78ms. Allocated memory is still 1.8GB. Free memory was 1.6GB in the beginning and 1.6GB in the end (delta: 4.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [49] - GenericResultAtLocation [Line: 313]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [313] - GenericResultAtLocation [Line: 364]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [364] - GenericResultAtLocation [Line: 434]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [434] - GenericResultAtLocation [Line: 800]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [800] - GenericResultAtLocation [Line: 903]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [903] - GenericResultAtLocation [Line: 1003]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [1003] - GenericResultAtLocation [Line: 1012]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [1012] - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 1008]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 11 procedures, 75 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 39.1s, OverallIterations: 8, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 11.0s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2216 SdHoareTripleChecker+Valid, 5.2s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2193 mSDsluCounter, 3775 SdHoareTripleChecker+Invalid, 4.3s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 2943 mSDsCounter, 1365 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 5211 IncrementalHoareTripleChecker+Invalid, 6576 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 1365 mSolverCounterUnsat, 832 mSDtfsCounter, 5211 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 849 GetRequests, 555 SyntacticMatches, 11 SemanticMatches, 283 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 11777 ImplicationChecksByTransitivity, 11.6s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=2381occurred in iteration=7, InterpolantAutomatonStates: 210, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.6s AutomataMinimizationTime, 8 MinimizatonAttempts, 408 StatesRemovedByMinimization, 4 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.2s SatisfiabilityAnalysisTime, 3.3s InterpolantComputationTime, 620 NumberOfCodeBlocks, 620 NumberOfCodeBlocksAsserted, 10 NumberOfCheckSat, 796 ConstructedInterpolants, 0 QuantifiedInterpolants, 1896 SizeOfPredicates, 9 NumberOfNonLiveVariables, 668 ConjunctsInSsa, 32 ConjunctsInUnsatCore, 12 InterpolantComputations, 6 PerfectInterpolantSequences, 378/414 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 378]: Loop Invariant Derived loop invariant: (((((((((2 == waterLevel) && (splverifierCounter == 0)) && (2 < \old(waterLevel))) && (pumpRunning == switchedOnBeforeTS)) || (((pumpRunning == 0) && (splverifierCounter == 0)) && ((waterLevel < 1) || (waterLevel == 1)))) || (((pumpRunning == 0) && (2 == waterLevel)) && (splverifierCounter == 0))) || (((waterLevel <= 1) && (splverifierCounter == 0)) && (pumpRunning == switchedOnBeforeTS))) || (((2 == waterLevel) && (methaneLevelCritical != 0)) && (splverifierCounter == 0))) || (((2 == waterLevel) && (splverifierCounter == 0)) && (pumpRunning == 1))) - InvariantResult [Line: 211]: Location Invariant Derived location invariant: (((waterLevel <= 2) && ((pumpRunning != 0) || (2 == waterLevel))) && (pumpRunning == switchedOnBeforeTS)) - InvariantResult [Line: 915]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 377]: Location Invariant Derived location invariant: 0 - ProcedureContractResult [Line: 203]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: (((switchedOnBeforeTS != 0) && (waterLevel <= 2)) && (pumpRunning == switchedOnBeforeTS)) Ensures: (((((switchedOnBeforeTS != 0) && (pumpRunning == 0)) && (waterLevel <= 2)) && (switchedOnBeforeTS == \old(pumpRunning))) && ((((((systemActive == \old(systemActive)) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 93]: Procedure Contract for processEnvironment__wrappee__base Derived contract for procedure processEnvironment__wrappee__base. Requires: (((((pumpRunning == 0) && (2 == waterLevel)) && (switchedOnBeforeTS == 0)) || (((methaneLevelCritical == 0) && (waterLevel <= 2)) && (pumpRunning == switchedOnBeforeTS))) || (((pumpRunning == 0) && ((waterLevel < 1) || (waterLevel == 1))) && (switchedOnBeforeTS == 0))) Ensures: ((((((pumpRunning == 0) && (2 == waterLevel)) && (switchedOnBeforeTS == 0)) || (((methaneLevelCritical == 0) && (waterLevel <= 2)) && (pumpRunning == switchedOnBeforeTS))) || (((pumpRunning == 0) && ((waterLevel < 1) || (waterLevel == 1))) && (switchedOnBeforeTS == 0))) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 827]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Ensures: (((((methaneLevelCritical == 0) || (\old(methaneLevelCritical) == 0)) && (((((2 == waterLevel) && ((\old(methaneLevelCritical) != 0) || (pumpRunning == 1))) || ((pumpRunning == 0) && (2 == waterLevel))) || ((waterLevel <= 2) && (pumpRunning == switchedOnBeforeTS))) || ((pumpRunning == 0) && (waterLevel <= 1)))) && ((\old(methaneLevelCritical) != 0) || (methaneLevelCritical != 0))) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 905]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((systemActive == \old(systemActive)) && (head == \old(head))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 66]: Procedure Contract for timeShift Derived contract for procedure timeShift. Ensures: ((((((((((((((\old(pumpRunning) != 0) || ((\old(waterLevel) != 1) && (1 <= \old(waterLevel)))) || (((pumpRunning == 0) && (\old(waterLevel) == waterLevel)) && (switchedOnBeforeTS == 0))) && ((((\old(switchedOnBeforeTS) == \old(pumpRunning)) && (\old(waterLevel) <= 1)) || ((\old(pumpRunning) == 0) && (\old(waterLevel) <= 2))) || (\old(waterLevel) == 2))) && (((\old(pumpRunning) != 1) || ((((switchedOnBeforeTS != 0) && (pumpRunning == 0)) && (((\old(waterLevel) == ((long long) waterLevel + 1)) && (1 <= \old(waterLevel))) || ((\old(waterLevel) <= 0) && (\old(waterLevel) == waterLevel)))) && ((waterLevel < 1) || (waterLevel == 1)))) || (pumpRunning == 1))) && ((((((((pumpRunning == 0) && (2 == waterLevel)) && (switchedOnBeforeTS == 0)) || (methaneLevelCritical != 0)) || (((pumpRunning != 0) && (waterLevel == 1)) && (pumpRunning == switchedOnBeforeTS))) || (((switchedOnBeforeTS != 0) && (pumpRunning == 0)) && (waterLevel == 1))) || (\old(waterLevel) != 2)) || ((2 == waterLevel) && (pumpRunning == 1)))) && ((((\old(switchedOnBeforeTS) != \old(pumpRunning)) || ((\old(waterLevel) == ((long long) waterLevel + 1)) && (1 <= \old(waterLevel)))) || ((\old(waterLevel) <= 0) && (\old(waterLevel) == waterLevel))) || (\old(switchedOnBeforeTS) == 0))) && ((((\old(pumpRunning) != 0) || (methaneLevelCritical != 0)) || (((2 == waterLevel) && (\old(waterLevel) == 2)) && (pumpRunning == 1))) || (((pumpRunning == 0) && (\old(waterLevel) == waterLevel)) && (switchedOnBeforeTS == 0)))) && (((\old(pumpRunning) != 1) || (\old(waterLevel) != 2)) || (waterLevel == 1))) && ((((\old(waterLevel) != 1) || ((pumpRunning != 0) && (pumpRunning == switchedOnBeforeTS))) || (\old(pumpRunning) == 0)) || (((switchedOnBeforeTS != 0) && (pumpRunning == 0)) && (waterLevel == 0)))) && (((((2 == waterLevel) || (methaneLevelCritical == 0)) || (((pumpRunning != 0) && (waterLevel == 1)) && (pumpRunning == switchedOnBeforeTS))) || (((switchedOnBeforeTS != 0) && (pumpRunning == 0)) && (waterLevel == 1))) || (\old(waterLevel) != 2))) && ((((\old(pumpRunning) != 0) || (2 == waterLevel)) || (methaneLevelCritical == 0)) || (\old(waterLevel) != 2))) && (((((pumpRunning != 0) && (pumpRunning == switchedOnBeforeTS)) || (0 < \old(waterLevel))) || (\old(pumpRunning) == 0)) || ((switchedOnBeforeTS != 0) && (pumpRunning == 0)))) && ((((systemActive == \old(systemActive)) && (head == \old(head))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 101]: Procedure Contract for processEnvironment__wrappee__highWaterSensor Derived contract for procedure processEnvironment__wrappee__highWaterSensor. Requires: (((waterLevel <= 2) && (pumpRunning == switchedOnBeforeTS)) && ((pumpRunning == 0) || (methaneLevelCritical == 0))) Ensures: (((((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((waterLevel != 1) && (1 <= waterLevel))) && ((pumpRunning == switchedOnBeforeTS) || (switchedOnBeforeTS == 0))) && ((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (methaneLevelCritical != 0)) || (pumpRunning == 1))) && ((((\old(pumpRunning) == 0) && (waterLevel <= 2)) && (switchedOnBeforeTS == 0)) || (((methaneLevelCritical == 0) && (waterLevel <= 2)) && (switchedOnBeforeTS == \old(pumpRunning))))) && ((((((systemActive == \old(systemActive)) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 815]: Procedure Contract for waterRise Derived contract for procedure waterRise. Requires: ((((((waterLevel <= 1) && (pumpRunning == switchedOnBeforeTS)) || ((pumpRunning == 0) && ((waterLevel < 1) || (waterLevel == 1)))) || ((2 == waterLevel) && (pumpRunning == switchedOnBeforeTS))) || ((pumpRunning == 0) && (2 == waterLevel))) || ((2 == waterLevel) && ((methaneLevelCritical != 0) || (pumpRunning == 1)))) Ensures: ((((((((pumpRunning == 0) || (0 < \old(waterLevel))) || (waterLevel < 2)) && ((2 == waterLevel) || (\old(waterLevel) != 2))) && ((2 == waterLevel) || (\old(waterLevel) != 1))) && (((((((methaneLevelCritical != 0) || (pumpRunning == 1)) && (\old(waterLevel) == 2)) || ((\old(waterLevel) <= 1) && (pumpRunning == switchedOnBeforeTS))) || ((pumpRunning == switchedOnBeforeTS) && (\old(waterLevel) == 2))) || ((pumpRunning == 0) && (\old(waterLevel) == 2))) || (((\old(waterLevel) < 1) || (\old(waterLevel) == 1)) && (pumpRunning == 0)))) && (waterLevel <= 2)) && ((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 127]: Procedure Contract for processEnvironment__wrappee__methaneQuery Derived contract for procedure processEnvironment__wrappee__methaneQuery. Requires: (((waterLevel <= 2) && (pumpRunning == switchedOnBeforeTS)) && ((pumpRunning == 0) || (methaneLevelCritical == 0))) Ensures: (((((((pumpRunning == 0) || (pumpRunning == switchedOnBeforeTS)) || (switchedOnBeforeTS == 0)) && (((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((waterLevel != 1) && (1 <= waterLevel)))) && ((((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (methaneLevelCritical != 0)) || (pumpRunning == 1))) && ((((\old(pumpRunning) == 0) && (waterLevel <= 2)) && (switchedOnBeforeTS == 0)) || (((methaneLevelCritical == 0) && (waterLevel <= 2)) && (switchedOnBeforeTS == \old(pumpRunning))))) && ((((((systemActive == \old(systemActive)) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 222]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: (((2 == waterLevel) || ((pumpRunning == 0) && ((waterLevel < 1) || (waterLevel == 1)))) || ((waterLevel <= 2) && (pumpRunning == switchedOnBeforeTS))) Ensures: (((((2 == waterLevel) || ((pumpRunning == 0) && ((waterLevel < 1) || (waterLevel == 1)))) || (((waterLevel < 1) || (waterLevel == 1)) && (pumpRunning == switchedOnBeforeTS))) && (pumpRunning == \result)) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) - ProcedureContractResult [Line: 211]: Procedure Contract for isMethaneAlarm Derived contract for procedure isMethaneAlarm. Requires: (((waterLevel <= 2) && ((pumpRunning != 0) || (2 == waterLevel))) && (pumpRunning == switchedOnBeforeTS)) Ensures: (((((methaneLevelCritical == \result) && (waterLevel <= 2)) && ((pumpRunning != 0) || (2 == waterLevel))) && (pumpRunning == switchedOnBeforeTS)) && (((((((pumpRunning == \old(pumpRunning)) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS))) && (head == \old(head))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts)))) RESULT: Ultimate proved your program to be correct! [2024-11-14 05:12:57,296 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_cb2ccc6b-53f3-4fd0-93be-7a88ce8bf3a9/bin/utaipan-verify-sOmjnqqW8E/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE