./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_productSimulator.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 826ab2ba Calling Ultimate with: /usr/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/plugins/org.eclipse.equinox.launcher_1.6.800.v20240513-1750.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_productSimulator.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E --witnessprinter.witness.filename witness --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 62c2cf132c1af8470eae7f9b6621445fd5b91c1643db1f71bf7213022a4dec0a --- Real Ultimate output --- This is Ultimate 0.3.0-dev-826ab2b [2024-11-14 05:41:14,692 INFO L188 SettingsManager]: Resetting all preferences to default values... [2024-11-14 05:41:14,773 INFO L114 SettingsManager]: Loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/config/svcomp-Reach-32bit-Taipan_Default.epf [2024-11-14 05:41:14,779 WARN L101 SettingsManager]: Preference file contains the following unknown settings: [2024-11-14 05:41:14,780 WARN L103 SettingsManager]: * de.uni_freiburg.informatik.ultimate.core.Log level for class [2024-11-14 05:41:14,804 INFO L130 SettingsManager]: Preferences different from defaults after loading the file: [2024-11-14 05:41:14,804 INFO L151 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2024-11-14 05:41:14,805 INFO L153 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2024-11-14 05:41:14,805 INFO L151 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2024-11-14 05:41:14,805 INFO L153 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2024-11-14 05:41:14,805 INFO L153 SettingsManager]: * User list type=DISABLED [2024-11-14 05:41:14,806 INFO L151 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2024-11-14 05:41:14,806 INFO L153 SettingsManager]: * Explicit value domain=true [2024-11-14 05:41:14,806 INFO L153 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2024-11-14 05:41:14,806 INFO L153 SettingsManager]: * Octagon Domain=false [2024-11-14 05:41:14,806 INFO L153 SettingsManager]: * Abstract domain=CompoundDomain [2024-11-14 05:41:14,806 INFO L153 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2024-11-14 05:41:14,806 INFO L153 SettingsManager]: * Use the RCFG-of-the-future interface=true [2024-11-14 05:41:14,807 INFO L153 SettingsManager]: * Interval Domain=false [2024-11-14 05:41:14,807 INFO L151 SettingsManager]: Preferences of Sifa differ from their defaults: [2024-11-14 05:41:14,807 INFO L153 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2024-11-14 05:41:14,807 INFO L153 SettingsManager]: * Simplification Technique=POLY_PAC [2024-11-14 05:41:14,807 INFO L151 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2024-11-14 05:41:14,808 INFO L153 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2024-11-14 05:41:14,808 INFO L153 SettingsManager]: * sizeof long=4 [2024-11-14 05:41:14,808 INFO L153 SettingsManager]: * Overapproximate operations on floating types=true [2024-11-14 05:41:14,808 INFO L153 SettingsManager]: * sizeof POINTER=4 [2024-11-14 05:41:14,808 INFO L153 SettingsManager]: * Check division by zero=IGNORE [2024-11-14 05:41:14,808 INFO L153 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2024-11-14 05:41:14,808 INFO L153 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2024-11-14 05:41:14,808 INFO L153 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2024-11-14 05:41:14,809 INFO L153 SettingsManager]: * Allow undefined functions=false [2024-11-14 05:41:14,809 INFO L153 SettingsManager]: * sizeof long double=12 [2024-11-14 05:41:14,809 INFO L153 SettingsManager]: * Check if freed pointer was valid=false [2024-11-14 05:41:14,809 INFO L153 SettingsManager]: * Use constant arrays=true [2024-11-14 05:41:14,809 INFO L151 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2024-11-14 05:41:14,809 INFO L153 SettingsManager]: * Only consider context switches at boundaries of atomic blocks=true [2024-11-14 05:41:14,810 INFO L153 SettingsManager]: * SMT solver=External_DefaultMode [2024-11-14 05:41:14,810 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2024-11-14 05:41:14,810 INFO L151 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2024-11-14 05:41:14,810 INFO L153 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2024-11-14 05:41:14,810 INFO L153 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopHeads [2024-11-14 05:41:14,810 INFO L153 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2024-11-14 05:41:14,810 INFO L153 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2024-11-14 05:41:14,811 INFO L153 SettingsManager]: * Apply one-shot large block encoding in concurrent analysis=false [2024-11-14 05:41:14,811 INFO L153 SettingsManager]: * Trace refinement exception blacklist=NONE [2024-11-14 05:41:14,811 INFO L153 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode [2024-11-14 05:41:14,811 INFO L153 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 62c2cf132c1af8470eae7f9b6621445fd5b91c1643db1f71bf7213022a4dec0a [2024-11-14 05:41:15,131 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2024-11-14 05:41:15,143 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2024-11-14 05:41:15,146 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2024-11-14 05:41:15,149 INFO L270 PluginConnector]: Initializing CDTParser... [2024-11-14 05:41:15,149 INFO L274 PluginConnector]: CDTParser initialized [2024-11-14 05:41:15,151 INFO L431 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/../../sv-benchmarks/c/product-lines/minepump_spec5_productSimulator.cil.c Unable to find full path for "g++" [2024-11-14 05:41:17,012 INFO L533 CDTParser]: Created temporary CDT project at NULL [2024-11-14 05:41:17,315 INFO L384 CDTParser]: Found 1 translation units. [2024-11-14 05:41:17,317 INFO L180 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/sv-benchmarks/c/product-lines/minepump_spec5_productSimulator.cil.c [2024-11-14 05:41:17,331 INFO L427 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/data/b870d6f91/d04423fbd4d44226b546482e1ccba8ac/FLAG9491e7dbc [2024-11-14 05:41:17,571 INFO L435 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/data/b870d6f91/d04423fbd4d44226b546482e1ccba8ac [2024-11-14 05:41:17,573 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2024-11-14 05:41:17,576 INFO L133 ToolchainWalker]: Walking toolchain with 6 elements. [2024-11-14 05:41:17,578 INFO L112 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2024-11-14 05:41:17,578 INFO L270 PluginConnector]: Initializing CACSL2BoogieTranslator... [2024-11-14 05:41:17,582 INFO L274 PluginConnector]: CACSL2BoogieTranslator initialized [2024-11-14 05:41:17,584 INFO L184 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 14.11 05:41:17" (1/1) ... [2024-11-14 05:41:17,585 INFO L204 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@5f217907 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:41:17, skipping insertion in model container [2024-11-14 05:41:17,588 INFO L184 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 14.11 05:41:17" (1/1) ... [2024-11-14 05:41:17,640 INFO L175 MainTranslator]: Built tables and reachable declarations [2024-11-14 05:41:17,860 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/sv-benchmarks/c/product-lines/minepump_spec5_productSimulator.cil.c[5724,5737] [2024-11-14 05:41:18,001 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-14 05:41:18,015 INFO L200 MainTranslator]: Completed pre-run [2024-11-14 05:41:18,025 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] [2024-11-14 05:41:18,027 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [168] [2024-11-14 05:41:18,027 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [272] [2024-11-14 05:41:18,028 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [317] [2024-11-14 05:41:18,028 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [326] [2024-11-14 05:41:18,028 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [692] [2024-11-14 05:41:18,028 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [771] [2024-11-14 05:41:18,029 WARN L75 lationResultReporter]: Unsoundness Warning: Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [1110] [2024-11-14 05:41:18,058 WARN L250 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/sv-benchmarks/c/product-lines/minepump_spec5_productSimulator.cil.c[5724,5737] [2024-11-14 05:41:18,140 INFO L210 PostProcessor]: Analyzing one entry point: main [2024-11-14 05:41:18,169 INFO L204 MainTranslator]: Completed translation [2024-11-14 05:41:18,170 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:41:18 WrapperNode [2024-11-14 05:41:18,170 INFO L131 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2024-11-14 05:41:18,171 INFO L112 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2024-11-14 05:41:18,171 INFO L270 PluginConnector]: Initializing Boogie Procedure Inliner... [2024-11-14 05:41:18,171 INFO L274 PluginConnector]: Boogie Procedure Inliner initialized [2024-11-14 05:41:18,178 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:41:18" (1/1) ... [2024-11-14 05:41:18,196 INFO L184 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:41:18" (1/1) ... [2024-11-14 05:41:18,238 INFO L138 Inliner]: procedures = 65, calls = 124, calls flagged for inlining = 30, calls inlined = 27, statements flattened = 302 [2024-11-14 05:41:18,240 INFO L131 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2024-11-14 05:41:18,241 INFO L112 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2024-11-14 05:41:18,241 INFO L270 PluginConnector]: Initializing Boogie Preprocessor... [2024-11-14 05:41:18,241 INFO L274 PluginConnector]: Boogie Preprocessor initialized [2024-11-14 05:41:18,249 INFO L184 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:41:18" (1/1) ... [2024-11-14 05:41:18,249 INFO L184 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:41:18" (1/1) ... [2024-11-14 05:41:18,256 INFO L184 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:41:18" (1/1) ... [2024-11-14 05:41:18,256 INFO L184 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:41:18" (1/1) ... [2024-11-14 05:41:18,266 INFO L184 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:41:18" (1/1) ... [2024-11-14 05:41:18,277 INFO L184 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:41:18" (1/1) ... [2024-11-14 05:41:18,279 INFO L184 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:41:18" (1/1) ... [2024-11-14 05:41:18,280 INFO L184 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:41:18" (1/1) ... [2024-11-14 05:41:18,283 INFO L131 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2024-11-14 05:41:18,283 INFO L112 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2024-11-14 05:41:18,283 INFO L270 PluginConnector]: Initializing RCFGBuilder... [2024-11-14 05:41:18,283 INFO L274 PluginConnector]: RCFGBuilder initialized [2024-11-14 05:41:18,284 INFO L184 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:41:18" (1/1) ... [2024-11-14 05:41:18,290 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2024-11-14 05:41:18,303 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 [2024-11-14 05:41:18,319 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2024-11-14 05:41:18,325 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2024-11-14 05:41:18,350 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2024-11-14 05:41:18,350 INFO L130 BoogieDeclarations]: Found specification of procedure activatePump__before__methaneQuery [2024-11-14 05:41:18,350 INFO L138 BoogieDeclarations]: Found implementation of procedure activatePump__before__methaneQuery [2024-11-14 05:41:18,350 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2024-11-14 05:41:18,350 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2024-11-14 05:41:18,350 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2024-11-14 05:41:18,350 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2024-11-14 05:41:18,350 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__highWaterSensor [2024-11-14 05:41:18,351 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__highWaterSensor [2024-11-14 05:41:18,351 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2024-11-14 05:41:18,351 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2024-11-14 05:41:18,351 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__methaneAlarm [2024-11-14 05:41:18,351 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__methaneAlarm [2024-11-14 05:41:18,351 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2024-11-14 05:41:18,351 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2024-11-14 05:41:18,351 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__before__lowWaterSensor [2024-11-14 05:41:18,351 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__before__lowWaterSensor [2024-11-14 05:41:18,351 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneAlarm [2024-11-14 05:41:18,351 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneAlarm [2024-11-14 05:41:18,352 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2024-11-14 05:41:18,352 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2024-11-14 05:41:18,352 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2024-11-14 05:41:18,352 INFO L130 BoogieDeclarations]: Found specification of procedure select_one [2024-11-14 05:41:18,352 INFO L138 BoogieDeclarations]: Found implementation of procedure select_one [2024-11-14 05:41:18,352 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2024-11-14 05:41:18,352 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2024-11-14 05:41:18,352 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2024-11-14 05:41:18,352 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2024-11-14 05:41:18,455 INFO L238 CfgBuilder]: Building ICFG [2024-11-14 05:41:18,459 INFO L264 CfgBuilder]: Building CFG for each procedure with an implementation [2024-11-14 05:41:18,947 INFO L? ?]: Removed 54 outVars from TransFormulas that were not future-live. [2024-11-14 05:41:18,947 INFO L287 CfgBuilder]: Performing block encoding [2024-11-14 05:41:19,069 INFO L311 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2024-11-14 05:41:19,072 INFO L316 CfgBuilder]: Removed 2 assume(true) statements. [2024-11-14 05:41:19,072 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.11 05:41:19 BoogieIcfgContainer [2024-11-14 05:41:19,072 INFO L131 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2024-11-14 05:41:19,077 INFO L112 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2024-11-14 05:41:19,077 INFO L270 PluginConnector]: Initializing TraceAbstraction... [2024-11-14 05:41:19,082 INFO L274 PluginConnector]: TraceAbstraction initialized [2024-11-14 05:41:19,082 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 14.11 05:41:17" (1/3) ... [2024-11-14 05:41:19,082 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@22208b8f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 14.11 05:41:19, skipping insertion in model container [2024-11-14 05:41:19,083 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 14.11 05:41:18" (2/3) ... [2024-11-14 05:41:19,083 INFO L204 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@22208b8f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 14.11 05:41:19, skipping insertion in model container [2024-11-14 05:41:19,083 INFO L184 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.11 05:41:19" (3/3) ... [2024-11-14 05:41:19,085 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_productSimulator.cil.c [2024-11-14 05:41:19,104 INFO L217 ceAbstractionStarter]: Automizer settings: Hoare:LoopHeads NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2024-11-14 05:41:19,106 INFO L154 ceAbstractionStarter]: Applying trace abstraction to ICFG minepump_spec5_productSimulator.cil.c that has 13 procedures, 110 locations, 1 initial locations, 2 loop locations, and 1 error locations. [2024-11-14 05:41:19,177 INFO L332 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2024-11-14 05:41:19,194 INFO L333 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopHeads, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@7b2afe6e, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2024-11-14 05:41:19,194 INFO L334 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2024-11-14 05:41:19,199 INFO L276 IsEmpty]: Start isEmpty. Operand has 110 states, 66 states have (on average 1.4090909090909092) internal successors, (93), 82 states have internal predecessors, (93), 30 states have call successors, (30), 12 states have call predecessors, (30), 12 states have return successors, (30), 25 states have call predecessors, (30), 30 states have call successors, (30) [2024-11-14 05:41:19,212 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 46 [2024-11-14 05:41:19,213 INFO L207 NwaCegarLoop]: Found error trace [2024-11-14 05:41:19,213 INFO L215 NwaCegarLoop]: trace histogram [6, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-14 05:41:19,214 INFO L396 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-14 05:41:19,219 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-14 05:41:19,220 INFO L85 PathProgramCache]: Analyzing trace with hash -180121021, now seen corresponding path program 1 times [2024-11-14 05:41:19,228 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-14 05:41:19,229 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1824459526] [2024-11-14 05:41:19,229 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-14 05:41:19,230 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-14 05:41:19,376 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-14 05:41:19,535 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2024-11-14 05:41:19,535 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-14 05:41:19,535 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1824459526] [2024-11-14 05:41:19,536 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1824459526] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-14 05:41:19,536 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-14 05:41:19,536 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2024-11-14 05:41:19,539 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2030833719] [2024-11-14 05:41:19,540 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-14 05:41:19,543 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2024-11-14 05:41:19,543 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-14 05:41:19,564 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2024-11-14 05:41:19,566 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-14 05:41:19,568 INFO L87 Difference]: Start difference. First operand has 110 states, 66 states have (on average 1.4090909090909092) internal successors, (93), 82 states have internal predecessors, (93), 30 states have call successors, (30), 12 states have call predecessors, (30), 12 states have return successors, (30), 25 states have call predecessors, (30), 30 states have call successors, (30) Second operand has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) [2024-11-14 05:41:19,675 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-14 05:41:19,679 INFO L93 Difference]: Finished difference Result 204 states and 288 transitions. [2024-11-14 05:41:19,681 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2024-11-14 05:41:19,682 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) Word has length 45 [2024-11-14 05:41:19,683 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-14 05:41:19,695 INFO L225 Difference]: With dead ends: 204 [2024-11-14 05:41:19,696 INFO L226 Difference]: Without dead ends: 105 [2024-11-14 05:41:19,700 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2024-11-14 05:41:19,704 INFO L432 NwaCegarLoop]: 129 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 21 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 129 SdHoareTripleChecker+Invalid, 22 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 21 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-14 05:41:19,704 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 129 Invalid, 22 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 21 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-14 05:41:19,720 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 105 states. [2024-11-14 05:41:19,747 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 105 to 105. [2024-11-14 05:41:19,749 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 105 states, 63 states have (on average 1.3492063492063493) internal successors, (85), 78 states have internal predecessors, (85), 30 states have call successors, (30), 12 states have call predecessors, (30), 11 states have return successors, (29), 24 states have call predecessors, (29), 29 states have call successors, (29) [2024-11-14 05:41:19,757 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 105 states to 105 states and 144 transitions. [2024-11-14 05:41:19,759 INFO L78 Accepts]: Start accepts. Automaton has 105 states and 144 transitions. Word has length 45 [2024-11-14 05:41:19,760 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-14 05:41:19,764 INFO L471 AbstractCegarLoop]: Abstraction has 105 states and 144 transitions. [2024-11-14 05:41:19,764 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 10.5) internal successors, (21), 2 states have internal predecessors, (21), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) [2024-11-14 05:41:19,764 INFO L276 IsEmpty]: Start isEmpty. Operand 105 states and 144 transitions. [2024-11-14 05:41:19,769 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 47 [2024-11-14 05:41:19,770 INFO L207 NwaCegarLoop]: Found error trace [2024-11-14 05:41:19,770 INFO L215 NwaCegarLoop]: trace histogram [6, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-14 05:41:19,770 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2024-11-14 05:41:19,770 INFO L396 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-14 05:41:19,771 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-14 05:41:19,771 INFO L85 PathProgramCache]: Analyzing trace with hash -827608508, now seen corresponding path program 1 times [2024-11-14 05:41:19,771 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-14 05:41:19,771 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2126353996] [2024-11-14 05:41:19,772 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-14 05:41:19,772 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-14 05:41:19,829 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-14 05:41:20,000 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2024-11-14 05:41:20,000 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-14 05:41:20,000 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2126353996] [2024-11-14 05:41:20,001 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2126353996] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-14 05:41:20,001 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-14 05:41:20,001 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2024-11-14 05:41:20,001 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [933131119] [2024-11-14 05:41:20,001 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-14 05:41:20,002 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-14 05:41:20,002 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-14 05:41:20,003 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-14 05:41:20,003 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-14 05:41:20,003 INFO L87 Difference]: Start difference. First operand 105 states and 144 transitions. Second operand has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) [2024-11-14 05:41:20,097 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-14 05:41:20,097 INFO L93 Difference]: Finished difference Result 167 states and 229 transitions. [2024-11-14 05:41:20,098 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-14 05:41:20,098 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) Word has length 46 [2024-11-14 05:41:20,099 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-14 05:41:20,100 INFO L225 Difference]: With dead ends: 167 [2024-11-14 05:41:20,102 INFO L226 Difference]: Without dead ends: 97 [2024-11-14 05:41:20,103 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-14 05:41:20,104 INFO L432 NwaCegarLoop]: 115 mSDtfsCounter, 16 mSDsluCounter, 97 mSDsCounter, 0 mSdLazyCounter, 32 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 20 SdHoareTripleChecker+Valid, 212 SdHoareTripleChecker+Invalid, 32 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 32 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-14 05:41:20,107 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [20 Valid, 212 Invalid, 32 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 32 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-14 05:41:20,108 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 97 states. [2024-11-14 05:41:20,123 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 97 to 97. [2024-11-14 05:41:20,124 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 97 states, 58 states have (on average 1.3620689655172413) internal successors, (79), 73 states have internal predecessors, (79), 27 states have call successors, (27), 11 states have call predecessors, (27), 11 states have return successors, (27), 22 states have call predecessors, (27), 27 states have call successors, (27) [2024-11-14 05:41:20,129 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 97 states to 97 states and 133 transitions. [2024-11-14 05:41:20,129 INFO L78 Accepts]: Start accepts. Automaton has 97 states and 133 transitions. Word has length 46 [2024-11-14 05:41:20,129 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-14 05:41:20,129 INFO L471 AbstractCegarLoop]: Abstraction has 97 states and 133 transitions. [2024-11-14 05:41:20,130 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.333333333333333) internal successors, (22), 3 states have internal predecessors, (22), 2 states have call successors, (10), 2 states have call predecessors, (10), 1 states have return successors, (8), 2 states have call predecessors, (8), 2 states have call successors, (8) [2024-11-14 05:41:20,130 INFO L276 IsEmpty]: Start isEmpty. Operand 97 states and 133 transitions. [2024-11-14 05:41:20,131 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 50 [2024-11-14 05:41:20,131 INFO L207 NwaCegarLoop]: Found error trace [2024-11-14 05:41:20,131 INFO L215 NwaCegarLoop]: trace histogram [6, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-14 05:41:20,132 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2024-11-14 05:41:20,132 INFO L396 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-14 05:41:20,132 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-14 05:41:20,135 INFO L85 PathProgramCache]: Analyzing trace with hash -600258105, now seen corresponding path program 1 times [2024-11-14 05:41:20,136 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-14 05:41:20,136 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2077649345] [2024-11-14 05:41:20,136 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-14 05:41:20,136 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-14 05:41:20,190 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-14 05:41:20,389 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 31 trivial. 0 not checked. [2024-11-14 05:41:20,390 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-14 05:41:20,390 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2077649345] [2024-11-14 05:41:20,390 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2077649345] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-14 05:41:20,390 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-14 05:41:20,390 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2024-11-14 05:41:20,390 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1440191284] [2024-11-14 05:41:20,390 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-14 05:41:20,391 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2024-11-14 05:41:20,391 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-14 05:41:20,392 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2024-11-14 05:41:20,392 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2024-11-14 05:41:20,392 INFO L87 Difference]: Start difference. First operand 97 states and 133 transitions. Second operand has 6 states, 5 states have (on average 5.4) internal successors, (27), 5 states have internal predecessors, (27), 1 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (8), 2 states have call predecessors, (8), 1 states have call successors, (8) [2024-11-14 05:41:20,759 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-14 05:41:20,760 INFO L93 Difference]: Finished difference Result 231 states and 331 transitions. [2024-11-14 05:41:20,760 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2024-11-14 05:41:20,761 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 5.4) internal successors, (27), 5 states have internal predecessors, (27), 1 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (8), 2 states have call predecessors, (8), 1 states have call successors, (8) Word has length 49 [2024-11-14 05:41:20,761 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-14 05:41:20,763 INFO L225 Difference]: With dead ends: 231 [2024-11-14 05:41:20,763 INFO L226 Difference]: Without dead ends: 150 [2024-11-14 05:41:20,764 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2024-11-14 05:41:20,769 INFO L432 NwaCegarLoop]: 117 mSDtfsCounter, 81 mSDsluCounter, 370 mSDsCounter, 0 mSdLazyCounter, 158 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 82 SdHoareTripleChecker+Valid, 487 SdHoareTripleChecker+Invalid, 167 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 158 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2024-11-14 05:41:20,769 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [82 Valid, 487 Invalid, 167 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 158 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2024-11-14 05:41:20,770 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 150 states. [2024-11-14 05:41:20,806 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 150 to 150. [2024-11-14 05:41:20,807 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 150 states, 95 states have (on average 1.3263157894736841) internal successors, (126), 112 states have internal predecessors, (126), 35 states have call successors, (35), 19 states have call predecessors, (35), 19 states have return successors, (45), 33 states have call predecessors, (45), 35 states have call successors, (45) [2024-11-14 05:41:20,809 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 150 states to 150 states and 206 transitions. [2024-11-14 05:41:20,809 INFO L78 Accepts]: Start accepts. Automaton has 150 states and 206 transitions. Word has length 49 [2024-11-14 05:41:20,810 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-14 05:41:20,810 INFO L471 AbstractCegarLoop]: Abstraction has 150 states and 206 transitions. [2024-11-14 05:41:20,810 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 5.4) internal successors, (27), 5 states have internal predecessors, (27), 1 states have call successors, (9), 2 states have call predecessors, (9), 2 states have return successors, (8), 2 states have call predecessors, (8), 1 states have call successors, (8) [2024-11-14 05:41:20,810 INFO L276 IsEmpty]: Start isEmpty. Operand 150 states and 206 transitions. [2024-11-14 05:41:20,812 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 68 [2024-11-14 05:41:20,812 INFO L207 NwaCegarLoop]: Found error trace [2024-11-14 05:41:20,812 INFO L215 NwaCegarLoop]: trace histogram [6, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-14 05:41:20,813 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2024-11-14 05:41:20,813 INFO L396 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-14 05:41:20,813 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-14 05:41:20,814 INFO L85 PathProgramCache]: Analyzing trace with hash 325892017, now seen corresponding path program 1 times [2024-11-14 05:41:20,814 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-14 05:41:20,814 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1559467658] [2024-11-14 05:41:20,814 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-14 05:41:20,814 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-14 05:41:20,876 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-14 05:41:21,509 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 31 trivial. 0 not checked. [2024-11-14 05:41:21,510 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-14 05:41:21,510 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1559467658] [2024-11-14 05:41:21,510 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1559467658] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-14 05:41:21,511 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-14 05:41:21,511 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [12] imperfect sequences [] total 12 [2024-11-14 05:41:21,511 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1381198025] [2024-11-14 05:41:21,511 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-14 05:41:21,511 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 12 states [2024-11-14 05:41:21,512 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-14 05:41:21,512 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2024-11-14 05:41:21,513 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=27, Invalid=105, Unknown=0, NotChecked=0, Total=132 [2024-11-14 05:41:21,514 INFO L87 Difference]: Start difference. First operand 150 states and 206 transitions. Second operand has 12 states, 10 states have (on average 3.9) internal successors, (39), 11 states have internal predecessors, (39), 5 states have call successors, (12), 2 states have call predecessors, (12), 4 states have return successors, (11), 4 states have call predecessors, (11), 5 states have call successors, (11) [2024-11-14 05:41:22,651 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-14 05:41:22,652 INFO L93 Difference]: Finished difference Result 433 states and 610 transitions. [2024-11-14 05:41:22,653 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 20 states. [2024-11-14 05:41:22,653 INFO L78 Accepts]: Start accepts. Automaton has has 12 states, 10 states have (on average 3.9) internal successors, (39), 11 states have internal predecessors, (39), 5 states have call successors, (12), 2 states have call predecessors, (12), 4 states have return successors, (11), 4 states have call predecessors, (11), 5 states have call successors, (11) Word has length 67 [2024-11-14 05:41:22,654 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-14 05:41:22,657 INFO L225 Difference]: With dead ends: 433 [2024-11-14 05:41:22,660 INFO L226 Difference]: Without dead ends: 299 [2024-11-14 05:41:22,662 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 30 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 25 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 132 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=135, Invalid=567, Unknown=0, NotChecked=0, Total=702 [2024-11-14 05:41:22,663 INFO L432 NwaCegarLoop]: 212 mSDtfsCounter, 534 mSDsluCounter, 1009 mSDsCounter, 0 mSdLazyCounter, 793 mSolverCounterSat, 213 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 539 SdHoareTripleChecker+Valid, 1221 SdHoareTripleChecker+Invalid, 1006 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 213 IncrementalHoareTripleChecker+Valid, 793 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2024-11-14 05:41:22,663 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [539 Valid, 1221 Invalid, 1006 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [213 Valid, 793 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2024-11-14 05:41:22,664 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 299 states. [2024-11-14 05:41:22,729 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 299 to 292. [2024-11-14 05:41:22,732 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 292 states, 192 states have (on average 1.2916666666666667) internal successors, (248), 220 states have internal predecessors, (248), 61 states have call successors, (61), 36 states have call predecessors, (61), 38 states have return successors, (80), 62 states have call predecessors, (80), 61 states have call successors, (80) [2024-11-14 05:41:22,736 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 292 states to 292 states and 389 transitions. [2024-11-14 05:41:22,737 INFO L78 Accepts]: Start accepts. Automaton has 292 states and 389 transitions. Word has length 67 [2024-11-14 05:41:22,738 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-14 05:41:22,738 INFO L471 AbstractCegarLoop]: Abstraction has 292 states and 389 transitions. [2024-11-14 05:41:22,738 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 12 states, 10 states have (on average 3.9) internal successors, (39), 11 states have internal predecessors, (39), 5 states have call successors, (12), 2 states have call predecessors, (12), 4 states have return successors, (11), 4 states have call predecessors, (11), 5 states have call successors, (11) [2024-11-14 05:41:22,739 INFO L276 IsEmpty]: Start isEmpty. Operand 292 states and 389 transitions. [2024-11-14 05:41:22,741 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 71 [2024-11-14 05:41:22,741 INFO L207 NwaCegarLoop]: Found error trace [2024-11-14 05:41:22,741 INFO L215 NwaCegarLoop]: trace histogram [6, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-14 05:41:22,741 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2024-11-14 05:41:22,742 INFO L396 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-14 05:41:22,742 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-14 05:41:22,742 INFO L85 PathProgramCache]: Analyzing trace with hash -696959971, now seen corresponding path program 1 times [2024-11-14 05:41:22,742 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-14 05:41:22,743 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1937566819] [2024-11-14 05:41:22,743 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-14 05:41:22,743 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-14 05:41:22,780 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-14 05:41:23,143 INFO L134 CoverageAnalysis]: Checked inductivity of 32 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 32 trivial. 0 not checked. [2024-11-14 05:41:23,143 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-14 05:41:23,143 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1937566819] [2024-11-14 05:41:23,143 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1937566819] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-14 05:41:23,143 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-14 05:41:23,143 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-11-14 05:41:23,144 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [595681944] [2024-11-14 05:41:23,144 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-14 05:41:23,144 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-14 05:41:23,144 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-14 05:41:23,145 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-14 05:41:23,145 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=39, Unknown=0, NotChecked=0, Total=56 [2024-11-14 05:41:23,145 INFO L87 Difference]: Start difference. First operand 292 states and 389 transitions. Second operand has 8 states, 7 states have (on average 5.571428571428571) internal successors, (39), 7 states have internal predecessors, (39), 5 states have call successors, (13), 3 states have call predecessors, (13), 2 states have return successors, (12), 5 states have call predecessors, (12), 5 states have call successors, (12) [2024-11-14 05:41:23,818 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-14 05:41:23,818 INFO L93 Difference]: Finished difference Result 712 states and 961 transitions. [2024-11-14 05:41:23,818 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2024-11-14 05:41:23,819 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 5.571428571428571) internal successors, (39), 7 states have internal predecessors, (39), 5 states have call successors, (13), 3 states have call predecessors, (13), 2 states have return successors, (12), 5 states have call predecessors, (12), 5 states have call successors, (12) Word has length 70 [2024-11-14 05:41:23,819 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-14 05:41:23,823 INFO L225 Difference]: With dead ends: 712 [2024-11-14 05:41:23,823 INFO L226 Difference]: Without dead ends: 490 [2024-11-14 05:41:23,825 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 16 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 11 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 18 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=54, Invalid=102, Unknown=0, NotChecked=0, Total=156 [2024-11-14 05:41:23,825 INFO L432 NwaCegarLoop]: 113 mSDtfsCounter, 385 mSDsluCounter, 243 mSDsCounter, 0 mSdLazyCounter, 427 mSolverCounterSat, 161 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 398 SdHoareTripleChecker+Valid, 356 SdHoareTripleChecker+Invalid, 588 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 161 IncrementalHoareTripleChecker+Valid, 427 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.5s IncrementalHoareTripleChecker+Time [2024-11-14 05:41:23,826 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [398 Valid, 356 Invalid, 588 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [161 Valid, 427 Invalid, 0 Unknown, 0 Unchecked, 0.5s Time] [2024-11-14 05:41:23,827 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 490 states. [2024-11-14 05:41:23,893 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 490 to 419. [2024-11-14 05:41:23,894 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 419 states, 279 states have (on average 1.2867383512544803) internal successors, (359), 319 states have internal predecessors, (359), 84 states have call successors, (84), 49 states have call predecessors, (84), 55 states have return successors, (111), 90 states have call predecessors, (111), 84 states have call successors, (111) [2024-11-14 05:41:23,899 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 419 states to 419 states and 554 transitions. [2024-11-14 05:41:23,899 INFO L78 Accepts]: Start accepts. Automaton has 419 states and 554 transitions. Word has length 70 [2024-11-14 05:41:23,900 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-14 05:41:23,900 INFO L471 AbstractCegarLoop]: Abstraction has 419 states and 554 transitions. [2024-11-14 05:41:23,900 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 5.571428571428571) internal successors, (39), 7 states have internal predecessors, (39), 5 states have call successors, (13), 3 states have call predecessors, (13), 2 states have return successors, (12), 5 states have call predecessors, (12), 5 states have call successors, (12) [2024-11-14 05:41:23,900 INFO L276 IsEmpty]: Start isEmpty. Operand 419 states and 554 transitions. [2024-11-14 05:41:23,903 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 89 [2024-11-14 05:41:23,904 INFO L207 NwaCegarLoop]: Found error trace [2024-11-14 05:41:23,904 INFO L215 NwaCegarLoop]: trace histogram [6, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-14 05:41:23,905 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2024-11-14 05:41:23,907 INFO L396 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-14 05:41:23,908 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-14 05:41:23,908 INFO L85 PathProgramCache]: Analyzing trace with hash 39398030, now seen corresponding path program 1 times [2024-11-14 05:41:23,908 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-14 05:41:23,908 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [50043779] [2024-11-14 05:41:23,908 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-14 05:41:23,908 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-14 05:41:23,932 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-14 05:41:24,120 INFO L134 CoverageAnalysis]: Checked inductivity of 50 backedges. 6 proven. 0 refuted. 0 times theorem prover too weak. 44 trivial. 0 not checked. [2024-11-14 05:41:24,121 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-14 05:41:24,121 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [50043779] [2024-11-14 05:41:24,121 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [50043779] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-14 05:41:24,121 INFO L185 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2024-11-14 05:41:24,121 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2024-11-14 05:41:24,121 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1022293987] [2024-11-14 05:41:24,121 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-14 05:41:24,122 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2024-11-14 05:41:24,122 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-14 05:41:24,122 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2024-11-14 05:41:24,123 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=13, Invalid=43, Unknown=0, NotChecked=0, Total=56 [2024-11-14 05:41:24,123 INFO L87 Difference]: Start difference. First operand 419 states and 554 transitions. Second operand has 8 states, 7 states have (on average 6.571428571428571) internal successors, (46), 6 states have internal predecessors, (46), 2 states have call successors, (13), 1 states have call predecessors, (13), 2 states have return successors, (14), 3 states have call predecessors, (14), 2 states have call successors, (14) [2024-11-14 05:41:24,924 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-14 05:41:24,925 INFO L93 Difference]: Finished difference Result 859 states and 1155 transitions. [2024-11-14 05:41:24,925 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 17 states. [2024-11-14 05:41:24,926 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 6.571428571428571) internal successors, (46), 6 states have internal predecessors, (46), 2 states have call successors, (13), 1 states have call predecessors, (13), 2 states have return successors, (14), 3 states have call predecessors, (14), 2 states have call successors, (14) Word has length 88 [2024-11-14 05:41:24,926 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-14 05:41:24,931 INFO L225 Difference]: With dead ends: 859 [2024-11-14 05:41:24,931 INFO L226 Difference]: Without dead ends: 635 [2024-11-14 05:41:24,933 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 21 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 17 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 46 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=71, Invalid=271, Unknown=0, NotChecked=0, Total=342 [2024-11-14 05:41:24,933 INFO L432 NwaCegarLoop]: 188 mSDtfsCounter, 190 mSDsluCounter, 576 mSDsCounter, 0 mSdLazyCounter, 707 mSolverCounterSat, 43 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 194 SdHoareTripleChecker+Valid, 764 SdHoareTripleChecker+Invalid, 750 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 43 IncrementalHoareTripleChecker+Valid, 707 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2024-11-14 05:41:24,934 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [194 Valid, 764 Invalid, 750 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [43 Valid, 707 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2024-11-14 05:41:24,935 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 635 states. [2024-11-14 05:41:25,053 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 635 to 511. [2024-11-14 05:41:25,055 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 511 states, 340 states have (on average 1.2882352941176471) internal successors, (438), 385 states have internal predecessors, (438), 99 states have call successors, (99), 65 states have call predecessors, (99), 71 states have return successors, (131), 103 states have call predecessors, (131), 99 states have call successors, (131) [2024-11-14 05:41:25,060 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 511 states to 511 states and 668 transitions. [2024-11-14 05:41:25,062 INFO L78 Accepts]: Start accepts. Automaton has 511 states and 668 transitions. Word has length 88 [2024-11-14 05:41:25,062 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-14 05:41:25,064 INFO L471 AbstractCegarLoop]: Abstraction has 511 states and 668 transitions. [2024-11-14 05:41:25,064 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 6.571428571428571) internal successors, (46), 6 states have internal predecessors, (46), 2 states have call successors, (13), 1 states have call predecessors, (13), 2 states have return successors, (14), 3 states have call predecessors, (14), 2 states have call successors, (14) [2024-11-14 05:41:25,065 INFO L276 IsEmpty]: Start isEmpty. Operand 511 states and 668 transitions. [2024-11-14 05:41:25,070 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 132 [2024-11-14 05:41:25,070 INFO L207 NwaCegarLoop]: Found error trace [2024-11-14 05:41:25,070 INFO L215 NwaCegarLoop]: trace histogram [6, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-14 05:41:25,070 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2024-11-14 05:41:25,071 INFO L396 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-14 05:41:25,071 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-14 05:41:25,071 INFO L85 PathProgramCache]: Analyzing trace with hash 2114655353, now seen corresponding path program 1 times [2024-11-14 05:41:25,071 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-14 05:41:25,071 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [640904717] [2024-11-14 05:41:25,072 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-14 05:41:25,072 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-14 05:41:25,116 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-14 05:41:25,407 INFO L134 CoverageAnalysis]: Checked inductivity of 104 backedges. 36 proven. 18 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2024-11-14 05:41:25,407 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-14 05:41:25,407 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [640904717] [2024-11-14 05:41:25,407 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [640904717] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-14 05:41:25,408 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [447997747] [2024-11-14 05:41:25,408 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-14 05:41:25,408 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-14 05:41:25,408 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 [2024-11-14 05:41:25,410 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-14 05:41:25,412 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2024-11-14 05:41:25,545 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-14 05:41:25,548 INFO L255 TraceCheckSpWp]: Trace formula consists of 439 conjuncts, 3 conjuncts are in the unsatisfiable core [2024-11-14 05:41:25,555 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-14 05:41:25,592 INFO L134 CoverageAnalysis]: Checked inductivity of 104 backedges. 42 proven. 0 refuted. 0 times theorem prover too weak. 62 trivial. 0 not checked. [2024-11-14 05:41:25,593 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-14 05:41:25,593 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [447997747] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-14 05:41:25,593 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-11-14 05:41:25,593 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [9] total 10 [2024-11-14 05:41:25,593 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [139589465] [2024-11-14 05:41:25,593 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-14 05:41:25,594 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-14 05:41:25,594 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-14 05:41:25,594 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-14 05:41:25,595 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=24, Invalid=66, Unknown=0, NotChecked=0, Total=90 [2024-11-14 05:41:25,595 INFO L87 Difference]: Start difference. First operand 511 states and 668 transitions. Second operand has 3 states, 3 states have (on average 22.333333333333332) internal successors, (67), 3 states have internal predecessors, (67), 3 states have call successors, (19), 3 states have call predecessors, (19), 3 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) [2024-11-14 05:41:25,757 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-14 05:41:25,757 INFO L93 Difference]: Finished difference Result 1158 states and 1534 transitions. [2024-11-14 05:41:25,757 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-14 05:41:25,758 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 22.333333333333332) internal successors, (67), 3 states have internal predecessors, (67), 3 states have call successors, (19), 3 states have call predecessors, (19), 3 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) Word has length 131 [2024-11-14 05:41:25,758 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-14 05:41:25,763 INFO L225 Difference]: With dead ends: 1158 [2024-11-14 05:41:25,763 INFO L226 Difference]: Without dead ends: 682 [2024-11-14 05:41:25,765 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 139 GetRequests, 131 SyntacticMatches, 0 SemanticMatches, 8 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 13 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=24, Invalid=66, Unknown=0, NotChecked=0, Total=90 [2024-11-14 05:41:25,766 INFO L432 NwaCegarLoop]: 140 mSDtfsCounter, 35 mSDsluCounter, 113 mSDsCounter, 0 mSdLazyCounter, 46 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 35 SdHoareTripleChecker+Valid, 253 SdHoareTripleChecker+Invalid, 47 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 46 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-14 05:41:25,766 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [35 Valid, 253 Invalid, 47 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 46 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-14 05:41:25,767 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 682 states. [2024-11-14 05:41:25,853 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 682 to 665. [2024-11-14 05:41:25,854 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 665 states, 446 states have (on average 1.2914798206278026) internal successors, (576), 504 states have internal predecessors, (576), 125 states have call successors, (125), 86 states have call predecessors, (125), 93 states have return successors, (170), 126 states have call predecessors, (170), 125 states have call successors, (170) [2024-11-14 05:41:25,859 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 665 states to 665 states and 871 transitions. [2024-11-14 05:41:25,861 INFO L78 Accepts]: Start accepts. Automaton has 665 states and 871 transitions. Word has length 131 [2024-11-14 05:41:25,861 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-14 05:41:25,861 INFO L471 AbstractCegarLoop]: Abstraction has 665 states and 871 transitions. [2024-11-14 05:41:25,861 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 22.333333333333332) internal successors, (67), 3 states have internal predecessors, (67), 3 states have call successors, (19), 3 states have call predecessors, (19), 3 states have return successors, (18), 3 states have call predecessors, (18), 3 states have call successors, (18) [2024-11-14 05:41:25,862 INFO L276 IsEmpty]: Start isEmpty. Operand 665 states and 871 transitions. [2024-11-14 05:41:25,865 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 137 [2024-11-14 05:41:25,865 INFO L207 NwaCegarLoop]: Found error trace [2024-11-14 05:41:25,866 INFO L215 NwaCegarLoop]: trace histogram [6, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-14 05:41:25,887 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Ended with exit code 0 [2024-11-14 05:41:26,066 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable6 [2024-11-14 05:41:26,067 INFO L396 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-14 05:41:26,067 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-14 05:41:26,068 INFO L85 PathProgramCache]: Analyzing trace with hash 810226212, now seen corresponding path program 1 times [2024-11-14 05:41:26,068 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-14 05:41:26,068 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1560157887] [2024-11-14 05:41:26,068 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-14 05:41:26,068 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-14 05:41:26,092 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-14 05:41:26,146 INFO L134 CoverageAnalysis]: Checked inductivity of 108 backedges. 41 proven. 5 refuted. 0 times theorem prover too weak. 62 trivial. 0 not checked. [2024-11-14 05:41:26,147 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-14 05:41:26,147 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1560157887] [2024-11-14 05:41:26,147 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1560157887] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-14 05:41:26,147 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1482335010] [2024-11-14 05:41:26,147 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-14 05:41:26,147 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-14 05:41:26,147 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 [2024-11-14 05:41:26,149 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-14 05:41:26,152 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2024-11-14 05:41:26,290 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-14 05:41:26,292 INFO L255 TraceCheckSpWp]: Trace formula consists of 449 conjuncts, 3 conjuncts are in the unsatisfiable core [2024-11-14 05:41:26,296 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-14 05:41:26,370 INFO L134 CoverageAnalysis]: Checked inductivity of 108 backedges. 73 proven. 0 refuted. 0 times theorem prover too weak. 35 trivial. 0 not checked. [2024-11-14 05:41:26,370 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-14 05:41:26,370 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1482335010] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-14 05:41:26,370 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-11-14 05:41:26,370 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [4] total 4 [2024-11-14 05:41:26,371 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1412126637] [2024-11-14 05:41:26,371 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-14 05:41:26,371 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-14 05:41:26,371 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-14 05:41:26,372 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-14 05:41:26,372 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-14 05:41:26,372 INFO L87 Difference]: Start difference. First operand 665 states and 871 transitions. Second operand has 3 states, 3 states have (on average 28.333333333333332) internal successors, (85), 3 states have internal predecessors, (85), 3 states have call successors, (22), 3 states have call predecessors, (22), 3 states have return successors, (21), 3 states have call predecessors, (21), 3 states have call successors, (21) [2024-11-14 05:41:26,625 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-14 05:41:26,625 INFO L93 Difference]: Finished difference Result 1841 states and 2433 transitions. [2024-11-14 05:41:26,626 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-14 05:41:26,626 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 28.333333333333332) internal successors, (85), 3 states have internal predecessors, (85), 3 states have call successors, (22), 3 states have call predecessors, (22), 3 states have return successors, (21), 3 states have call predecessors, (21), 3 states have call successors, (21) Word has length 136 [2024-11-14 05:41:26,626 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-14 05:41:26,634 INFO L225 Difference]: With dead ends: 1841 [2024-11-14 05:41:26,634 INFO L226 Difference]: Without dead ends: 1216 [2024-11-14 05:41:26,637 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 139 GetRequests, 137 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-14 05:41:26,638 INFO L432 NwaCegarLoop]: 146 mSDtfsCounter, 73 mSDsluCounter, 99 mSDsCounter, 0 mSdLazyCounter, 47 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 73 SdHoareTripleChecker+Valid, 245 SdHoareTripleChecker+Invalid, 48 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 47 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-14 05:41:26,638 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [73 Valid, 245 Invalid, 48 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 47 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-14 05:41:26,640 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1216 states. [2024-11-14 05:41:26,804 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1216 to 1209. [2024-11-14 05:41:26,807 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1209 states, 818 states have (on average 1.2885085574572128) internal successors, (1054), 916 states have internal predecessors, (1054), 216 states have call successors, (216), 159 states have call predecessors, (216), 174 states have return successors, (307), 216 states have call predecessors, (307), 216 states have call successors, (307) [2024-11-14 05:41:26,846 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1209 states to 1209 states and 1577 transitions. [2024-11-14 05:41:26,848 INFO L78 Accepts]: Start accepts. Automaton has 1209 states and 1577 transitions. Word has length 136 [2024-11-14 05:41:26,848 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-14 05:41:26,848 INFO L471 AbstractCegarLoop]: Abstraction has 1209 states and 1577 transitions. [2024-11-14 05:41:26,848 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 28.333333333333332) internal successors, (85), 3 states have internal predecessors, (85), 3 states have call successors, (22), 3 states have call predecessors, (22), 3 states have return successors, (21), 3 states have call predecessors, (21), 3 states have call successors, (21) [2024-11-14 05:41:26,849 INFO L276 IsEmpty]: Start isEmpty. Operand 1209 states and 1577 transitions. [2024-11-14 05:41:26,854 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 139 [2024-11-14 05:41:26,854 INFO L207 NwaCegarLoop]: Found error trace [2024-11-14 05:41:26,855 INFO L215 NwaCegarLoop]: trace histogram [6, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-14 05:41:26,876 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2024-11-14 05:41:27,055 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-14 05:41:27,056 INFO L396 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-14 05:41:27,057 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-14 05:41:27,057 INFO L85 PathProgramCache]: Analyzing trace with hash 1083347475, now seen corresponding path program 1 times [2024-11-14 05:41:27,057 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-14 05:41:27,057 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [144012442] [2024-11-14 05:41:27,057 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-14 05:41:27,057 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-14 05:41:27,086 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-14 05:41:27,140 INFO L134 CoverageAnalysis]: Checked inductivity of 109 backedges. 32 proven. 7 refuted. 0 times theorem prover too weak. 70 trivial. 0 not checked. [2024-11-14 05:41:27,141 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-14 05:41:27,141 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [144012442] [2024-11-14 05:41:27,141 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [144012442] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-14 05:41:27,141 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [976272704] [2024-11-14 05:41:27,141 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-14 05:41:27,141 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-14 05:41:27,141 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 [2024-11-14 05:41:27,143 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-14 05:41:27,146 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2024-11-14 05:41:27,291 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-14 05:41:27,293 INFO L255 TraceCheckSpWp]: Trace formula consists of 451 conjuncts, 3 conjuncts are in the unsatisfiable core [2024-11-14 05:41:27,297 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-14 05:41:27,424 INFO L134 CoverageAnalysis]: Checked inductivity of 109 backedges. 57 proven. 0 refuted. 0 times theorem prover too weak. 52 trivial. 0 not checked. [2024-11-14 05:41:27,427 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-14 05:41:27,427 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [976272704] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-14 05:41:27,427 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-11-14 05:41:27,427 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [3] total 3 [2024-11-14 05:41:27,427 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1395120881] [2024-11-14 05:41:27,428 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-14 05:41:27,428 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-14 05:41:27,428 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-14 05:41:27,429 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-14 05:41:27,429 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-14 05:41:27,429 INFO L87 Difference]: Start difference. First operand 1209 states and 1577 transitions. Second operand has 3 states, 3 states have (on average 24.666666666666668) internal successors, (74), 3 states have internal predecessors, (74), 3 states have call successors, (20), 3 states have call predecessors, (20), 3 states have return successors, (20), 3 states have call predecessors, (20), 3 states have call successors, (20) [2024-11-14 05:41:27,657 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-14 05:41:27,657 INFO L93 Difference]: Finished difference Result 1891 states and 2459 transitions. [2024-11-14 05:41:27,658 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-14 05:41:27,658 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 24.666666666666668) internal successors, (74), 3 states have internal predecessors, (74), 3 states have call successors, (20), 3 states have call predecessors, (20), 3 states have return successors, (20), 3 states have call predecessors, (20), 3 states have call successors, (20) Word has length 138 [2024-11-14 05:41:27,659 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-14 05:41:27,668 INFO L225 Difference]: With dead ends: 1891 [2024-11-14 05:41:27,668 INFO L226 Difference]: Without dead ends: 1295 [2024-11-14 05:41:27,671 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 140 GetRequests, 139 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2024-11-14 05:41:27,672 INFO L432 NwaCegarLoop]: 196 mSDtfsCounter, 62 mSDsluCounter, 98 mSDsCounter, 0 mSdLazyCounter, 53 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 62 SdHoareTripleChecker+Valid, 294 SdHoareTripleChecker+Invalid, 53 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 53 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-14 05:41:27,672 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [62 Valid, 294 Invalid, 53 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 53 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-14 05:41:27,674 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1295 states. [2024-11-14 05:41:27,863 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1295 to 1287. [2024-11-14 05:41:27,866 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1287 states, 874 states have (on average 1.2848970251716247) internal successors, (1123), 975 states have internal predecessors, (1123), 228 states have call successors, (228), 170 states have call predecessors, (228), 184 states have return successors, (303), 228 states have call predecessors, (303), 228 states have call successors, (303) [2024-11-14 05:41:27,875 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1287 states to 1287 states and 1654 transitions. [2024-11-14 05:41:27,877 INFO L78 Accepts]: Start accepts. Automaton has 1287 states and 1654 transitions. Word has length 138 [2024-11-14 05:41:27,878 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-14 05:41:27,878 INFO L471 AbstractCegarLoop]: Abstraction has 1287 states and 1654 transitions. [2024-11-14 05:41:27,878 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 24.666666666666668) internal successors, (74), 3 states have internal predecessors, (74), 3 states have call successors, (20), 3 states have call predecessors, (20), 3 states have return successors, (20), 3 states have call predecessors, (20), 3 states have call successors, (20) [2024-11-14 05:41:27,878 INFO L276 IsEmpty]: Start isEmpty. Operand 1287 states and 1654 transitions. [2024-11-14 05:41:27,883 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 137 [2024-11-14 05:41:27,884 INFO L207 NwaCegarLoop]: Found error trace [2024-11-14 05:41:27,884 INFO L215 NwaCegarLoop]: trace histogram [6, 4, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-14 05:41:27,904 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Ended with exit code 0 [2024-11-14 05:41:28,087 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-14 05:41:28,088 INFO L396 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-14 05:41:28,088 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-14 05:41:28,089 INFO L85 PathProgramCache]: Analyzing trace with hash 1610990021, now seen corresponding path program 1 times [2024-11-14 05:41:28,089 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-14 05:41:28,089 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [698922621] [2024-11-14 05:41:28,089 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-14 05:41:28,089 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-14 05:41:28,120 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-14 05:41:28,178 INFO L134 CoverageAnalysis]: Checked inductivity of 116 backedges. 42 proven. 12 refuted. 0 times theorem prover too weak. 62 trivial. 0 not checked. [2024-11-14 05:41:28,178 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-14 05:41:28,178 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [698922621] [2024-11-14 05:41:28,179 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [698922621] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-14 05:41:28,179 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [280447482] [2024-11-14 05:41:28,179 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-14 05:41:28,179 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-14 05:41:28,179 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 [2024-11-14 05:41:28,181 INFO L229 MonitoredProcess]: Starting monitored process 5 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-14 05:41:28,184 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2024-11-14 05:41:28,328 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-14 05:41:28,330 INFO L255 TraceCheckSpWp]: Trace formula consists of 450 conjuncts, 3 conjuncts are in the unsatisfiable core [2024-11-14 05:41:28,337 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-14 05:41:28,418 INFO L134 CoverageAnalysis]: Checked inductivity of 116 backedges. 79 proven. 0 refuted. 0 times theorem prover too weak. 37 trivial. 0 not checked. [2024-11-14 05:41:28,418 INFO L307 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2024-11-14 05:41:28,418 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [280447482] provided 1 perfect and 0 imperfect interpolant sequences [2024-11-14 05:41:28,418 INFO L185 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2024-11-14 05:41:28,418 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [4] total 4 [2024-11-14 05:41:28,418 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1351064835] [2024-11-14 05:41:28,419 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2024-11-14 05:41:28,419 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2024-11-14 05:41:28,419 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-14 05:41:28,419 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2024-11-14 05:41:28,420 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-14 05:41:28,420 INFO L87 Difference]: Start difference. First operand 1287 states and 1654 transitions. Second operand has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 3 states have call successors, (22), 3 states have call predecessors, (22), 3 states have return successors, (21), 3 states have call predecessors, (21), 3 states have call successors, (21) [2024-11-14 05:41:28,703 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-14 05:41:28,704 INFO L93 Difference]: Finished difference Result 3498 states and 4566 transitions. [2024-11-14 05:41:28,704 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2024-11-14 05:41:28,704 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 3 states have call successors, (22), 3 states have call predecessors, (22), 3 states have return successors, (21), 3 states have call predecessors, (21), 3 states have call successors, (21) Word has length 136 [2024-11-14 05:41:28,705 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-14 05:41:28,720 INFO L225 Difference]: With dead ends: 3498 [2024-11-14 05:41:28,721 INFO L226 Difference]: Without dead ends: 2332 [2024-11-14 05:41:28,725 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 139 GetRequests, 137 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2024-11-14 05:41:28,726 INFO L432 NwaCegarLoop]: 153 mSDtfsCounter, 71 mSDsluCounter, 105 mSDsCounter, 0 mSdLazyCounter, 47 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 71 SdHoareTripleChecker+Valid, 258 SdHoareTripleChecker+Invalid, 48 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 47 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2024-11-14 05:41:28,726 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [71 Valid, 258 Invalid, 48 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 47 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2024-11-14 05:41:28,729 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2332 states. [2024-11-14 05:41:28,958 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2332 to 2309. [2024-11-14 05:41:28,962 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2309 states, 1574 states have (on average 1.2808132147395173) internal successors, (2016), 1744 states have internal predecessors, (2016), 398 states have call successors, (398), 310 states have call predecessors, (398), 336 states have return successors, (563), 393 states have call predecessors, (563), 398 states have call successors, (563) [2024-11-14 05:41:28,979 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2309 states to 2309 states and 2977 transitions. [2024-11-14 05:41:28,982 INFO L78 Accepts]: Start accepts. Automaton has 2309 states and 2977 transitions. Word has length 136 [2024-11-14 05:41:28,982 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-14 05:41:28,982 INFO L471 AbstractCegarLoop]: Abstraction has 2309 states and 2977 transitions. [2024-11-14 05:41:28,983 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 28.0) internal successors, (84), 3 states have internal predecessors, (84), 3 states have call successors, (22), 3 states have call predecessors, (22), 3 states have return successors, (21), 3 states have call predecessors, (21), 3 states have call successors, (21) [2024-11-14 05:41:28,983 INFO L276 IsEmpty]: Start isEmpty. Operand 2309 states and 2977 transitions. [2024-11-14 05:41:28,992 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 150 [2024-11-14 05:41:28,992 INFO L207 NwaCegarLoop]: Found error trace [2024-11-14 05:41:28,992 INFO L215 NwaCegarLoop]: trace histogram [6, 5, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-14 05:41:29,012 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Ended with exit code 0 [2024-11-14 05:41:29,196 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9,5 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-14 05:41:29,197 INFO L396 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2024-11-14 05:41:29,197 INFO L157 PredicateUnifier]: Initialized classic predicate unifier [2024-11-14 05:41:29,197 INFO L85 PathProgramCache]: Analyzing trace with hash -97103830, now seen corresponding path program 2 times [2024-11-14 05:41:29,197 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2024-11-14 05:41:29,197 INFO L334 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [236875495] [2024-11-14 05:41:29,197 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2024-11-14 05:41:29,197 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2024-11-14 05:41:29,219 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2024-11-14 05:41:29,454 INFO L134 CoverageAnalysis]: Checked inductivity of 158 backedges. 65 proven. 30 refuted. 0 times theorem prover too weak. 63 trivial. 0 not checked. [2024-11-14 05:41:29,455 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2024-11-14 05:41:29,456 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [236875495] [2024-11-14 05:41:29,456 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [236875495] provided 0 perfect and 1 imperfect interpolant sequences [2024-11-14 05:41:29,456 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [660168253] [2024-11-14 05:41:29,456 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2024-11-14 05:41:29,456 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-14 05:41:29,456 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 [2024-11-14 05:41:29,458 INFO L229 MonitoredProcess]: Starting monitored process 6 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2024-11-14 05:41:29,460 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2024-11-14 05:41:29,579 INFO L227 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) [2024-11-14 05:41:29,579 INFO L228 tOrderPrioritization]: Conjunction of SSA is unsat [2024-11-14 05:41:29,581 INFO L255 TraceCheckSpWp]: Trace formula consists of 299 conjuncts, 15 conjuncts are in the unsatisfiable core [2024-11-14 05:41:29,613 INFO L278 TraceCheckSpWp]: Computing forward predicates... [2024-11-14 05:41:29,882 INFO L134 CoverageAnalysis]: Checked inductivity of 158 backedges. 79 proven. 1 refuted. 0 times theorem prover too weak. 78 trivial. 0 not checked. [2024-11-14 05:41:29,883 INFO L311 TraceCheckSpWp]: Computing backward predicates... [2024-11-14 05:41:30,285 INFO L134 CoverageAnalysis]: Checked inductivity of 158 backedges. 59 proven. 1 refuted. 0 times theorem prover too weak. 98 trivial. 0 not checked. [2024-11-14 05:41:30,285 INFO L158 FreeRefinementEngine]: IpTcStrategyModuleZ3 [660168253] provided 0 perfect and 2 imperfect interpolant sequences [2024-11-14 05:41:30,285 INFO L334 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1558539780] [2024-11-14 05:41:30,313 INFO L159 IcfgInterpreter]: Started Sifa with 68 locations of interest [2024-11-14 05:41:30,313 INFO L166 IcfgInterpreter]: Building call graph [2024-11-14 05:41:30,316 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2024-11-14 05:41:30,320 INFO L176 IcfgInterpreter]: Starting interpretation [2024-11-14 05:41:30,320 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2024-11-14 05:41:36,069 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 27 for LOIs [2024-11-14 05:41:36,075 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 10 for LOIs [2024-11-14 05:41:36,181 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__before__methaneAlarm with input of size 17 for LOIs [2024-11-14 05:41:36,198 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 1 for LOIs [2024-11-14 05:41:36,199 INFO L197 IcfgInterpreter]: Interpreting procedure select_one with input of size 148 for LOIs [2024-11-14 05:41:36,287 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__before__lowWaterSensor with input of size 19 for LOIs [2024-11-14 05:41:36,325 INFO L197 IcfgInterpreter]: Interpreting procedure activatePump__before__methaneQuery with input of size 23 for LOIs [2024-11-14 05:41:36,327 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 20 for LOIs [2024-11-14 05:41:36,330 INFO L180 IcfgInterpreter]: Interpretation finished [2024-11-14 05:41:44,905 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '29446#(and (not (= ~pumpRunning~0 0)) (<= ~pumpRunning~0 2147483647) (not (= 2 ~waterLevel~0)) (<= 0 (+ 2147483648 |old(~pumpRunning~0)|)) (<= |old(~pumpRunning~0)| 2147483647) (<= 0 (+ ~waterLevel~0 2147483648)) (<= ~waterLevel~0 2147483647) (<= 0 (+ ~pumpRunning~0 2147483648)) (= ~switchedOnBeforeTS~0 0))' at error location [2024-11-14 05:41:44,905 WARN L311 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2024-11-14 05:41:44,905 INFO L185 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2024-11-14 05:41:44,905 INFO L198 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 7, 8] total 18 [2024-11-14 05:41:44,906 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [158283676] [2024-11-14 05:41:44,906 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2024-11-14 05:41:44,909 INFO L548 AbstractCegarLoop]: INTERPOLANT automaton has 18 states [2024-11-14 05:41:44,909 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2024-11-14 05:41:44,910 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 18 interpolants. [2024-11-14 05:41:44,912 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=450, Invalid=4380, Unknown=0, NotChecked=0, Total=4830 [2024-11-14 05:41:44,913 INFO L87 Difference]: Start difference. First operand 2309 states and 2977 transitions. Second operand has 18 states, 17 states have (on average 8.647058823529411) internal successors, (147), 18 states have internal predecessors, (147), 9 states have call successors, (32), 6 states have call predecessors, (32), 8 states have return successors, (35), 9 states have call predecessors, (35), 9 states have call successors, (35) [2024-11-14 05:41:47,803 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2024-11-14 05:41:47,804 INFO L93 Difference]: Finished difference Result 5995 states and 8196 transitions. [2024-11-14 05:41:47,804 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 37 states. [2024-11-14 05:41:47,805 INFO L78 Accepts]: Start accepts. Automaton has has 18 states, 17 states have (on average 8.647058823529411) internal successors, (147), 18 states have internal predecessors, (147), 9 states have call successors, (32), 6 states have call predecessors, (32), 8 states have return successors, (35), 9 states have call predecessors, (35), 9 states have call successors, (35) Word has length 149 [2024-11-14 05:41:47,805 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2024-11-14 05:41:47,809 INFO L225 Difference]: With dead ends: 5995 [2024-11-14 05:41:47,810 INFO L226 Difference]: Without dead ends: 0 [2024-11-14 05:41:47,828 INFO L431 NwaCegarLoop]: 0 DeclaredPredicates, 509 GetRequests, 403 SyntacticMatches, 3 SemanticMatches, 103 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4304 ImplicationChecksByTransitivity, 9.6s TimeCoverageRelationStatistics Valid=1023, Invalid=9897, Unknown=0, NotChecked=0, Total=10920 [2024-11-14 05:41:47,829 INFO L432 NwaCegarLoop]: 158 mSDtfsCounter, 1037 mSDsluCounter, 906 mSDsCounter, 0 mSdLazyCounter, 1421 mSolverCounterSat, 728 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1037 SdHoareTripleChecker+Valid, 1064 SdHoareTripleChecker+Invalid, 2149 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 728 IncrementalHoareTripleChecker+Valid, 1421 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.5s IncrementalHoareTripleChecker+Time [2024-11-14 05:41:47,830 INFO L433 NwaCegarLoop]: SdHoareTripleChecker [1037 Valid, 1064 Invalid, 2149 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [728 Valid, 1421 Invalid, 0 Unknown, 0 Unchecked, 1.5s Time] [2024-11-14 05:41:47,830 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2024-11-14 05:41:47,830 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2024-11-14 05:41:47,830 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2024-11-14 05:41:47,831 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2024-11-14 05:41:47,834 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 149 [2024-11-14 05:41:47,834 INFO L84 Accepts]: Finished accepts. word is rejected. [2024-11-14 05:41:47,834 INFO L471 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2024-11-14 05:41:47,835 INFO L472 AbstractCegarLoop]: INTERPOLANT automaton has has 18 states, 17 states have (on average 8.647058823529411) internal successors, (147), 18 states have internal predecessors, (147), 9 states have call successors, (32), 6 states have call predecessors, (32), 8 states have return successors, (35), 9 states have call predecessors, (35), 9 states have call successors, (35) [2024-11-14 05:41:47,835 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2024-11-14 05:41:47,835 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2024-11-14 05:41:47,837 INFO L782 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2024-11-14 05:41:47,859 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Ended with exit code 0 [2024-11-14 05:41:48,041 WARN L453 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,6 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2024-11-14 05:41:48,045 INFO L407 BasicCegarLoop]: Path program histogram: [2, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2024-11-14 05:41:48,046 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2024-11-14 05:42:30,828 INFO L173 ceAbstractionStarter]: Computing trace abstraction results [2024-11-14 05:42:30,852 WARN L162 FloydHoareUtils]: Requires clause for deactivatePump contained old-variable. Original clause: (and (let ((.cse0 (= 2 ~waterLevel~0))) (let ((.cse1 (= |old(~pumpRunning~0)| 1)) (.cse3 (or .cse0 (< ~waterLevel~0 2))) (.cse2 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2) (and .cse1 (= ~__SELECTED_FEATURE_methaneAlarm~0 0) (= ~__SELECTED_FEATURE_lowWaterSensor~0 0) .cse3 .cse2) (and (not (= ~switchedOnBeforeTS~0 0)) .cse1 .cse3 .cse2)))) (= ~pumpRunning~0 1)) Eliminated clause: (and (let ((.cse0 (= 2 ~waterLevel~0))) (let ((.cse2 (or .cse0 (< ~waterLevel~0 2))) (.cse1 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1) (and (= ~__SELECTED_FEATURE_methaneAlarm~0 0) (= ~__SELECTED_FEATURE_lowWaterSensor~0 0) .cse2 .cse1) (and (not (= ~switchedOnBeforeTS~0 0)) .cse2 .cse1)))) (= ~pumpRunning~0 1)) [2024-11-14 05:42:30,866 WARN L162 FloydHoareUtils]: Requires clause for activatePump__before__methaneQuery contained old-variable. Original clause: (and (= ~pumpRunning~0 0) (= 2 ~waterLevel~0) (= |old(~pumpRunning~0)| 0) (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|) (not (= 0 ~systemActive~0))) Eliminated clause: (and (= ~pumpRunning~0 0) (= 2 ~waterLevel~0) (= ~switchedOnBeforeTS~0 0) (not (= 0 ~systemActive~0))) [2024-11-14 05:42:30,881 WARN L162 FloydHoareUtils]: Requires clause for processEnvironment__before__lowWaterSensor contained old-variable. Original clause: (let ((.cse2 (= |old(~pumpRunning~0)| 0))) (and (or (= ~switchedOnBeforeTS~0 0) (= ~pumpRunning~0 1)) (let ((.cse0 (or (= 2 ~waterLevel~0) (< ~waterLevel~0 2))) (.cse1 (not (= 0 ~systemActive~0)))) (or (and (= |old(~pumpRunning~0)| 1) (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|) .cse0 .cse1) (and .cse2 .cse0 .cse1))) (or (not .cse2) (= ~pumpRunning~0 0)))) Eliminated clause: (and (exists ((|old(~pumpRunning~0)| Int)) (let ((.cse2 (= |old(~pumpRunning~0)| 0))) (and (let ((.cse0 (or (= 2 ~waterLevel~0) (< ~waterLevel~0 2))) (.cse1 (not (= 0 ~systemActive~0)))) (or (and (= ~switchedOnBeforeTS~0 1) (= |old(~pumpRunning~0)| 1) .cse0 .cse1) (and .cse2 .cse0 .cse1))) (or (not .cse2) (= ~pumpRunning~0 0))))) (or (= ~switchedOnBeforeTS~0 0) (= ~pumpRunning~0 1))) [2024-11-14 05:42:30,888 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-14 05:42:30,917 WARN L162 FloydHoareUtils]: Requires clause for timeShift contained old-variable. Original clause: (let ((.cse9 (= |old(~pumpRunning~0)| 0)) (.cse11 (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (let ((.cse0 (not .cse11)) (.cse4 (= ~switchedOnBeforeTS~0 0)) (.cse1 (not .cse9)) (.cse5 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse6 (= |old(~waterLevel~0)| 2)) (.cse7 (= 0 ~systemActive~0)) (.cse2 (= ~pumpRunning~0 0)) (.cse3 (or (= |old(~waterLevel~0)| ~waterLevel~0) (= ~waterLevel~0 1))) (.cse8 (= |old(~pumpRunning~0)| 1))) (and (or .cse0 .cse1 (and .cse2 .cse3 .cse4)) (or .cse0 (and (= ~switchedOnBeforeTS~0 1) .cse3) .cse5) (or (= 2 ~waterLevel~0) (not .cse6)) (or (and (not .cse4) .cse2 .cse3) .cse1 .cse7 .cse5) (let ((.cse10 (or (< |old(~waterLevel~0)| 2) .cse6))) (or (and .cse8 .cse6) (and .cse9 .cse10) (and .cse10 .cse8 .cse11))) (or (not .cse7) (and .cse2 .cse3)) (or (not .cse8) (= ~pumpRunning~0 1))))) Eliminated clause: (exists ((|old(~pumpRunning~0)| Int) (|old(~switchedOnBeforeTS~0)| Int) (|old(~waterLevel~0)| Int)) (let ((.cse4 (= |old(~pumpRunning~0)| 0))) (let ((.cse3 (= |old(~waterLevel~0)| 2)) (.cse9 (= 0 ~systemActive~0)) (.cse1 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse8 (not .cse4)) (.cse7 (= ~pumpRunning~0 0)) (.cse0 (or (= |old(~waterLevel~0)| ~waterLevel~0) (= ~waterLevel~0 1))) (.cse6 (= ~switchedOnBeforeTS~0 0)) (.cse2 (= |old(~pumpRunning~0)| 1))) (and (or (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|)) (and (= ~switchedOnBeforeTS~0 1) .cse0) .cse1) (let ((.cse5 (or (< |old(~waterLevel~0)| 2) .cse3))) (or (and .cse2 .cse3) (and .cse4 .cse5) (and (= |old(~switchedOnBeforeTS~0)| 1) .cse5 .cse2))) (or (= 2 ~waterLevel~0) (not .cse3)) (or (and (not .cse6) .cse7 .cse0) .cse8 .cse9 .cse1) (or (not .cse9) (and .cse7 .cse0)) (or (not .cse1) .cse8 (and .cse7 .cse0 .cse6)) (or (not .cse2) (= ~pumpRunning~0 1)))))) [2024-11-14 05:42:30,934 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-14 05:42:30,961 WARN L162 FloydHoareUtils]: Requires clause for waterRise contained old-variable. Original clause: (let ((.cse0 (= |old(~waterLevel~0)| 2))) (and (or (= 2 ~waterLevel~0) (not .cse0)) (let ((.cse5 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse2 (= ~pumpRunning~0 1)) (.cse4 (or (< |old(~waterLevel~0)| 2) .cse0)) (.cse1 (not (= 0 ~systemActive~0))) (.cse3 (= ~pumpRunning~0 0))) (or (and .cse1 .cse0 .cse2) (and .cse3 .cse4 .cse5) (and .cse4 .cse5 .cse1 .cse2) (and .cse3 .cse0) (and .cse3 .cse4 .cse1) (and .cse3 (= |old(~waterLevel~0)| 1)))) (or (= |old(~waterLevel~0)| ~waterLevel~0) (= ~waterLevel~0 1)))) Eliminated clause: (exists ((|old(~waterLevel~0)| Int)) (let ((.cse0 (= |old(~waterLevel~0)| 2))) (and (or (= 2 ~waterLevel~0) (not .cse0)) (let ((.cse4 (= ~pumpRunning~0 1)) (.cse2 (or (< |old(~waterLevel~0)| 2) .cse0)) (.cse3 (not (= 0 ~systemActive~0))) (.cse1 (= ~pumpRunning~0 0))) (or (and .cse1 .cse2 (= ~switchedOnBeforeTS~0 0)) (and .cse3 .cse0 .cse4) (and (= ~switchedOnBeforeTS~0 1) .cse2 .cse3 .cse4) (and .cse1 .cse0) (and .cse1 .cse2 .cse3) (and .cse1 (= |old(~waterLevel~0)| 1)))) (or (= |old(~waterLevel~0)| ~waterLevel~0) (= ~waterLevel~0 1))))) [2024-11-14 05:42:30,971 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-14 05:42:30,977 WARN L162 FloydHoareUtils]: Requires clause for processEnvironment__before__methaneAlarm contained old-variable. Original clause: (let ((.cse2 (= |old(~pumpRunning~0)| 0))) (and (or (= ~switchedOnBeforeTS~0 0) (= ~pumpRunning~0 1)) (let ((.cse0 (or (= 2 ~waterLevel~0) (< ~waterLevel~0 2))) (.cse1 (not (= 0 ~systemActive~0)))) (or (and (= |old(~pumpRunning~0)| 1) (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|) .cse0 .cse1) (and .cse2 .cse0 .cse1))) (or (not .cse2) (= ~pumpRunning~0 0)))) Eliminated clause: (and (exists ((|old(~pumpRunning~0)| Int)) (let ((.cse2 (= |old(~pumpRunning~0)| 0))) (and (let ((.cse0 (or (= 2 ~waterLevel~0) (< ~waterLevel~0 2))) (.cse1 (not (= 0 ~systemActive~0)))) (or (and (= ~switchedOnBeforeTS~0 1) (= |old(~pumpRunning~0)| 1) .cse0 .cse1) (and .cse2 .cse0 .cse1))) (or (not .cse2) (= ~pumpRunning~0 0))))) (or (= ~switchedOnBeforeTS~0 0) (= ~pumpRunning~0 1))) [2024-11-14 05:42:30,990 WARN L976 BoogieBacktranslator]: Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression [2024-11-14 05:42:31,002 INFO L201 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 14.11 05:42:31 BoogieIcfgContainer [2024-11-14 05:42:31,004 INFO L131 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2024-11-14 05:42:31,005 INFO L112 PluginConnector]: ------------------------Witness Printer---------------------------- [2024-11-14 05:42:31,005 INFO L270 PluginConnector]: Initializing Witness Printer... [2024-11-14 05:42:31,005 INFO L274 PluginConnector]: Witness Printer initialized [2024-11-14 05:42:31,006 INFO L184 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 14.11 05:41:19" (3/4) ... [2024-11-14 05:42:31,008 INFO L142 WitnessPrinter]: Generating witness for correct program [2024-11-14 05:42:31,013 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2024-11-14 05:42:31,013 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure activatePump__before__methaneQuery [2024-11-14 05:42:31,013 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2024-11-14 05:42:31,013 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__before__lowWaterSensor [2024-11-14 05:42:31,014 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure select_one [2024-11-14 05:42:31,014 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2024-11-14 05:42:31,014 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2024-11-14 05:42:31,014 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2024-11-14 05:42:31,014 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__before__highWaterSensor [2024-11-14 05:42:31,015 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2024-11-14 05:42:31,015 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__before__methaneAlarm [2024-11-14 05:42:31,015 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneAlarm [2024-11-14 05:42:31,029 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 51 nodes and edges [2024-11-14 05:42:31,033 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 11 nodes and edges [2024-11-14 05:42:31,034 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2024-11-14 05:42:31,034 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-14 05:42:31,036 INFO L925 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2024-11-14 05:42:31,200 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/witness.graphml [2024-11-14 05:42:31,200 INFO L149 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/witness.yml [2024-11-14 05:42:31,201 INFO L131 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2024-11-14 05:42:31,202 INFO L158 Benchmark]: Toolchain (without parser) took 73625.72ms. Allocated memory was 142.6MB in the beginning and 1.2GB in the end (delta: 1.1GB). Free memory was 118.3MB in the beginning and 651.5MB in the end (delta: -533.2MB). Peak memory consumption was 560.4MB. Max. memory is 16.1GB. [2024-11-14 05:42:31,202 INFO L158 Benchmark]: CDTParser took 1.44ms. Allocated memory is still 167.8MB. Free memory is still 105.0MB. There was no memory consumed. Max. memory is 16.1GB. [2024-11-14 05:42:31,203 INFO L158 Benchmark]: CACSL2BoogieTranslator took 592.50ms. Allocated memory is still 142.6MB. Free memory was 118.0MB in the beginning and 98.2MB in the end (delta: 19.7MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. [2024-11-14 05:42:31,203 INFO L158 Benchmark]: Boogie Procedure Inliner took 69.46ms. Allocated memory is still 142.6MB. Free memory was 98.2MB in the beginning and 95.9MB in the end (delta: 2.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-14 05:42:31,203 INFO L158 Benchmark]: Boogie Preprocessor took 42.05ms. Allocated memory is still 142.6MB. Free memory was 95.9MB in the beginning and 94.5MB in the end (delta: 1.4MB). There was no memory consumed. Max. memory is 16.1GB. [2024-11-14 05:42:31,204 INFO L158 Benchmark]: RCFGBuilder took 789.33ms. Allocated memory is still 142.6MB. Free memory was 94.5MB in the beginning and 61.4MB in the end (delta: 33.2MB). Peak memory consumption was 33.6MB. Max. memory is 16.1GB. [2024-11-14 05:42:31,204 INFO L158 Benchmark]: TraceAbstraction took 71927.16ms. Allocated memory was 142.6MB in the beginning and 1.2GB in the end (delta: 1.1GB). Free memory was 60.7MB in the beginning and 659.9MB in the end (delta: -599.3MB). Peak memory consumption was 695.0MB. Max. memory is 16.1GB. [2024-11-14 05:42:31,205 INFO L158 Benchmark]: Witness Printer took 195.97ms. Allocated memory is still 1.2GB. Free memory was 659.9MB in the beginning and 651.5MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2024-11-14 05:42:31,207 INFO L338 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 1.44ms. Allocated memory is still 167.8MB. Free memory is still 105.0MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 592.50ms. Allocated memory is still 142.6MB. Free memory was 118.0MB in the beginning and 98.2MB in the end (delta: 19.7MB). Peak memory consumption was 16.8MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 69.46ms. Allocated memory is still 142.6MB. Free memory was 98.2MB in the beginning and 95.9MB in the end (delta: 2.3MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Preprocessor took 42.05ms. Allocated memory is still 142.6MB. Free memory was 95.9MB in the beginning and 94.5MB in the end (delta: 1.4MB). There was no memory consumed. Max. memory is 16.1GB. * RCFGBuilder took 789.33ms. Allocated memory is still 142.6MB. Free memory was 94.5MB in the beginning and 61.4MB in the end (delta: 33.2MB). Peak memory consumption was 33.6MB. Max. memory is 16.1GB. * TraceAbstraction took 71927.16ms. Allocated memory was 142.6MB in the beginning and 1.2GB in the end (delta: 1.1GB). Free memory was 60.7MB in the beginning and 659.9MB in the end (delta: -599.3MB). Peak memory consumption was 695.0MB. Max. memory is 16.1GB. * Witness Printer took 195.97ms. Allocated memory is still 1.2GB. Free memory was 659.9MB in the beginning and 651.5MB in the end (delta: 8.4MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: - GenericResultAtLocation [Line: 49]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Environment.i","") [49] - GenericResultAtLocation [Line: 168]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Test.i","") [168] - GenericResultAtLocation [Line: 272]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"featureselect.i","") [272] - GenericResultAtLocation [Line: 317]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"wsllib_check.i","") [317] - GenericResultAtLocation [Line: 326]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"libacc.i","") [326] - GenericResultAtLocation [Line: 692]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"scenario.i","") [692] - GenericResultAtLocation [Line: 771]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"MinePump.i","") [771] - GenericResultAtLocation [Line: 1110]: Unsoundness Warning Ignoring preprocessor pragma C: #pragma merger(0,"Specification5_spec.i","") [1110] - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression - GenericResult: Unfinished Backtranslation Unfinished Backtranslation: Expression type not yet supported in backtranslation: QuantifierExpression * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 322]: a call to reach_error is unreachable For all program executions holds that a call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 13 procedures, 110 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 28.9s, OverallIterations: 11, TraceHistogramMax: 6, PathProgramHistogramMax: 2, EmptinessCheckTime: 0.1s, AutomataDifference: 7.2s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 0.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2511 SdHoareTripleChecker+Valid, 4.1s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2484 mSDsluCounter, 5283 SdHoareTripleChecker+Invalid, 3.4s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3616 mSDsCounter, 1158 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 3752 IncrementalHoareTripleChecker+Invalid, 4910 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 1158 mSolverCounterUnsat, 1667 mSDtfsCounter, 3752 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 1148 GetRequests, 968 SyntacticMatches, 3 SemanticMatches, 177 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4516 ImplicationChecksByTransitivity, 10.2s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=2309occurred in iteration=10, InterpolantAutomatonStates: 110, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 1.1s AutomataMinimizationTime, 11 MinimizatonAttempts, 257 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: No data available, RefinementEngineStatistics: TRACE_CHECK: 0.2s SsaConstructionTime, 0.6s SatisfiabilityAnalysisTime, 3.4s InterpolantComputationTime, 1745 NumberOfCodeBlocks, 1672 NumberOfCodeBlocksAsserted, 17 NumberOfCheckSat, 1877 ConstructedInterpolants, 0 QuantifiedInterpolants, 3517 SizeOfPredicates, 4 NumberOfNonLiveVariables, 2088 ConjunctsInSsa, 27 ConjunctsInUnsatCore, 17 InterpolantComputations, 10 PerfectInterpolantSequences, 1484/1558 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 704]: Location Invariant Derived location invariant: 0 - InvariantResult [Line: 993]: Location Invariant Derived location invariant: (((((((2 == waterLevel) || (waterLevel < 2)) && (pumpRunning == switchedOnBeforeTS)) && (__SELECTED_FEATURE_methaneAlarm != 0)) && (0 != systemActive)) && (pumpRunning == 1)) || ((((pumpRunning == 0) && (2 == waterLevel)) && (pumpRunning == switchedOnBeforeTS)) && (0 != systemActive))) - InvariantResult [Line: 705]: Loop Invariant Derived loop invariant: ((((((((switchedOnBeforeTS == 1) && (splverifierCounter == 0)) && ((2 == waterLevel) || (waterLevel < 2))) && (0 != systemActive)) && (pumpRunning == 1)) || ((((2 == waterLevel) && (splverifierCounter == 0)) && (0 != systemActive)) && (pumpRunning == 1))) || ((((pumpRunning == 0) && (splverifierCounter == 0)) && ((2 == waterLevel) || (waterLevel < 2))) && (0 != systemActive))) || ((((pumpRunning == 0) && (splverifierCounter == 0)) && ((2 == waterLevel) || (waterLevel < 2))) && (switchedOnBeforeTS == 0))) - InvariantResult [Line: 181]: Loop Invariant Derived loop invariant: 0 - ProcedureContractResult [Line: 985]: Procedure Contract for deactivatePump Derived contract for procedure deactivatePump. Requires: (((((2 == waterLevel) && (0 != systemActive)) || ((((__SELECTED_FEATURE_methaneAlarm == 0) && (__SELECTED_FEATURE_lowWaterSensor == 0)) && ((2 == waterLevel) || (waterLevel < 2))) && (0 != systemActive))) || (((switchedOnBeforeTS != 0) && ((2 == waterLevel) || (waterLevel < 2))) && (0 != systemActive))) && (pumpRunning == 1)) Ensures: (((pumpRunning == 0) && (((((2 == waterLevel) && (\old(pumpRunning) == 1)) && (0 != systemActive)) || (((((\old(pumpRunning) == 1) && (__SELECTED_FEATURE_methaneAlarm == 0)) && (__SELECTED_FEATURE_lowWaterSensor == 0)) && ((2 == waterLevel) || (waterLevel < 2))) && (0 != systemActive))) || ((((switchedOnBeforeTS != 0) && (\old(pumpRunning) == 1)) && ((2 == waterLevel) || (waterLevel < 2))) && (0 != systemActive)))) && ((((((((((((((__SELECTED_FEATURE_base == \old(__SELECTED_FEATURE_base)) && (__SELECTED_FEATURE_highWaterSensor == \old(__SELECTED_FEATURE_highWaterSensor))) && (__SELECTED_FEATURE_lowWaterSensor == \old(__SELECTED_FEATURE_lowWaterSensor))) && (__SELECTED_FEATURE_methaneQuery == \old(__SELECTED_FEATURE_methaneQuery))) && (__SELECTED_FEATURE_methaneAlarm == \old(__SELECTED_FEATURE_methaneAlarm))) && (__SELECTED_FEATURE_stopCommand == \old(__SELECTED_FEATURE_stopCommand))) && (__SELECTED_FEATURE_startCommand == \old(__SELECTED_FEATURE_startCommand))) && (__GUIDSL_ROOT_PRODUCTION == \old(__GUIDSL_ROOT_PRODUCTION))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 943]: Procedure Contract for activatePump__before__methaneQuery Derived contract for procedure activatePump__before__methaneQuery. Requires: ((((pumpRunning == 0) && (2 == waterLevel)) && (switchedOnBeforeTS == 0)) && (0 != systemActive)) Ensures: ((((((2 == waterLevel) && (\old(pumpRunning) == 0)) && (switchedOnBeforeTS == 0)) && (0 != systemActive)) && (pumpRunning == 1)) && ((((((((((((((__SELECTED_FEATURE_base == \old(__SELECTED_FEATURE_base)) && (__SELECTED_FEATURE_highWaterSensor == \old(__SELECTED_FEATURE_highWaterSensor))) && (__SELECTED_FEATURE_lowWaterSensor == \old(__SELECTED_FEATURE_lowWaterSensor))) && (__SELECTED_FEATURE_methaneQuery == \old(__SELECTED_FEATURE_methaneQuery))) && (__SELECTED_FEATURE_methaneAlarm == \old(__SELECTED_FEATURE_methaneAlarm))) && (__SELECTED_FEATURE_stopCommand == \old(__SELECTED_FEATURE_stopCommand))) && (__SELECTED_FEATURE_startCommand == \old(__SELECTED_FEATURE_startCommand))) && (__GUIDSL_ROOT_PRODUCTION == \old(__GUIDSL_ROOT_PRODUCTION))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 1004]: Procedure Contract for isPumpRunning Derived contract for procedure isPumpRunning. Requires: ((((((switchedOnBeforeTS == 1) && ((2 == waterLevel) || (waterLevel < 2))) && (0 != systemActive)) && (pumpRunning == 1)) || (((2 == waterLevel) && (0 != systemActive)) && (pumpRunning == 1))) || ((pumpRunning == 0) && ((2 == waterLevel) || (waterLevel < 2)))) Ensures: (((((pumpRunning != 0) || (\result == 0)) && ((\result == 1) || (pumpRunning != 1))) && ((((((switchedOnBeforeTS == 1) && ((2 == waterLevel) || (waterLevel < 2))) && (0 != systemActive)) && (pumpRunning == 1)) || (((2 == waterLevel) && (0 != systemActive)) && (pumpRunning == 1))) || ((pumpRunning == 0) && ((2 == waterLevel) || (waterLevel < 2))))) && (((((((((((((((__SELECTED_FEATURE_base == \old(__SELECTED_FEATURE_base)) && (__SELECTED_FEATURE_highWaterSensor == \old(__SELECTED_FEATURE_highWaterSensor))) && (__SELECTED_FEATURE_lowWaterSensor == \old(__SELECTED_FEATURE_lowWaterSensor))) && (__SELECTED_FEATURE_methaneQuery == \old(__SELECTED_FEATURE_methaneQuery))) && (__SELECTED_FEATURE_methaneAlarm == \old(__SELECTED_FEATURE_methaneAlarm))) && (__SELECTED_FEATURE_stopCommand == \old(__SELECTED_FEATURE_stopCommand))) && (__SELECTED_FEATURE_startCommand == \old(__SELECTED_FEATURE_startCommand))) && (__GUIDSL_ROOT_PRODUCTION == \old(__GUIDSL_ROOT_PRODUCTION))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 840]: Procedure Contract for processEnvironment__before__lowWaterSensor Derived contract for procedure processEnvironment__before__lowWaterSensor. Requires: ((switchedOnBeforeTS == 0) || (pumpRunning == 1)) Ensures: ((((((((\old(pumpRunning) == 0) && ((2 == waterLevel) || (waterLevel < 2))) && (switchedOnBeforeTS == 0)) && (0 != systemActive)) || ((((switchedOnBeforeTS == 1) && (\old(pumpRunning) == 1)) && ((2 == waterLevel) || (waterLevel < 2))) && (0 != systemActive))) && ((switchedOnBeforeTS == 0) || (pumpRunning == 1))) && (((\old(pumpRunning) != 0) || (pumpRunning == 0)) || ((2 == waterLevel) && (pumpRunning == 1)))) && ((((((((((((((__SELECTED_FEATURE_base == \old(__SELECTED_FEATURE_base)) && (__SELECTED_FEATURE_highWaterSensor == \old(__SELECTED_FEATURE_highWaterSensor))) && (__SELECTED_FEATURE_lowWaterSensor == \old(__SELECTED_FEATURE_lowWaterSensor))) && (__SELECTED_FEATURE_methaneQuery == \old(__SELECTED_FEATURE_methaneQuery))) && (__SELECTED_FEATURE_methaneAlarm == \old(__SELECTED_FEATURE_methaneAlarm))) && (__SELECTED_FEATURE_stopCommand == \old(__SELECTED_FEATURE_stopCommand))) && (__SELECTED_FEATURE_startCommand == \old(__SELECTED_FEATURE_startCommand))) && (__GUIDSL_ROOT_PRODUCTION == \old(__GUIDSL_ROOT_PRODUCTION))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 274]: Procedure Contract for select_one Derived contract for procedure select_one. Requires: ((((pumpRunning == 0) && (waterLevel == 1)) && (switchedOnBeforeTS == 0)) && (0 != systemActive)) Ensures: (((((pumpRunning == 0) && (waterLevel == 1)) && (switchedOnBeforeTS == 0)) && (0 != systemActive)) && (((((((((((((((__SELECTED_FEATURE_base == \old(__SELECTED_FEATURE_base)) && (__SELECTED_FEATURE_highWaterSensor == \old(__SELECTED_FEATURE_highWaterSensor))) && (__SELECTED_FEATURE_lowWaterSensor == \old(__SELECTED_FEATURE_lowWaterSensor))) && (__SELECTED_FEATURE_methaneQuery == \old(__SELECTED_FEATURE_methaneQuery))) && (__SELECTED_FEATURE_methaneAlarm == \old(__SELECTED_FEATURE_methaneAlarm))) && (__SELECTED_FEATURE_stopCommand == \old(__SELECTED_FEATURE_stopCommand))) && (__SELECTED_FEATURE_startCommand == \old(__SELECTED_FEATURE_startCommand))) && (__GUIDSL_ROOT_PRODUCTION == \old(__GUIDSL_ROOT_PRODUCTION))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 92]: Procedure Contract for changeMethaneLevel Derived contract for procedure changeMethaneLevel. Requires: ((((((((switchedOnBeforeTS == 1) && ((2 == waterLevel) || (waterLevel < 2))) && (0 != systemActive)) && (pumpRunning == 1)) || ((pumpRunning == 0) && (2 == waterLevel))) || (((pumpRunning == 0) && ((2 == waterLevel) || (waterLevel < 2))) && (0 != systemActive))) || (((pumpRunning == 0) && ((2 == waterLevel) || (waterLevel < 2))) && (switchedOnBeforeTS == 0))) || (((2 == waterLevel) && (0 != systemActive)) && (pumpRunning == 1))) Ensures: (((((((((switchedOnBeforeTS == 1) && ((2 == waterLevel) || (waterLevel < 2))) && (0 != systemActive)) && (pumpRunning == 1)) || ((pumpRunning == 0) && (2 == waterLevel))) || (((pumpRunning == 0) && ((2 == waterLevel) || (waterLevel < 2))) && (0 != systemActive))) || (((pumpRunning == 0) && ((2 == waterLevel) || (waterLevel < 2))) && (switchedOnBeforeTS == 0))) || (((2 == waterLevel) && (0 != systemActive)) && (pumpRunning == 1))) && ((((((((((((((__SELECTED_FEATURE_base == \old(__SELECTED_FEATURE_base)) && (__SELECTED_FEATURE_highWaterSensor == \old(__SELECTED_FEATURE_highWaterSensor))) && (__SELECTED_FEATURE_lowWaterSensor == \old(__SELECTED_FEATURE_lowWaterSensor))) && (__SELECTED_FEATURE_methaneQuery == \old(__SELECTED_FEATURE_methaneQuery))) && (__SELECTED_FEATURE_methaneAlarm == \old(__SELECTED_FEATURE_methaneAlarm))) && (__SELECTED_FEATURE_stopCommand == \old(__SELECTED_FEATURE_stopCommand))) && (__SELECTED_FEATURE_startCommand == \old(__SELECTED_FEATURE_startCommand))) && (__GUIDSL_ROOT_PRODUCTION == \old(__GUIDSL_ROOT_PRODUCTION))) && (waterLevel == \old(waterLevel))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 780]: Procedure Contract for timeShift Derived contract for procedure timeShift. Ensures: (((((((((((\old(pumpRunning) != 0) || (2 == waterLevel)) || (\old(waterLevel) != 2)) && ((((pumpRunning == 0) && ((2 == waterLevel) || (waterLevel < 2))) && (switchedOnBeforeTS == 0)) || (0 != systemActive))) && ((((\old(pumpRunning) == 1) && (\old(waterLevel) == 2)) || ((\old(pumpRunning) == 0) && ((\old(waterLevel) < 2) || (\old(waterLevel) == 2)))) || (((\old(switchedOnBeforeTS) == 1) && ((\old(waterLevel) < 2) || (\old(waterLevel) == 2))) && (\old(pumpRunning) == 1)))) && (((\old(pumpRunning) != 0) || (((pumpRunning == 0) && ((2 == waterLevel) || (waterLevel < 2))) && (switchedOnBeforeTS == 0))) || ((2 == waterLevel) && (pumpRunning == 1)))) && ((((__SELECTED_FEATURE_lowWaterSensor != 0) || (\old(pumpRunning) != 1)) || (__SELECTED_FEATURE_methaneAlarm != 0)) || (pumpRunning == 1))) && (((2 == waterLevel) || (\old(waterLevel) != 2)) || (waterLevel == 1))) && (((((switchedOnBeforeTS != 0) && (pumpRunning == 0)) && ((2 == waterLevel) || (waterLevel < 2))) || (((switchedOnBeforeTS == 1) && ((2 == waterLevel) || (waterLevel < 2))) && (pumpRunning == 1))) || (\old(pumpRunning) != 1))) && (((\old(pumpRunning) != 0) || (\old(waterLevel) != 1)) || (waterLevel == 1))) && ((((((((((((__SELECTED_FEATURE_base == \old(__SELECTED_FEATURE_base)) && (__SELECTED_FEATURE_highWaterSensor == \old(__SELECTED_FEATURE_highWaterSensor))) && (__SELECTED_FEATURE_lowWaterSensor == \old(__SELECTED_FEATURE_lowWaterSensor))) && (__SELECTED_FEATURE_methaneQuery == \old(__SELECTED_FEATURE_methaneQuery))) && (__SELECTED_FEATURE_methaneAlarm == \old(__SELECTED_FEATURE_methaneAlarm))) && (__SELECTED_FEATURE_stopCommand == \old(__SELECTED_FEATURE_stopCommand))) && (__SELECTED_FEATURE_startCommand == \old(__SELECTED_FEATURE_startCommand))) && (__GUIDSL_ROOT_PRODUCTION == \old(__GUIDSL_ROOT_PRODUCTION))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 171]: Procedure Contract for cleanup Derived contract for procedure cleanup. Requires: 0 Ensures: (0 && ((((((((((((__SELECTED_FEATURE_base == \old(__SELECTED_FEATURE_base)) && (__SELECTED_FEATURE_highWaterSensor == \old(__SELECTED_FEATURE_highWaterSensor))) && (__SELECTED_FEATURE_lowWaterSensor == \old(__SELECTED_FEATURE_lowWaterSensor))) && (__SELECTED_FEATURE_methaneQuery == \old(__SELECTED_FEATURE_methaneQuery))) && (__SELECTED_FEATURE_methaneAlarm == \old(__SELECTED_FEATURE_methaneAlarm))) && (__SELECTED_FEATURE_stopCommand == \old(__SELECTED_FEATURE_stopCommand))) && (__SELECTED_FEATURE_startCommand == \old(__SELECTED_FEATURE_startCommand))) && (__GUIDSL_ROOT_PRODUCTION == \old(__GUIDSL_ROOT_PRODUCTION))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (systemActive == \old(systemActive)))) - ProcedureContractResult [Line: 807]: Procedure Contract for processEnvironment__before__highWaterSensor Derived contract for procedure processEnvironment__before__highWaterSensor. Requires: (((((pumpRunning == 0) && ((2 == waterLevel) || (waterLevel < 2))) && (switchedOnBeforeTS == 0)) && (0 != systemActive)) || ((((switchedOnBeforeTS == 1) && ((2 == waterLevel) || (waterLevel < 2))) && (0 != systemActive)) && (pumpRunning == 1))) Ensures: ((((((pumpRunning == 0) && ((2 == waterLevel) || (waterLevel < 2))) && (switchedOnBeforeTS == 0)) && (0 != systemActive)) || ((((switchedOnBeforeTS == 1) && ((2 == waterLevel) || (waterLevel < 2))) && (0 != systemActive)) && (pumpRunning == 1))) && (((((((((((((((__SELECTED_FEATURE_base == \old(__SELECTED_FEATURE_base)) && (__SELECTED_FEATURE_highWaterSensor == \old(__SELECTED_FEATURE_highWaterSensor))) && (__SELECTED_FEATURE_lowWaterSensor == \old(__SELECTED_FEATURE_lowWaterSensor))) && (__SELECTED_FEATURE_methaneQuery == \old(__SELECTED_FEATURE_methaneQuery))) && (__SELECTED_FEATURE_methaneAlarm == \old(__SELECTED_FEATURE_methaneAlarm))) && (__SELECTED_FEATURE_stopCommand == \old(__SELECTED_FEATURE_stopCommand))) && (__SELECTED_FEATURE_startCommand == \old(__SELECTED_FEATURE_startCommand))) && (__GUIDSL_ROOT_PRODUCTION == \old(__GUIDSL_ROOT_PRODUCTION))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 80]: Procedure Contract for waterRise Derived contract for procedure waterRise. Ensures: (((((2 == waterLevel) || ((\old(waterLevel) != 1) && (\old(waterLevel) != 2))) && ((((((((pumpRunning == 0) && ((\old(waterLevel) < 2) || (\old(waterLevel) == 2))) && (switchedOnBeforeTS == 0)) || (((0 != systemActive) && (\old(waterLevel) == 2)) && (pumpRunning == 1))) || ((((switchedOnBeforeTS == 1) && ((\old(waterLevel) < 2) || (\old(waterLevel) == 2))) && (0 != systemActive)) && (pumpRunning == 1))) || ((pumpRunning == 0) && (\old(waterLevel) == 2))) || (((pumpRunning == 0) && ((\old(waterLevel) < 2) || (\old(waterLevel) == 2))) && (0 != systemActive))) || ((pumpRunning == 0) && (\old(waterLevel) == 1)))) && ((2 == waterLevel) || (waterLevel < 2))) && ((((((((((((((__SELECTED_FEATURE_base == \old(__SELECTED_FEATURE_base)) && (__SELECTED_FEATURE_highWaterSensor == \old(__SELECTED_FEATURE_highWaterSensor))) && (__SELECTED_FEATURE_lowWaterSensor == \old(__SELECTED_FEATURE_lowWaterSensor))) && (__SELECTED_FEATURE_methaneQuery == \old(__SELECTED_FEATURE_methaneQuery))) && (__SELECTED_FEATURE_methaneAlarm == \old(__SELECTED_FEATURE_methaneAlarm))) && (__SELECTED_FEATURE_stopCommand == \old(__SELECTED_FEATURE_stopCommand))) && (__SELECTED_FEATURE_startCommand == \old(__SELECTED_FEATURE_startCommand))) && (__GUIDSL_ROOT_PRODUCTION == \old(__GUIDSL_ROOT_PRODUCTION))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 883]: Procedure Contract for processEnvironment__before__methaneAlarm Derived contract for procedure processEnvironment__before__methaneAlarm. Requires: ((switchedOnBeforeTS == 0) || (pumpRunning == 1)) Ensures: (((((((((\old(pumpRunning) == 0) && ((2 == waterLevel) || (waterLevel < 2))) && (switchedOnBeforeTS == 0)) && (0 != systemActive)) || ((((switchedOnBeforeTS == 1) && (\old(pumpRunning) == 1)) && ((2 == waterLevel) || (waterLevel < 2))) && (0 != systemActive))) && (((__SELECTED_FEATURE_lowWaterSensor != 0) || (\old(pumpRunning) != 1)) || (pumpRunning == 1))) && (((\old(pumpRunning) != 0) || (pumpRunning == 0)) || (2 == waterLevel))) && ((pumpRunning == 0) || (pumpRunning == 1))) && ((((((((((((((__SELECTED_FEATURE_base == \old(__SELECTED_FEATURE_base)) && (__SELECTED_FEATURE_highWaterSensor == \old(__SELECTED_FEATURE_highWaterSensor))) && (__SELECTED_FEATURE_lowWaterSensor == \old(__SELECTED_FEATURE_lowWaterSensor))) && (__SELECTED_FEATURE_methaneQuery == \old(__SELECTED_FEATURE_methaneQuery))) && (__SELECTED_FEATURE_methaneAlarm == \old(__SELECTED_FEATURE_methaneAlarm))) && (__SELECTED_FEATURE_stopCommand == \old(__SELECTED_FEATURE_stopCommand))) && (__SELECTED_FEATURE_startCommand == \old(__SELECTED_FEATURE_startCommand))) && (__GUIDSL_ROOT_PRODUCTION == \old(__GUIDSL_ROOT_PRODUCTION))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) - ProcedureContractResult [Line: 993]: Procedure Contract for isMethaneAlarm Derived contract for procedure isMethaneAlarm. Requires: ((((((switchedOnBeforeTS == 1) && ((2 == waterLevel) || (waterLevel < 2))) && (__SELECTED_FEATURE_methaneAlarm != 0)) && (0 != systemActive)) && (pumpRunning == 1)) || ((((pumpRunning == 0) && (2 == waterLevel)) && (switchedOnBeforeTS == 0)) && (0 != systemActive))) Ensures: (((((((switchedOnBeforeTS == 1) && ((2 == waterLevel) || (waterLevel < 2))) && (__SELECTED_FEATURE_methaneAlarm != 0)) && (0 != systemActive)) && (pumpRunning == 1)) || ((((pumpRunning == 0) && (2 == waterLevel)) && (switchedOnBeforeTS == 0)) && (0 != systemActive))) && (((((((((((((((__SELECTED_FEATURE_base == \old(__SELECTED_FEATURE_base)) && (__SELECTED_FEATURE_highWaterSensor == \old(__SELECTED_FEATURE_highWaterSensor))) && (__SELECTED_FEATURE_lowWaterSensor == \old(__SELECTED_FEATURE_lowWaterSensor))) && (__SELECTED_FEATURE_methaneQuery == \old(__SELECTED_FEATURE_methaneQuery))) && (__SELECTED_FEATURE_methaneAlarm == \old(__SELECTED_FEATURE_methaneAlarm))) && (__SELECTED_FEATURE_stopCommand == \old(__SELECTED_FEATURE_stopCommand))) && (__SELECTED_FEATURE_startCommand == \old(__SELECTED_FEATURE_startCommand))) && (__GUIDSL_ROOT_PRODUCTION == \old(__GUIDSL_ROOT_PRODUCTION))) && (waterLevel == \old(waterLevel))) && (methaneLevelCritical == \old(methaneLevelCritical))) && (cleanupTimeShifts == \old(cleanupTimeShifts))) && (head == \old(head))) && (pumpRunning == \old(pumpRunning))) && (systemActive == \old(systemActive))) && (switchedOnBeforeTS == \old(switchedOnBeforeTS)))) RESULT: Ultimate proved your program to be correct! [2024-11-14 05:42:31,253 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_e291335f-4178-4b14-9b8b-eea3d2e78ff8/bin/utaipan-verify-sOmjnqqW8E/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Ended with exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE