./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec2_product37.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 5e519f3a Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec2_product37.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash aad1ec08d8a193b38b6e11f9698a2d5cafe1e5bac6d0d3a9987fa93ed6006219 --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-5e519f3 [2022-11-03 03:47:06,888 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-03 03:47:06,891 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-03 03:47:06,951 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-03 03:47:06,952 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-03 03:47:06,957 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-03 03:47:06,960 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-03 03:47:06,964 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-03 03:47:06,966 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-03 03:47:06,971 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-03 03:47:06,972 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-03 03:47:06,974 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-03 03:47:06,975 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-03 03:47:06,977 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-03 03:47:06,979 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-03 03:47:06,984 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-03 03:47:06,986 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-03 03:47:06,987 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-03 03:47:06,989 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-03 03:47:06,995 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-03 03:47:07,000 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-03 03:47:07,001 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-03 03:47:07,002 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-03 03:47:07,004 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-03 03:47:07,008 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-03 03:47:07,013 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-03 03:47:07,013 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-03 03:47:07,014 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-03 03:47:07,016 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-03 03:47:07,017 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-03 03:47:07,017 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-03 03:47:07,018 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-03 03:47:07,020 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-03 03:47:07,021 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-03 03:47:07,022 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-03 03:47:07,022 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-03 03:47:07,023 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-03 03:47:07,023 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-03 03:47:07,024 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-03 03:47:07,024 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-03 03:47:07,025 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-03 03:47:07,026 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-03 03:47:07,069 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-03 03:47:07,069 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-03 03:47:07,070 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-03 03:47:07,070 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-03 03:47:07,071 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-03 03:47:07,071 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-03 03:47:07,072 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-03 03:47:07,072 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-03 03:47:07,072 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-03 03:47:07,072 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-03 03:47:07,074 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-03 03:47:07,074 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-03 03:47:07,074 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-03 03:47:07,074 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-03 03:47:07,074 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-03 03:47:07,075 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-03 03:47:07,075 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-03 03:47:07,075 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-03 03:47:07,076 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-03 03:47:07,076 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-03 03:47:07,076 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-03 03:47:07,077 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-03 03:47:07,077 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-03 03:47:07,077 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-03 03:47:07,077 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-03 03:47:07,077 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-03 03:47:07,078 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-03 03:47:07,078 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-03 03:47:07,078 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-03 03:47:07,078 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-03 03:47:07,079 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-03 03:47:07,079 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-03 03:47:07,079 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 03:47:07,080 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-03 03:47:07,080 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-03 03:47:07,080 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-03 03:47:07,080 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-03 03:47:07,080 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-03 03:47:07,081 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-03 03:47:07,081 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-03 03:47:07,081 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-03 03:47:07,081 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> aad1ec08d8a193b38b6e11f9698a2d5cafe1e5bac6d0d3a9987fa93ed6006219 [2022-11-03 03:47:07,366 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-03 03:47:07,403 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-03 03:47:07,406 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-03 03:47:07,407 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-03 03:47:07,409 INFO L275 PluginConnector]: CDTParser initialized [2022-11-03 03:47:07,410 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/../../sv-benchmarks/c/product-lines/minepump_spec2_product37.cil.c [2022-11-03 03:47:07,494 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/data/81e6310f3/490b87d1c6bd409eab2fef458ef9dccb/FLAG6d23aa06e [2022-11-03 03:47:08,134 INFO L306 CDTParser]: Found 1 translation units. [2022-11-03 03:47:08,142 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/sv-benchmarks/c/product-lines/minepump_spec2_product37.cil.c [2022-11-03 03:47:08,160 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/data/81e6310f3/490b87d1c6bd409eab2fef458ef9dccb/FLAG6d23aa06e [2022-11-03 03:47:08,494 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/data/81e6310f3/490b87d1c6bd409eab2fef458ef9dccb [2022-11-03 03:47:08,499 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-03 03:47:08,501 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-03 03:47:08,506 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-03 03:47:08,506 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-03 03:47:08,510 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-03 03:47:08,511 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 03:47:08" (1/1) ... [2022-11-03 03:47:08,512 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@5c204389 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:47:08, skipping insertion in model container [2022-11-03 03:47:08,512 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 03:47:08" (1/1) ... [2022-11-03 03:47:08,520 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-03 03:47:08,558 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-03 03:47:08,858 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/sv-benchmarks/c/product-lines/minepump_spec2_product37.cil.c[7021,7034] [2022-11-03 03:47:08,976 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 03:47:08,996 INFO L203 MainTranslator]: Completed pre-run [2022-11-03 03:47:09,058 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/sv-benchmarks/c/product-lines/minepump_spec2_product37.cil.c[7021,7034] [2022-11-03 03:47:09,111 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 03:47:09,143 INFO L208 MainTranslator]: Completed translation [2022-11-03 03:47:09,143 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:47:09 WrapperNode [2022-11-03 03:47:09,143 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-03 03:47:09,145 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-03 03:47:09,145 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-03 03:47:09,145 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-03 03:47:09,154 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:47:09" (1/1) ... [2022-11-03 03:47:09,181 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:47:09" (1/1) ... [2022-11-03 03:47:09,222 INFO L138 Inliner]: procedures = 54, calls = 154, calls flagged for inlining = 22, calls inlined = 19, statements flattened = 247 [2022-11-03 03:47:09,222 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-03 03:47:09,223 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-03 03:47:09,223 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-03 03:47:09,223 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-03 03:47:09,243 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:47:09" (1/1) ... [2022-11-03 03:47:09,244 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:47:09" (1/1) ... [2022-11-03 03:47:09,258 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:47:09" (1/1) ... [2022-11-03 03:47:09,259 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:47:09" (1/1) ... [2022-11-03 03:47:09,275 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:47:09" (1/1) ... [2022-11-03 03:47:09,280 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:47:09" (1/1) ... [2022-11-03 03:47:09,281 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:47:09" (1/1) ... [2022-11-03 03:47:09,283 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:47:09" (1/1) ... [2022-11-03 03:47:09,284 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-03 03:47:09,285 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-03 03:47:09,285 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-03 03:47:09,285 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-03 03:47:09,297 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:47:09" (1/1) ... [2022-11-03 03:47:09,304 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 03:47:09,317 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 03:47:09,336 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-03 03:47:09,345 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-03 03:47:09,381 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-03 03:47:09,382 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-03 03:47:09,382 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-03 03:47:09,382 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-03 03:47:09,382 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-03 03:47:09,382 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-11-03 03:47:09,383 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-11-03 03:47:09,383 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-03 03:47:09,383 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-03 03:47:09,383 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 03:47:09,383 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 03:47:09,383 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-03 03:47:09,384 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-03 03:47:09,384 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-03 03:47:09,384 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-03 03:47:09,384 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-03 03:47:09,384 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-03 03:47:09,385 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-03 03:47:09,480 INFO L235 CfgBuilder]: Building ICFG [2022-11-03 03:47:09,483 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-03 03:47:09,878 INFO L276 CfgBuilder]: Performing block encoding [2022-11-03 03:47:10,034 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-03 03:47:10,034 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-03 03:47:10,037 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 03:47:10 BoogieIcfgContainer [2022-11-03 03:47:10,037 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-03 03:47:10,039 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-03 03:47:10,039 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-03 03:47:10,042 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-03 03:47:10,043 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.11 03:47:08" (1/3) ... [2022-11-03 03:47:10,043 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@21bb8301 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 03:47:10, skipping insertion in model container [2022-11-03 03:47:10,044 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 03:47:09" (2/3) ... [2022-11-03 03:47:10,044 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@21bb8301 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 03:47:10, skipping insertion in model container [2022-11-03 03:47:10,044 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 03:47:10" (3/3) ... [2022-11-03 03:47:10,046 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec2_product37.cil.c [2022-11-03 03:47:10,065 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-03 03:47:10,065 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-03 03:47:10,138 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-03 03:47:10,159 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@55f8f3ee, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-03 03:47:10,160 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-03 03:47:10,167 INFO L276 IsEmpty]: Start isEmpty. Operand has 58 states, 37 states have (on average 1.4324324324324325) internal successors, (53), 45 states have internal predecessors, (53), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-11-03 03:47:10,179 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2022-11-03 03:47:10,179 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:47:10,180 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:47:10,181 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:47:10,190 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:47:10,190 INFO L85 PathProgramCache]: Analyzing trace with hash -1102543177, now seen corresponding path program 1 times [2022-11-03 03:47:10,204 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:47:10,206 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [187253369] [2022-11-03 03:47:10,206 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:47:10,207 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:47:10,342 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:47:10,485 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 03:47:10,486 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:47:10,487 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [187253369] [2022-11-03 03:47:10,487 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [187253369] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 03:47:10,488 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 03:47:10,488 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-03 03:47:10,489 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1791939125] [2022-11-03 03:47:10,490 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 03:47:10,495 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-03 03:47:10,497 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:47:10,535 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-03 03:47:10,536 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 03:47:10,539 INFO L87 Difference]: Start difference. First operand has 58 states, 37 states have (on average 1.4324324324324325) internal successors, (53), 45 states have internal predecessors, (53), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 03:47:10,648 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:47:10,648 INFO L93 Difference]: Finished difference Result 114 states and 155 transitions. [2022-11-03 03:47:10,649 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-03 03:47:10,651 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 17 [2022-11-03 03:47:10,651 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:47:10,663 INFO L225 Difference]: With dead ends: 114 [2022-11-03 03:47:10,663 INFO L226 Difference]: Without dead ends: 53 [2022-11-03 03:47:10,668 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 03:47:10,675 INFO L413 NwaCegarLoop]: 57 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 17 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 57 SdHoareTripleChecker+Invalid, 18 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 17 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 03:47:10,679 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 57 Invalid, 18 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 17 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 03:47:10,697 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 53 states. [2022-11-03 03:47:10,728 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 53 to 53. [2022-11-03 03:47:10,730 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 53 states, 34 states have (on average 1.3235294117647058) internal successors, (45), 41 states have internal predecessors, (45), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-03 03:47:10,736 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 53 states to 53 states and 68 transitions. [2022-11-03 03:47:10,738 INFO L78 Accepts]: Start accepts. Automaton has 53 states and 68 transitions. Word has length 17 [2022-11-03 03:47:10,738 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:47:10,739 INFO L495 AbstractCegarLoop]: Abstraction has 53 states and 68 transitions. [2022-11-03 03:47:10,740 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 03:47:10,740 INFO L276 IsEmpty]: Start isEmpty. Operand 53 states and 68 transitions. [2022-11-03 03:47:10,745 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 19 [2022-11-03 03:47:10,746 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:47:10,746 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:47:10,747 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-03 03:47:10,747 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:47:10,749 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:47:10,749 INFO L85 PathProgramCache]: Analyzing trace with hash 561625036, now seen corresponding path program 1 times [2022-11-03 03:47:10,749 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:47:10,749 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [199046314] [2022-11-03 03:47:10,749 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:47:10,750 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:47:10,809 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:47:10,909 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 03:47:10,909 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:47:10,910 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [199046314] [2022-11-03 03:47:10,910 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [199046314] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 03:47:10,910 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 03:47:10,910 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 03:47:10,910 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1643920786] [2022-11-03 03:47:10,915 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 03:47:10,916 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 03:47:10,916 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:47:10,917 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 03:47:10,917 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 03:47:10,918 INFO L87 Difference]: Start difference. First operand 53 states and 68 transitions. Second operand has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 03:47:10,970 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:47:10,970 INFO L93 Difference]: Finished difference Result 83 states and 107 transitions. [2022-11-03 03:47:10,971 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 03:47:10,971 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 18 [2022-11-03 03:47:10,971 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:47:10,972 INFO L225 Difference]: With dead ends: 83 [2022-11-03 03:47:10,972 INFO L226 Difference]: Without dead ends: 45 [2022-11-03 03:47:10,973 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 03:47:10,974 INFO L413 NwaCegarLoop]: 43 mSDtfsCounter, 7 mSDsluCounter, 45 mSDsCounter, 0 mSdLazyCounter, 25 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 10 SdHoareTripleChecker+Valid, 77 SdHoareTripleChecker+Invalid, 25 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 25 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-03 03:47:10,975 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [10 Valid, 77 Invalid, 25 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 25 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-03 03:47:10,976 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 45 states. [2022-11-03 03:47:10,981 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 45 to 45. [2022-11-03 03:47:10,981 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 45 states, 29 states have (on average 1.3448275862068966) internal successors, (39), 36 states have internal predecessors, (39), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-03 03:47:10,982 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 45 states to 45 states and 57 transitions. [2022-11-03 03:47:10,983 INFO L78 Accepts]: Start accepts. Automaton has 45 states and 57 transitions. Word has length 18 [2022-11-03 03:47:10,983 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:47:10,983 INFO L495 AbstractCegarLoop]: Abstraction has 45 states and 57 transitions. [2022-11-03 03:47:10,983 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 03:47:10,983 INFO L276 IsEmpty]: Start isEmpty. Operand 45 states and 57 transitions. [2022-11-03 03:47:10,984 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2022-11-03 03:47:10,984 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:47:10,984 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:47:10,985 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-03 03:47:10,985 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:47:10,985 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:47:10,986 INFO L85 PathProgramCache]: Analyzing trace with hash 709832789, now seen corresponding path program 1 times [2022-11-03 03:47:10,986 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:47:10,986 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1315235007] [2022-11-03 03:47:10,986 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:47:10,986 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:47:11,005 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:47:11,064 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 03:47:11,064 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:47:11,065 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1315235007] [2022-11-03 03:47:11,065 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1315235007] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 03:47:11,065 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 03:47:11,065 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 03:47:11,065 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1452735719] [2022-11-03 03:47:11,066 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 03:47:11,066 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 03:47:11,066 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:47:11,067 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 03:47:11,067 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 03:47:11,067 INFO L87 Difference]: Start difference. First operand 45 states and 57 transitions. Second operand has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 03:47:11,123 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:47:11,124 INFO L93 Difference]: Finished difference Result 88 states and 113 transitions. [2022-11-03 03:47:11,126 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 03:47:11,126 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 20 [2022-11-03 03:47:11,126 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:47:11,127 INFO L225 Difference]: With dead ends: 88 [2022-11-03 03:47:11,127 INFO L226 Difference]: Without dead ends: 45 [2022-11-03 03:47:11,128 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 03:47:11,129 INFO L413 NwaCegarLoop]: 41 mSDtfsCounter, 46 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 15 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 46 SdHoareTripleChecker+Valid, 41 SdHoareTripleChecker+Invalid, 15 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 15 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-03 03:47:11,130 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [46 Valid, 41 Invalid, 15 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 15 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-03 03:47:11,131 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 45 states. [2022-11-03 03:47:11,136 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 45 to 45. [2022-11-03 03:47:11,137 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 45 states, 29 states have (on average 1.3103448275862069) internal successors, (38), 36 states have internal predecessors, (38), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-03 03:47:11,138 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 45 states to 45 states and 56 transitions. [2022-11-03 03:47:11,140 INFO L78 Accepts]: Start accepts. Automaton has 45 states and 56 transitions. Word has length 20 [2022-11-03 03:47:11,140 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:47:11,141 INFO L495 AbstractCegarLoop]: Abstraction has 45 states and 56 transitions. [2022-11-03 03:47:11,141 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.666666666666667) internal successors, (17), 3 states have internal predecessors, (17), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 03:47:11,141 INFO L276 IsEmpty]: Start isEmpty. Operand 45 states and 56 transitions. [2022-11-03 03:47:11,146 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 28 [2022-11-03 03:47:11,146 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:47:11,147 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:47:11,147 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-03 03:47:11,147 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:47:11,148 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:47:11,148 INFO L85 PathProgramCache]: Analyzing trace with hash 1315618053, now seen corresponding path program 1 times [2022-11-03 03:47:11,148 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:47:11,151 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1604222798] [2022-11-03 03:47:11,151 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:47:11,153 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:47:11,185 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:47:11,430 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-03 03:47:11,431 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:47:11,431 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1604222798] [2022-11-03 03:47:11,431 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1604222798] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 03:47:11,431 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [396455880] [2022-11-03 03:47:11,432 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:47:11,432 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 03:47:11,432 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 03:47:11,438 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 03:47:11,447 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-03 03:47:11,555 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:47:11,558 INFO L263 TraceCheckSpWp]: Trace formula consists of 324 conjuncts, 7 conjunts are in the unsatisfiable core [2022-11-03 03:47:11,563 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 03:47:11,618 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 03:47:11,619 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-03 03:47:11,619 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [396455880] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 03:47:11,619 INFO L184 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2022-11-03 03:47:11,620 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [6] total 7 [2022-11-03 03:47:11,620 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1606083893] [2022-11-03 03:47:11,620 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 03:47:11,621 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 03:47:11,621 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:47:11,621 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 03:47:11,622 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-11-03 03:47:11,622 INFO L87 Difference]: Start difference. First operand 45 states and 56 transitions. Second operand has 3 states, 3 states have (on average 7.0) internal successors, (21), 2 states have internal predecessors, (21), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 03:47:11,680 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:47:11,680 INFO L93 Difference]: Finished difference Result 123 states and 156 transitions. [2022-11-03 03:47:11,681 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 03:47:11,681 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.0) internal successors, (21), 2 states have internal predecessors, (21), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 27 [2022-11-03 03:47:11,681 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:47:11,682 INFO L225 Difference]: With dead ends: 123 [2022-11-03 03:47:11,683 INFO L226 Difference]: Without dead ends: 80 [2022-11-03 03:47:11,684 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 32 GetRequests, 27 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=11, Invalid=31, Unknown=0, NotChecked=0, Total=42 [2022-11-03 03:47:11,685 INFO L413 NwaCegarLoop]: 60 mSDtfsCounter, 35 mSDsluCounter, 43 mSDsCounter, 0 mSdLazyCounter, 30 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 35 SdHoareTripleChecker+Valid, 96 SdHoareTripleChecker+Invalid, 34 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 30 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-03 03:47:11,686 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [35 Valid, 96 Invalid, 34 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 30 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-03 03:47:11,687 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 80 states. [2022-11-03 03:47:11,698 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 80 to 78. [2022-11-03 03:47:11,698 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 78 states, 52 states have (on average 1.2692307692307692) internal successors, (66), 59 states have internal predecessors, (66), 13 states have call successors, (13), 12 states have call predecessors, (13), 12 states have return successors, (17), 13 states have call predecessors, (17), 13 states have call successors, (17) [2022-11-03 03:47:11,700 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 78 states to 78 states and 96 transitions. [2022-11-03 03:47:11,700 INFO L78 Accepts]: Start accepts. Automaton has 78 states and 96 transitions. Word has length 27 [2022-11-03 03:47:11,700 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:47:11,701 INFO L495 AbstractCegarLoop]: Abstraction has 78 states and 96 transitions. [2022-11-03 03:47:11,701 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.0) internal successors, (21), 2 states have internal predecessors, (21), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 03:47:11,701 INFO L276 IsEmpty]: Start isEmpty. Operand 78 states and 96 transitions. [2022-11-03 03:47:11,702 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2022-11-03 03:47:11,702 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:47:11,702 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:47:11,738 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-03 03:47:11,923 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 03:47:11,924 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:47:11,924 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:47:11,924 INFO L85 PathProgramCache]: Analyzing trace with hash -1468313323, now seen corresponding path program 1 times [2022-11-03 03:47:11,924 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:47:11,925 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2077706485] [2022-11-03 03:47:11,925 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:47:11,925 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:47:11,939 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:47:12,030 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 03:47:12,031 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:47:12,031 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2077706485] [2022-11-03 03:47:12,031 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2077706485] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 03:47:12,032 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 03:47:12,035 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-03 03:47:12,036 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1447178787] [2022-11-03 03:47:12,036 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 03:47:12,037 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-03 03:47:12,037 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:47:12,037 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-03 03:47:12,038 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-03 03:47:12,038 INFO L87 Difference]: Start difference. First operand 78 states and 96 transitions. Second operand has 6 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 03:47:12,206 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:47:12,207 INFO L93 Difference]: Finished difference Result 226 states and 285 transitions. [2022-11-03 03:47:12,207 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-11-03 03:47:12,208 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 28 [2022-11-03 03:47:12,208 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:47:12,213 INFO L225 Difference]: With dead ends: 226 [2022-11-03 03:47:12,214 INFO L226 Difference]: Without dead ends: 150 [2022-11-03 03:47:12,217 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 9 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-11-03 03:47:12,218 INFO L413 NwaCegarLoop]: 49 mSDtfsCounter, 32 mSDsluCounter, 209 mSDsCounter, 0 mSdLazyCounter, 98 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 35 SdHoareTripleChecker+Valid, 214 SdHoareTripleChecker+Invalid, 100 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 98 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 03:47:12,218 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [35 Valid, 214 Invalid, 100 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 98 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 03:47:12,219 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 150 states. [2022-11-03 03:47:12,256 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 150 to 142. [2022-11-03 03:47:12,258 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 142 states, 95 states have (on average 1.231578947368421) internal successors, (117), 106 states have internal predecessors, (117), 24 states have call successors, (24), 22 states have call predecessors, (24), 22 states have return successors, (32), 24 states have call predecessors, (32), 24 states have call successors, (32) [2022-11-03 03:47:12,263 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 142 states to 142 states and 173 transitions. [2022-11-03 03:47:12,263 INFO L78 Accepts]: Start accepts. Automaton has 142 states and 173 transitions. Word has length 28 [2022-11-03 03:47:12,263 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:47:12,264 INFO L495 AbstractCegarLoop]: Abstraction has 142 states and 173 transitions. [2022-11-03 03:47:12,264 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 03:47:12,264 INFO L276 IsEmpty]: Start isEmpty. Operand 142 states and 173 transitions. [2022-11-03 03:47:12,267 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 32 [2022-11-03 03:47:12,267 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:47:12,268 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:47:12,268 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-03 03:47:12,268 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:47:12,269 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:47:12,269 INFO L85 PathProgramCache]: Analyzing trace with hash 1270935420, now seen corresponding path program 1 times [2022-11-03 03:47:12,270 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:47:12,270 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [215011921] [2022-11-03 03:47:12,271 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:47:12,271 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:47:12,288 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:47:12,584 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 03:47:12,584 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:47:12,585 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [215011921] [2022-11-03 03:47:12,585 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [215011921] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 03:47:12,585 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 03:47:12,585 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-11-03 03:47:12,585 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [666372214] [2022-11-03 03:47:12,585 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 03:47:12,586 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-03 03:47:12,586 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:47:12,586 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-03 03:47:12,587 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=19, Invalid=37, Unknown=0, NotChecked=0, Total=56 [2022-11-03 03:47:12,587 INFO L87 Difference]: Start difference. First operand 142 states and 173 transitions. Second operand has 8 states, 7 states have (on average 3.4285714285714284) internal successors, (24), 8 states have internal predecessors, (24), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-03 03:47:13,030 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:47:13,031 INFO L93 Difference]: Finished difference Result 501 states and 624 transitions. [2022-11-03 03:47:13,032 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-11-03 03:47:13,032 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 3.4285714285714284) internal successors, (24), 8 states have internal predecessors, (24), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 31 [2022-11-03 03:47:13,032 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:47:13,040 INFO L225 Difference]: With dead ends: 501 [2022-11-03 03:47:13,040 INFO L226 Difference]: Without dead ends: 361 [2022-11-03 03:47:13,045 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 13 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 9 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 12 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=37, Invalid=73, Unknown=0, NotChecked=0, Total=110 [2022-11-03 03:47:13,051 INFO L413 NwaCegarLoop]: 83 mSDtfsCounter, 200 mSDsluCounter, 211 mSDsCounter, 0 mSdLazyCounter, 280 mSolverCounterSat, 48 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 203 SdHoareTripleChecker+Valid, 245 SdHoareTripleChecker+Invalid, 328 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 48 IncrementalHoareTripleChecker+Valid, 280 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-03 03:47:13,054 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [203 Valid, 245 Invalid, 328 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [48 Valid, 280 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-03 03:47:13,056 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 361 states. [2022-11-03 03:47:13,110 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 361 to 317. [2022-11-03 03:47:13,113 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 317 states, 218 states have (on average 1.2064220183486238) internal successors, (263), 230 states have internal predecessors, (263), 49 states have call successors, (49), 47 states have call predecessors, (49), 49 states have return successors, (65), 51 states have call predecessors, (65), 49 states have call successors, (65) [2022-11-03 03:47:13,115 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 317 states to 317 states and 377 transitions. [2022-11-03 03:47:13,116 INFO L78 Accepts]: Start accepts. Automaton has 317 states and 377 transitions. Word has length 31 [2022-11-03 03:47:13,117 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:47:13,118 INFO L495 AbstractCegarLoop]: Abstraction has 317 states and 377 transitions. [2022-11-03 03:47:13,118 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 3.4285714285714284) internal successors, (24), 8 states have internal predecessors, (24), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-03 03:47:13,118 INFO L276 IsEmpty]: Start isEmpty. Operand 317 states and 377 transitions. [2022-11-03 03:47:13,122 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-11-03 03:47:13,122 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:47:13,123 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:47:13,123 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-03 03:47:13,123 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:47:13,124 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:47:13,124 INFO L85 PathProgramCache]: Analyzing trace with hash -334915798, now seen corresponding path program 1 times [2022-11-03 03:47:13,124 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:47:13,124 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [477225301] [2022-11-03 03:47:13,124 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:47:13,125 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:47:13,148 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:47:13,199 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 03:47:13,200 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:47:13,200 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [477225301] [2022-11-03 03:47:13,200 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [477225301] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 03:47:13,200 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 03:47:13,200 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 03:47:13,201 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [802429608] [2022-11-03 03:47:13,201 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 03:47:13,201 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 03:47:13,201 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:47:13,202 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 03:47:13,202 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 03:47:13,202 INFO L87 Difference]: Start difference. First operand 317 states and 377 transitions. Second operand has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (4), 1 states have call predecessors, (4), 1 states have call successors, (4) [2022-11-03 03:47:13,307 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:47:13,307 INFO L93 Difference]: Finished difference Result 488 states and 607 transitions. [2022-11-03 03:47:13,309 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 03:47:13,309 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (4), 1 states have call predecessors, (4), 1 states have call successors, (4) Word has length 34 [2022-11-03 03:47:13,309 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:47:13,312 INFO L225 Difference]: With dead ends: 488 [2022-11-03 03:47:13,313 INFO L226 Difference]: Without dead ends: 486 [2022-11-03 03:47:13,313 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 03:47:13,314 INFO L413 NwaCegarLoop]: 50 mSDtfsCounter, 31 mSDsluCounter, 51 mSDsCounter, 0 mSdLazyCounter, 29 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 31 SdHoareTripleChecker+Valid, 89 SdHoareTripleChecker+Invalid, 34 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 29 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 03:47:13,314 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [31 Valid, 89 Invalid, 34 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 29 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 03:47:13,315 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 486 states. [2022-11-03 03:47:13,387 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 486 to 486. [2022-11-03 03:47:13,388 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 486 states, 333 states have (on average 1.2102102102102101) internal successors, (403), 353 states have internal predecessors, (403), 76 states have call successors, (76), 73 states have call predecessors, (76), 76 states have return successors, (122), 79 states have call predecessors, (122), 76 states have call successors, (122) [2022-11-03 03:47:13,391 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 486 states to 486 states and 601 transitions. [2022-11-03 03:47:13,392 INFO L78 Accepts]: Start accepts. Automaton has 486 states and 601 transitions. Word has length 34 [2022-11-03 03:47:13,392 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:47:13,392 INFO L495 AbstractCegarLoop]: Abstraction has 486 states and 601 transitions. [2022-11-03 03:47:13,392 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.333333333333334) internal successors, (25), 3 states have internal predecessors, (25), 1 states have call successors, (5), 2 states have call predecessors, (5), 1 states have return successors, (4), 1 states have call predecessors, (4), 1 states have call successors, (4) [2022-11-03 03:47:13,393 INFO L276 IsEmpty]: Start isEmpty. Operand 486 states and 601 transitions. [2022-11-03 03:47:13,394 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2022-11-03 03:47:13,394 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:47:13,395 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:47:13,395 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-03 03:47:13,395 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:47:13,396 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:47:13,396 INFO L85 PathProgramCache]: Analyzing trace with hash -1678230055, now seen corresponding path program 1 times [2022-11-03 03:47:13,396 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:47:13,396 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [717051876] [2022-11-03 03:47:13,396 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:47:13,396 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:47:13,422 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:47:13,543 INFO L134 CoverageAnalysis]: Checked inductivity of 23 backedges. 7 proven. 0 refuted. 0 times theorem prover too weak. 16 trivial. 0 not checked. [2022-11-03 03:47:13,543 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:47:13,543 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [717051876] [2022-11-03 03:47:13,543 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [717051876] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 03:47:13,544 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 03:47:13,544 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-03 03:47:13,544 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1650325613] [2022-11-03 03:47:13,544 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 03:47:13,544 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-03 03:47:13,545 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:47:13,545 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-03 03:47:13,545 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-03 03:47:13,545 INFO L87 Difference]: Start difference. First operand 486 states and 601 transitions. Second operand has 4 states, 4 states have (on average 9.25) internal successors, (37), 4 states have internal predecessors, (37), 2 states have call successors, (7), 1 states have call predecessors, (7), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-11-03 03:47:13,657 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:47:13,657 INFO L93 Difference]: Finished difference Result 765 states and 969 transitions. [2022-11-03 03:47:13,657 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-03 03:47:13,658 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 9.25) internal successors, (37), 4 states have internal predecessors, (37), 2 states have call successors, (7), 1 states have call predecessors, (7), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) Word has length 60 [2022-11-03 03:47:13,658 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:47:13,660 INFO L225 Difference]: With dead ends: 765 [2022-11-03 03:47:13,660 INFO L226 Difference]: Without dead ends: 425 [2022-11-03 03:47:13,662 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-03 03:47:13,662 INFO L413 NwaCegarLoop]: 57 mSDtfsCounter, 38 mSDsluCounter, 112 mSDsCounter, 0 mSdLazyCounter, 54 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 38 SdHoareTripleChecker+Valid, 148 SdHoareTripleChecker+Invalid, 58 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 54 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 03:47:13,663 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [38 Valid, 148 Invalid, 58 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 54 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 03:47:13,663 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 425 states. [2022-11-03 03:47:13,707 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 425 to 399. [2022-11-03 03:47:13,717 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 399 states, 270 states have (on average 1.1925925925925926) internal successors, (322), 287 states have internal predecessors, (322), 64 states have call successors, (64), 61 states have call predecessors, (64), 64 states have return successors, (94), 65 states have call predecessors, (94), 64 states have call successors, (94) [2022-11-03 03:47:13,720 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 399 states to 399 states and 480 transitions. [2022-11-03 03:47:13,720 INFO L78 Accepts]: Start accepts. Automaton has 399 states and 480 transitions. Word has length 60 [2022-11-03 03:47:13,720 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:47:13,720 INFO L495 AbstractCegarLoop]: Abstraction has 399 states and 480 transitions. [2022-11-03 03:47:13,721 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 9.25) internal successors, (37), 4 states have internal predecessors, (37), 2 states have call successors, (7), 1 states have call predecessors, (7), 1 states have return successors, (7), 2 states have call predecessors, (7), 2 states have call successors, (7) [2022-11-03 03:47:13,721 INFO L276 IsEmpty]: Start isEmpty. Operand 399 states and 480 transitions. [2022-11-03 03:47:13,722 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 69 [2022-11-03 03:47:13,723 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:47:13,723 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:47:13,723 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-11-03 03:47:13,723 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:47:13,723 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:47:13,724 INFO L85 PathProgramCache]: Analyzing trace with hash -549369746, now seen corresponding path program 1 times [2022-11-03 03:47:13,724 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:47:13,724 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [446672963] [2022-11-03 03:47:13,724 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:47:13,724 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:47:13,742 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:47:13,962 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 11 proven. 6 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2022-11-03 03:47:13,963 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:47:13,963 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [446672963] [2022-11-03 03:47:13,963 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [446672963] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 03:47:13,963 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1203555358] [2022-11-03 03:47:13,963 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:47:13,963 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 03:47:13,964 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 03:47:13,965 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 03:47:13,998 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-03 03:47:14,113 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:47:14,116 INFO L263 TraceCheckSpWp]: Trace formula consists of 443 conjuncts, 28 conjunts are in the unsatisfiable core [2022-11-03 03:47:14,122 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 03:47:14,475 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 15 proven. 12 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 03:47:14,476 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 03:47:14,971 INFO L134 CoverageAnalysis]: Checked inductivity of 27 backedges. 13 proven. 6 refuted. 0 times theorem prover too weak. 8 trivial. 0 not checked. [2022-11-03 03:47:14,971 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1203555358] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 03:47:14,971 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [890862479] [2022-11-03 03:47:14,994 INFO L159 IcfgInterpreter]: Started Sifa with 44 locations of interest [2022-11-03 03:47:14,999 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 03:47:15,005 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 03:47:15,013 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 03:47:15,013 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 03:47:21,812 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 46 for LOIs [2022-11-03 03:47:21,820 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 47 for LOIs [2022-11-03 03:47:22,052 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 40 for LOIs [2022-11-03 03:47:22,155 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 23 for LOIs [2022-11-03 03:47:22,157 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 45 for LOIs [2022-11-03 03:47:22,165 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 26 for LOIs [2022-11-03 03:47:22,167 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 03:47:28,647 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '6589#(and (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification2_spec__2_~tmp___0~2#1|) (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp~4#1| 0)) (= ~head~0.offset 0) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~1#1|) (<= |timeShift_isPumpRunning_#res#1| 2147483647) (= 1 ~systemActive~0) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~1#1|) (<= 0 ~methAndRunningLastTime~0) (<= 0 |old(~methAndRunningLastTime~0)|) (<= |old(~methAndRunningLastTime~0)| 1) (<= 0 ~methaneLevelCritical~0) (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp___0~2#1| 0)) (= |timeShift___utac_acc__Specification2_spec__2_~tmp~4#1| ~methaneLevelCritical~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (<= ~methaneLevelCritical~0 2147483647) (<= 0 (+ |timeShift_isPumpRunning_#res#1| 2147483648)) (not (= ~methAndRunningLastTime~0 0)) (<= ~methAndRunningLastTime~0 1) (<= 0 |#StackHeapBarrier|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 03:47:28,647 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 03:47:28,647 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 03:47:28,647 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [9, 9, 11] total 23 [2022-11-03 03:47:28,648 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2070716897] [2022-11-03 03:47:28,648 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 03:47:28,650 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 23 states [2022-11-03 03:47:28,650 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:47:28,650 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 23 interpolants. [2022-11-03 03:47:28,652 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=261, Invalid=2495, Unknown=0, NotChecked=0, Total=2756 [2022-11-03 03:47:28,652 INFO L87 Difference]: Start difference. First operand 399 states and 480 transitions. Second operand has 23 states, 17 states have (on average 6.235294117647059) internal successors, (106), 18 states have internal predecessors, (106), 10 states have call successors, (26), 9 states have call predecessors, (26), 11 states have return successors, (24), 12 states have call predecessors, (24), 10 states have call successors, (24) [2022-11-03 03:47:29,586 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:47:29,586 INFO L93 Difference]: Finished difference Result 840 states and 1030 transitions. [2022-11-03 03:47:29,587 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2022-11-03 03:47:29,587 INFO L78 Accepts]: Start accepts. Automaton has has 23 states, 17 states have (on average 6.235294117647059) internal successors, (106), 18 states have internal predecessors, (106), 10 states have call successors, (26), 9 states have call predecessors, (26), 11 states have return successors, (24), 12 states have call predecessors, (24), 10 states have call successors, (24) Word has length 68 [2022-11-03 03:47:29,587 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:47:29,591 INFO L225 Difference]: With dead ends: 840 [2022-11-03 03:47:29,591 INFO L226 Difference]: Without dead ends: 619 [2022-11-03 03:47:29,593 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 224 GetRequests, 157 SyntacticMatches, 7 SemanticMatches, 60 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1342 ImplicationChecksByTransitivity, 7.0s TimeCoverageRelationStatistics Valid=374, Invalid=3408, Unknown=0, NotChecked=0, Total=3782 [2022-11-03 03:47:29,594 INFO L413 NwaCegarLoop]: 71 mSDtfsCounter, 296 mSDsluCounter, 182 mSDsCounter, 0 mSdLazyCounter, 966 mSolverCounterSat, 136 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 299 SdHoareTripleChecker+Valid, 203 SdHoareTripleChecker+Invalid, 1102 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 136 IncrementalHoareTripleChecker+Valid, 966 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2022-11-03 03:47:29,594 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [299 Valid, 203 Invalid, 1102 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [136 Valid, 966 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2022-11-03 03:47:29,595 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 619 states. [2022-11-03 03:47:29,648 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 619 to 595. [2022-11-03 03:47:29,649 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 595 states, 405 states have (on average 1.1901234567901235) internal successors, (482), 429 states have internal predecessors, (482), 94 states have call successors, (94), 88 states have call predecessors, (94), 95 states have return successors, (138), 95 states have call predecessors, (138), 94 states have call successors, (138) [2022-11-03 03:47:29,652 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 595 states to 595 states and 714 transitions. [2022-11-03 03:47:29,653 INFO L78 Accepts]: Start accepts. Automaton has 595 states and 714 transitions. Word has length 68 [2022-11-03 03:47:29,653 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:47:29,654 INFO L495 AbstractCegarLoop]: Abstraction has 595 states and 714 transitions. [2022-11-03 03:47:29,654 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 23 states, 17 states have (on average 6.235294117647059) internal successors, (106), 18 states have internal predecessors, (106), 10 states have call successors, (26), 9 states have call predecessors, (26), 11 states have return successors, (24), 12 states have call predecessors, (24), 10 states have call successors, (24) [2022-11-03 03:47:29,654 INFO L276 IsEmpty]: Start isEmpty. Operand 595 states and 714 transitions. [2022-11-03 03:47:29,656 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 72 [2022-11-03 03:47:29,656 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 03:47:29,657 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:47:29,694 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-03 03:47:29,882 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable8 [2022-11-03 03:47:29,882 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 03:47:29,883 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 03:47:29,883 INFO L85 PathProgramCache]: Analyzing trace with hash 588054015, now seen corresponding path program 1 times [2022-11-03 03:47:29,883 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 03:47:29,883 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [149016642] [2022-11-03 03:47:29,883 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:47:29,883 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 03:47:29,906 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:47:30,225 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 6 proven. 15 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2022-11-03 03:47:30,225 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 03:47:30,225 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [149016642] [2022-11-03 03:47:30,226 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [149016642] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 03:47:30,226 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1788054917] [2022-11-03 03:47:30,226 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 03:47:30,226 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 03:47:30,226 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 03:47:30,227 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 03:47:30,250 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-11-03 03:47:30,332 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 03:47:30,334 INFO L263 TraceCheckSpWp]: Trace formula consists of 449 conjuncts, 23 conjunts are in the unsatisfiable core [2022-11-03 03:47:30,337 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 03:47:30,409 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 16 proven. 0 refuted. 0 times theorem prover too weak. 14 trivial. 0 not checked. [2022-11-03 03:47:30,410 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-03 03:47:30,410 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1788054917] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 03:47:30,410 INFO L184 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2022-11-03 03:47:30,410 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [13] total 16 [2022-11-03 03:47:30,411 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2137128149] [2022-11-03 03:47:30,411 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 03:47:30,411 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2022-11-03 03:47:30,411 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 03:47:30,412 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2022-11-03 03:47:30,412 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=36, Invalid=204, Unknown=0, NotChecked=0, Total=240 [2022-11-03 03:47:30,412 INFO L87 Difference]: Start difference. First operand 595 states and 714 transitions. Second operand has 9 states, 7 states have (on average 6.0) internal successors, (42), 7 states have internal predecessors, (42), 2 states have call successors, (9), 2 states have call predecessors, (9), 4 states have return successors, (9), 4 states have call predecessors, (9), 2 states have call successors, (9) [2022-11-03 03:47:30,762 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 03:47:30,763 INFO L93 Difference]: Finished difference Result 1158 states and 1408 transitions. [2022-11-03 03:47:30,764 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2022-11-03 03:47:30,764 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 7 states have (on average 6.0) internal successors, (42), 7 states have internal predecessors, (42), 2 states have call successors, (9), 2 states have call predecessors, (9), 4 states have return successors, (9), 4 states have call predecessors, (9), 2 states have call successors, (9) Word has length 71 [2022-11-03 03:47:30,765 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 03:47:30,765 INFO L225 Difference]: With dead ends: 1158 [2022-11-03 03:47:30,765 INFO L226 Difference]: Without dead ends: 0 [2022-11-03 03:47:30,768 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 95 GetRequests, 74 SyntacticMatches, 0 SemanticMatches, 21 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 48 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=77, Invalid=429, Unknown=0, NotChecked=0, Total=506 [2022-11-03 03:47:30,769 INFO L413 NwaCegarLoop]: 55 mSDtfsCounter, 43 mSDsluCounter, 334 mSDsCounter, 0 mSdLazyCounter, 278 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 47 SdHoareTripleChecker+Valid, 311 SdHoareTripleChecker+Invalid, 287 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 278 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-03 03:47:30,769 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [47 Valid, 311 Invalid, 287 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 278 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-03 03:47:30,769 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-03 03:47:30,770 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-03 03:47:30,770 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 03:47:30,770 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-03 03:47:30,770 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 71 [2022-11-03 03:47:30,771 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 03:47:30,771 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-03 03:47:30,771 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 7 states have (on average 6.0) internal successors, (42), 7 states have internal predecessors, (42), 2 states have call successors, (9), 2 states have call predecessors, (9), 4 states have return successors, (9), 4 states have call predecessors, (9), 2 states have call successors, (9) [2022-11-03 03:47:30,771 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-03 03:47:30,771 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-03 03:47:30,774 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-03 03:47:30,808 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2022-11-03 03:47:30,990 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9,4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 03:47:30,992 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-03 03:47:36,562 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 87 93) no Hoare annotation was computed. [2022-11-03 03:47:36,562 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 87 93) the Hoare annotation is: true [2022-11-03 03:47:36,563 INFO L895 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 373 384) the Hoare annotation is: (let ((.cse3 (not (= 1 ~systemActive~0)))) (let ((.cse1 (not (= |old(~methaneLevelCritical~0)| 0))) (.cse2 (= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)) (.cse4 (not (= ~methAndRunningLastTime~0 0))) (.cse0 (and (or (= ~pumpRunning~0 0) .cse3) (or (not (= ~waterLevel~0 1)) .cse3))) (.cse5 (= ~methaneLevelCritical~0 1)) (.cse6 (not (= |old(~methaneLevelCritical~0)| 1)))) (and (or .cse0 .cse1 .cse2) (or .cse1 .cse3 .cse2 .cse4) (or .cse3 .cse5 .cse6 .cse4) (or .cse0 .cse5 .cse6)))) [2022-11-03 03:47:36,563 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 373 384) no Hoare annotation was computed. [2022-11-03 03:47:36,563 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 817 846) no Hoare annotation was computed. [2022-11-03 03:47:36,564 INFO L899 garLoopResultBuilder]: For program point L831(lines 831 835) no Hoare annotation was computed. [2022-11-03 03:47:36,564 INFO L902 garLoopResultBuilder]: At program point L831-1(lines 831 835) the Hoare annotation is: true [2022-11-03 03:47:36,564 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 817 846) the Hoare annotation is: true [2022-11-03 03:47:36,564 INFO L902 garLoopResultBuilder]: At program point L827-2(lines 827 841) the Hoare annotation is: true [2022-11-03 03:47:36,564 INFO L902 garLoopResultBuilder]: At program point L823(line 823) the Hoare annotation is: true [2022-11-03 03:47:36,564 INFO L899 garLoopResultBuilder]: For program point L823-1(line 823) no Hoare annotation was computed. [2022-11-03 03:47:36,565 INFO L902 garLoopResultBuilder]: At program point L842(lines 817 846) the Hoare annotation is: true [2022-11-03 03:47:36,565 INFO L899 garLoopResultBuilder]: For program point L838(line 838) no Hoare annotation was computed. [2022-11-03 03:47:36,565 INFO L902 garLoopResultBuilder]: At program point isMethaneLevelCriticalENTRY(lines 385 393) the Hoare annotation is: true [2022-11-03 03:47:36,565 INFO L899 garLoopResultBuilder]: For program point isMethaneLevelCriticalEXIT(lines 385 393) no Hoare annotation was computed. [2022-11-03 03:47:36,565 INFO L899 garLoopResultBuilder]: For program point L329(lines 329 335) no Hoare annotation was computed. [2022-11-03 03:47:36,566 INFO L895 garLoopResultBuilder]: At program point L135(line 135) the Hoare annotation is: (let ((.cse5 (= |old(~pumpRunning~0)| 0))) (let ((.cse4 (not (= ~methaneLevelCritical~0 1))) (.cse2 (and (not (= |old(~waterLevel~0)| 1)) .cse5)) (.cse3 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 (and (or (not (= ~pumpRunning~0 0)) (= ~waterLevel~0 1)) (= |timeShift_processEnvironment_~tmp~1#1| ~methaneLevelCritical~0)) .cse2) (or .cse3 .cse0 .cse4) (or (not .cse5) .cse3 .cse0 .cse1) (or .cse0 .cse4 .cse2) (or .cse3 (= ~methAndRunningLastTime~0 0) .cse0 .cse1)))) [2022-11-03 03:47:36,566 INFO L895 garLoopResultBuilder]: At program point L445(line 445) the Hoare annotation is: (let ((.cse0 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse3 (not (= ~methaneLevelCritical~0 1))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse4 (and (not (= |old(~waterLevel~0)| 1)) (= |old(~pumpRunning~0)| 0)))) (and (or .cse0 .cse1 .cse2) (or .cse0 .cse1 .cse3) (or .cse1 .cse3 .cse4) (or .cse1 .cse2 .cse4))) [2022-11-03 03:47:36,567 INFO L895 garLoopResultBuilder]: At program point L140(line 140) the Hoare annotation is: (let ((.cse7 (= ~pumpRunning~0 0))) (let ((.cse1 (not (= ~methaneLevelCritical~0 0))) (.cse4 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse5 (and .cse7 (= ~methAndRunningLastTime~0 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (and .cse7 (= ~waterLevel~0 1))) (.cse6 (not (= ~methaneLevelCritical~0 1))) (.cse3 (and (not (= |old(~waterLevel~0)| 1)) (= |old(~pumpRunning~0)| 0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse0 .cse1 .cse5) (or .cse4 .cse0 .cse6 .cse5) (or .cse0 .cse2 .cse6 .cse3)))) [2022-11-03 03:47:36,567 INFO L895 garLoopResultBuilder]: At program point L140-1(lines 121 145) the Hoare annotation is: (let ((.cse3 (= ~pumpRunning~0 0)) (.cse14 (= ~methaneLevelCritical~0 0)) (.cse13 (= 1 ~systemActive~0)) (.cse11 (= ~waterLevel~0 1)) (.cse9 (not (= |old(~waterLevel~0)| 1))) (.cse15 (= |old(~pumpRunning~0)| 0))) (let ((.cse4 (= |timeShift_processEnvironment_~tmp~1#1| ~methaneLevelCritical~0)) (.cse5 (and .cse9 .cse15)) (.cse6 (not .cse11)) (.cse12 (not (= ~methaneLevelCritical~0 1))) (.cse7 (not .cse15)) (.cse1 (and .cse3 .cse14 .cse13 .cse11)) (.cse8 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse10 (= ~methAndRunningLastTime~0 0)) (.cse0 (not .cse13)) (.cse2 (not .cse14))) (and (or .cse0 .cse1 .cse2 (and (not .cse3) .cse4) .cse5) (or .cse6 .cse7 .cse3 .cse8 .cse0 .cse2) (or .cse7 .cse8 .cse9 .cse0 (and .cse10 .cse11) .cse12) (or .cse0 (and .cse3 .cse13 .cse4) (and .cse3 .cse11) .cse12 .cse5) (or .cse8 .cse0 (and .cse6 .cse10) .cse12 (and .cse3 .cse13)) (or .cse7 .cse8 .cse9 .cse0 .cse1 .cse2) (or .cse8 .cse10 .cse0 .cse2)))) [2022-11-03 03:47:36,567 INFO L899 garLoopResultBuilder]: For program point L74-1(lines 74 80) no Hoare annotation was computed. [2022-11-03 03:47:36,568 INFO L895 garLoopResultBuilder]: At program point L322(line 322) the Hoare annotation is: (let ((.cse3 (= ~pumpRunning~0 0)) (.cse14 (= ~methaneLevelCritical~0 0)) (.cse13 (= 1 ~systemActive~0)) (.cse11 (= ~waterLevel~0 1)) (.cse9 (not (= |old(~waterLevel~0)| 1))) (.cse15 (= |old(~pumpRunning~0)| 0))) (let ((.cse4 (= |timeShift_processEnvironment_~tmp~1#1| ~methaneLevelCritical~0)) (.cse5 (and .cse9 .cse15)) (.cse6 (not .cse11)) (.cse12 (not (= ~methaneLevelCritical~0 1))) (.cse7 (not .cse15)) (.cse1 (and .cse3 .cse14 .cse13 .cse11)) (.cse8 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse10 (= ~methAndRunningLastTime~0 0)) (.cse0 (not .cse13)) (.cse2 (not .cse14))) (and (or .cse0 .cse1 .cse2 (and (not .cse3) .cse4) .cse5) (or .cse6 .cse7 .cse3 .cse8 .cse0 .cse2) (or .cse7 .cse8 .cse9 .cse0 (and .cse10 .cse11) .cse12) (or .cse0 (and .cse3 .cse13 .cse4) (and .cse3 .cse11) .cse12 .cse5) (or .cse8 .cse0 (and .cse6 .cse10) .cse12 (and .cse3 .cse13)) (or .cse7 .cse8 .cse9 .cse0 .cse1 .cse2) (or .cse8 .cse10 .cse0 .cse2)))) [2022-11-03 03:47:36,568 INFO L899 garLoopResultBuilder]: For program point L322-1(line 322) no Hoare annotation was computed. [2022-11-03 03:47:36,568 INFO L899 garLoopResultBuilder]: For program point L67-1(lines 66 85) no Hoare annotation was computed. [2022-11-03 03:47:36,568 INFO L895 garLoopResultBuilder]: At program point L129(lines 129 137) the Hoare annotation is: (let ((.cse7 (= |old(~pumpRunning~0)| 0))) (let ((.cse4 (not .cse7)) (.cse6 (not (= ~methaneLevelCritical~0 1))) (.cse2 (and (or (not (= ~pumpRunning~0 0)) (= ~waterLevel~0 1)) (= |timeShift_processEnvironment_~tmp~1#1| ~methaneLevelCritical~0))) (.cse3 (and (not (= |old(~waterLevel~0)| 1)) .cse7)) (.cse5 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse5 .cse0 .cse1) (or .cse4 .cse5 .cse0 .cse6) (or .cse0 .cse6 .cse2 .cse3) (or .cse5 (= ~methAndRunningLastTime~0 0) .cse0 .cse1)))) [2022-11-03 03:47:36,568 INFO L899 garLoopResultBuilder]: For program point L125(lines 125 142) no Hoare annotation was computed. [2022-11-03 03:47:36,569 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 63 86) the Hoare annotation is: (let ((.cse5 (= ~pumpRunning~0 0)) (.cse10 (= 1 ~systemActive~0)) (.cse9 (= |old(~pumpRunning~0)| 0))) (let ((.cse3 (not (= ~methaneLevelCritical~0 1))) (.cse4 (not .cse9)) (.cse0 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse2 (not .cse10)) (.cse8 (not (= ~methaneLevelCritical~0 0))) (.cse6 (and .cse10 (or (not .cse5) (= ~waterLevel~0 1)))) (.cse7 (and (not (= |old(~waterLevel~0)| 1)) .cse9))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse5 .cse0 .cse2 .cse3) (or .cse2 .cse3 .cse6 .cse7) (or .cse4 .cse5 .cse0 .cse2 .cse8) (or .cse0 .cse1 .cse2 .cse8) (or .cse2 .cse8 .cse6 .cse7)))) [2022-11-03 03:47:36,569 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 63 86) no Hoare annotation was computed. [2022-11-03 03:47:36,569 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 445) no Hoare annotation was computed. [2022-11-03 03:47:36,569 INFO L899 garLoopResultBuilder]: For program point L328(lines 328 338) no Hoare annotation was computed. [2022-11-03 03:47:36,570 INFO L895 garLoopResultBuilder]: At program point L167(line 167) the Hoare annotation is: (let ((.cse8 (= |old(~pumpRunning~0)| 0))) (let ((.cse4 (not .cse8)) (.cse0 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse5 (not (= ~methaneLevelCritical~0 1))) (.cse6 (not (= ~pumpRunning~0 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse7 (= ~waterLevel~0 1)) (.cse3 (and (not (= |old(~waterLevel~0)| 1)) .cse8))) (and (or .cse0 (= ~methAndRunningLastTime~0 0) .cse1 .cse2 .cse3) (or .cse4 .cse0 .cse1 .cse2) (or .cse4 .cse0 .cse1 .cse5) (or .cse6 .cse1 .cse5 .cse7 .cse3) (or .cse6 .cse1 .cse2 .cse7 .cse3)))) [2022-11-03 03:47:36,570 INFO L895 garLoopResultBuilder]: At program point L167-1(line 167) the Hoare annotation is: (let ((.cse7 (= |old(~pumpRunning~0)| 0))) (let ((.cse0 (not .cse7)) (.cse5 (not (= ~methaneLevelCritical~0 1))) (.cse4 (or (not (= ~pumpRunning~0 0)) (= ~waterLevel~0 1))) (.cse6 (and (not (= |old(~waterLevel~0)| 1)) .cse7)) (.cse1 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse3 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse2 (and .cse4 (= |timeShift_isMethaneAlarm_#t~ret6#1| 1)) .cse5 .cse6) (or .cse0 .cse1 .cse2 .cse5) (or .cse2 .cse3 (and (= |timeShift_isMethaneAlarm_#t~ret6#1| ~methaneLevelCritical~0) .cse4) .cse6) (or .cse1 (= ~methAndRunningLastTime~0 0) .cse2 .cse3)))) [2022-11-03 03:47:36,570 INFO L895 garLoopResultBuilder]: At program point L324(lines 324 341) the Hoare annotation is: (let ((.cse3 (= ~pumpRunning~0 0)) (.cse15 (= ~methaneLevelCritical~0 0)) (.cse14 (= 1 ~systemActive~0)) (.cse12 (= ~waterLevel~0 1)) (.cse11 (not (= |old(~waterLevel~0)| 1))) (.cse16 (= |old(~pumpRunning~0)| 0))) (let ((.cse4 (= |timeShift___utac_acc__Specification2_spec__2_~tmp~4#1| 0)) (.cse5 (= |timeShift_processEnvironment_~tmp~1#1| ~methaneLevelCritical~0)) (.cse6 (and .cse11 .cse16)) (.cse7 (not .cse12)) (.cse10 (= ~methAndRunningLastTime~0 0)) (.cse13 (not (= ~methaneLevelCritical~0 1))) (.cse8 (not .cse16)) (.cse9 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse0 (not .cse14)) (.cse1 (and .cse3 .cse15 .cse14 .cse12)) (.cse2 (not .cse15))) (and (or .cse0 .cse1 .cse2 (and (not .cse3) .cse4 .cse5) .cse6) (or .cse7 .cse8 .cse3 .cse9 .cse0 .cse2) (or .cse9 .cse0 .cse2 (and .cse10 .cse4)) (or .cse8 .cse9 .cse11 .cse0 (and .cse10 .cse12) .cse13) (or .cse0 (and .cse3 .cse14 .cse5) (and .cse3 .cse12) .cse13 .cse6) (or .cse9 .cse0 (and .cse7 .cse10) .cse13 (and .cse3 .cse14)) (or .cse8 .cse9 .cse11 .cse0 .cse1 .cse2)))) [2022-11-03 03:47:36,571 INFO L895 garLoopResultBuilder]: At program point L324-1(lines 316 344) the Hoare annotation is: (let ((.cse2 (not (= |old(~waterLevel~0)| 1))) (.cse16 (= 1 ~systemActive~0)) (.cse17 (= |old(~pumpRunning~0)| 0)) (.cse11 (= ~pumpRunning~0 0)) (.cse7 (= ~methAndRunningLastTime~0 0)) (.cse14 (= ~waterLevel~0 1))) (let ((.cse6 (not .cse14)) (.cse8 (and .cse11 .cse7)) (.cse0 (not .cse17)) (.cse9 (not (= ~methaneLevelCritical~0 1))) (.cse4 (and .cse11 .cse7 .cse16 .cse14)) (.cse10 (not .cse11)) (.cse12 (= |timeShift_processEnvironment_~tmp~1#1| ~methaneLevelCritical~0)) (.cse13 (and .cse2 .cse17)) (.cse1 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse3 (not .cse16)) (.cse15 (= |timeShift___utac_acc__Specification2_spec__2_~tmp~4#1| 0)) (.cse5 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse0 .cse1 .cse3 .cse5 (and .cse6 .cse7) .cse8) (or .cse1 .cse3 .cse9 (and .cse6 .cse10) .cse8) (or .cse3 (and .cse11 .cse7 .cse12) .cse4 .cse9 .cse13) (or .cse0 .cse1 .cse2 .cse3 .cse9 .cse14) (or .cse3 .cse4 .cse5 (and .cse7 .cse10 .cse15 .cse12) .cse13) (or .cse1 .cse3 .cse15 .cse5)))) [2022-11-03 03:47:36,571 INFO L895 garLoopResultBuilder]: At program point L287-2(lines 281 292) the Hoare annotation is: (let ((.cse2 (or (not (= ~pumpRunning~0 0)) (= ~waterLevel~0 1))) (.cse0 (= ~methaneLevelCritical~0 0)) (.cse5 (= ~methAndRunningLastTime~0 0)) (.cse1 (= 1 ~systemActive~0)) (.cse4 (= ~methaneLevelCritical~0 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3) (and .cse1 .cse4 .cse2 .cse3) (and .cse5 .cse0 .cse1 .cse3) (and .cse5 .cse1 .cse4 .cse3))) [2022-11-03 03:47:36,571 INFO L899 garLoopResultBuilder]: For program point L271(lines 271 277) no Hoare annotation was computed. [2022-11-03 03:47:36,571 INFO L899 garLoopResultBuilder]: For program point L271-1(lines 271 277) no Hoare annotation was computed. [2022-11-03 03:47:36,572 INFO L902 garLoopResultBuilder]: At program point L300(lines 241 304) the Hoare annotation is: true [2022-11-03 03:47:36,572 INFO L895 garLoopResultBuilder]: At program point L263(line 263) the Hoare annotation is: (let ((.cse5 (= ~pumpRunning~0 0))) (let ((.cse3 (= ~methaneLevelCritical~0 1)) (.cse0 (not (= ~waterLevel~0 1))) (.cse1 (not .cse5)) (.cse6 (= ~methAndRunningLastTime~0 0)) (.cse7 (= ~methaneLevelCritical~0 0)) (.cse2 (= 1 ~systemActive~0)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse5 .cse6 .cse2 .cse3 .cse4) (and .cse0 .cse1 .cse7 .cse2 .cse4) (and .cse6 .cse7 .cse2 .cse4)))) [2022-11-03 03:47:36,572 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-03 03:47:36,572 INFO L895 garLoopResultBuilder]: At program point L297(lines 250 298) the Hoare annotation is: false [2022-11-03 03:47:36,572 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-03 03:47:36,572 INFO L899 garLoopResultBuilder]: For program point L252(lines 251 296) no Hoare annotation was computed. [2022-11-03 03:47:36,573 INFO L895 garLoopResultBuilder]: At program point L273(line 273) the Hoare annotation is: (let ((.cse4 (= 1 ~systemActive~0)) (.cse5 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (let ((.cse0 (or (and .cse4 .cse5 (= ~waterLevel~0 1)) (and (not (= ~pumpRunning~0 0)) .cse4 .cse5))) (.cse1 (= ~methaneLevelCritical~0 0)) (.cse3 (= ~methAndRunningLastTime~0 0)) (.cse2 (= ~methaneLevelCritical~0 1))) (or (and .cse0 .cse1) (and .cse0 .cse2) (and .cse3 .cse1 .cse4 .cse5) (and .cse3 .cse4 .cse2 .cse5)))) [2022-11-03 03:47:36,573 INFO L895 garLoopResultBuilder]: At program point L294(lines 251 296) the Hoare annotation is: (let ((.cse5 (= ~pumpRunning~0 0))) (let ((.cse3 (= ~methaneLevelCritical~0 1)) (.cse0 (not (= ~waterLevel~0 1))) (.cse1 (not .cse5)) (.cse6 (= ~methAndRunningLastTime~0 0)) (.cse7 (= ~methaneLevelCritical~0 0)) (.cse2 (= 1 ~systemActive~0)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse5 .cse6 .cse2 .cse3 .cse4) (and .cse0 .cse1 .cse7 .cse2 .cse4) (and .cse6 .cse7 .cse2 .cse4)))) [2022-11-03 03:47:36,573 INFO L899 garLoopResultBuilder]: For program point L261(lines 261 267) no Hoare annotation was computed. [2022-11-03 03:47:36,573 INFO L899 garLoopResultBuilder]: For program point L261-1(lines 261 267) no Hoare annotation was computed. [2022-11-03 03:47:36,573 INFO L895 garLoopResultBuilder]: At program point L902(lines 902 909) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methAndRunningLastTime~0 0) (= ~methaneLevelCritical~0 0) (= 1 ~systemActive~0) (= ~waterLevel~0 1)) [2022-11-03 03:47:36,573 INFO L902 garLoopResultBuilder]: At program point L902-2(lines 902 909) the Hoare annotation is: true [2022-11-03 03:47:36,574 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 95 119) the Hoare annotation is: (let ((.cse6 (= |old(~pumpRunning~0)| 0)) (.cse7 (= ~waterLevel~0 1))) (let ((.cse4 (not (= ~methAndRunningLastTime~0 0))) (.cse3 (not (= ~methaneLevelCritical~0 1))) (.cse8 (not .cse7)) (.cse0 (not .cse6)) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= 1 ~systemActive~0))) (.cse5 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse0 .cse1 .cse2 .cse5 .cse4) (or (not .cse1) .cse2 .cse6 .cse5 .cse7) (or .cse8 .cse0 .cse1 .cse2 .cse3) (or .cse8 .cse0 .cse1 .cse2 .cse5)))) [2022-11-03 03:47:36,574 INFO L895 garLoopResultBuilder]: At program point L114(line 114) the Hoare annotation is: (let ((.cse6 (= |old(~pumpRunning~0)| 0)) (.cse7 (= ~waterLevel~0 1))) (let ((.cse4 (not .cse7)) (.cse2 (not (= ~methaneLevelCritical~0 1))) (.cse0 (not .cse6)) (.cse3 (not (= ~methAndRunningLastTime~0 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse5 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse0 .cse1 .cse5) (or .cse4 .cse0 .cse1 .cse2) (or .cse0 .cse1 .cse5 .cse3) (or (not (= ~pumpRunning~0 0)) .cse1 .cse6 .cse5 .cse7)))) [2022-11-03 03:47:36,574 INFO L899 garLoopResultBuilder]: For program point L114-1(lines 95 119) no Hoare annotation was computed. [2022-11-03 03:47:36,574 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 95 119) no Hoare annotation was computed. [2022-11-03 03:47:36,574 INFO L895 garLoopResultBuilder]: At program point L109(line 109) the Hoare annotation is: (let ((.cse9 (= ~waterLevel~0 1)) (.cse8 (= |old(~pumpRunning~0)| 0))) (let ((.cse0 (not .cse8)) (.cse3 (not (= ~methaneLevelCritical~0 1))) (.cse5 (not .cse9)) (.cse6 (= |processEnvironment__wrappee__highWaterSensor_~tmp~0#1| 0)) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= 1 ~systemActive~0))) (.cse7 (not (= ~methaneLevelCritical~0 0))) (.cse4 (not (= ~methAndRunningLastTime~0 0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse0 .cse2 (and .cse1 .cse6) .cse3) (or .cse2 .cse7 (and .cse5 .cse8) (and .cse1 .cse6 .cse9)) (or .cse1 .cse2 .cse7 .cse4)))) [2022-11-03 03:47:36,575 INFO L895 garLoopResultBuilder]: At program point L103(lines 103 111) the Hoare annotation is: (let ((.cse9 (= ~waterLevel~0 1)) (.cse8 (= |old(~pumpRunning~0)| 0))) (let ((.cse0 (not .cse8)) (.cse3 (not (= ~methaneLevelCritical~0 1))) (.cse5 (not .cse9)) (.cse6 (= |processEnvironment__wrappee__highWaterSensor_~tmp~0#1| 0)) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= 1 ~systemActive~0))) (.cse7 (not (= ~methaneLevelCritical~0 0))) (.cse4 (not (= ~methAndRunningLastTime~0 0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse0 .cse2 (and .cse1 .cse6) .cse3) (or .cse2 .cse7 (and .cse5 .cse8) (and .cse1 .cse6 .cse9)) (or .cse1 .cse2 .cse7 .cse4)))) [2022-11-03 03:47:36,575 INFO L895 garLoopResultBuilder]: At program point L99(lines 99 116) the Hoare annotation is: (let ((.cse6 (= |old(~pumpRunning~0)| 0)) (.cse7 (= ~waterLevel~0 1))) (let ((.cse4 (not (= ~methAndRunningLastTime~0 0))) (.cse3 (not (= ~methaneLevelCritical~0 1))) (.cse8 (not .cse7)) (.cse0 (not .cse6)) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= 1 ~systemActive~0))) (.cse5 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse0 .cse1 .cse2 .cse5 .cse4) (or (not .cse1) .cse2 .cse6 .cse5 .cse7) (or .cse8 .cse0 .cse1 .cse2 .cse3) (or .cse8 .cse0 .cse1 .cse2 .cse5)))) [2022-11-03 03:47:36,575 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 361 372) no Hoare annotation was computed. [2022-11-03 03:47:36,575 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 361 372) the Hoare annotation is: (let ((.cse5 (= ~waterLevel~0 1))) (let ((.cse0 (not .cse5)) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (= |old(~waterLevel~0)| 1)) (.cse3 (not (= 1 ~systemActive~0))) (.cse4 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (= ~methaneLevelCritical~0 1))) (or .cse0 .cse1 .cse2 .cse3 .cse4) (or (not .cse1) (not .cse2) .cse3 .cse4 .cse5 (not (= ~methAndRunningLastTime~0 0)))))) [2022-11-03 03:47:36,579 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 03:47:36,581 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-03 03:47:36,616 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 03.11 03:47:36 BoogieIcfgContainer [2022-11-03 03:47:36,616 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-03 03:47:36,616 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-03 03:47:36,617 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-03 03:47:36,617 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-03 03:47:36,617 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 03:47:10" (3/4) ... [2022-11-03 03:47:36,620 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-03 03:47:36,626 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-03 03:47:36,626 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-03 03:47:36,626 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-03 03:47:36,626 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2022-11-03 03:47:36,626 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-03 03:47:36,627 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 03:47:36,627 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-03 03:47:36,634 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 71 nodes and edges [2022-11-03 03:47:36,634 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 26 nodes and edges [2022-11-03 03:47:36,635 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 12 nodes and edges [2022-11-03 03:47:36,635 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-03 03:47:36,636 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-11-03 03:47:36,636 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 03:47:36,637 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 03:47:36,670 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1))) && (((!(1 == systemActive) || !(methaneLevelCritical == 1)) || (1 == systemActive && (!(pumpRunning == 0) || waterLevel == 1))) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0))) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((!(1 == systemActive) || !(methaneLevelCritical == 0)) || (1 == systemActive && (!(pumpRunning == 0) || waterLevel == 1))) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0)) [2022-11-03 03:47:36,671 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((!(1 == systemActive) || (((pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive) && waterLevel == 1)) || !(methaneLevelCritical == 0)) || (!(pumpRunning == 0) && tmp == methaneLevelCritical)) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0)) && (((((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (methAndRunningLastTime == 0 && waterLevel == 1)) || !(methaneLevelCritical == 1))) && ((((!(1 == systemActive) || ((pumpRunning == 0 && 1 == systemActive) && tmp == methaneLevelCritical)) || (pumpRunning == 0 && waterLevel == 1)) || !(methaneLevelCritical == 1)) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0))) && ((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || (!(waterLevel == 1) && methAndRunningLastTime == 0)) || !(methaneLevelCritical == 1)) || (pumpRunning == 0 && 1 == systemActive))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive) && waterLevel == 1)) || !(methaneLevelCritical == 0))) && (((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) [2022-11-03 03:47:36,671 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(methAndRunningLastTime == 0)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(methAndRunningLastTime == 0))) && ((((!(pumpRunning == 0) || !(1 == systemActive)) || \old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || waterLevel == 1)) && ((((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1))) && ((((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) [2022-11-03 03:47:36,672 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((!(1 == systemActive) || (((pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive) && waterLevel == 1)) || !(methaneLevelCritical == 0)) || ((!(pumpRunning == 0) && tmp == 0) && tmp == methaneLevelCritical)) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0)) && (((((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || (methAndRunningLastTime == 0 && tmp == 0))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (methAndRunningLastTime == 0 && waterLevel == 1)) || !(methaneLevelCritical == 1))) && ((((!(1 == systemActive) || ((pumpRunning == 0 && 1 == systemActive) && tmp == methaneLevelCritical)) || (pumpRunning == 0 && waterLevel == 1)) || !(methaneLevelCritical == 1)) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0))) && ((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || (!(waterLevel == 1) && methAndRunningLastTime == 0)) || !(methaneLevelCritical == 1)) || (pumpRunning == 0 && 1 == systemActive))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive) && waterLevel == 1)) || !(methaneLevelCritical == 0)) [2022-11-03 03:47:36,673 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) && (((!(1 == systemActive) || ((!(pumpRunning == 0) || waterLevel == 1) && aux-isMethaneLevelCritical()-aux == 1)) || !(methaneLevelCritical == 1)) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0))) && (((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1))) && (((!(1 == systemActive) || !(methaneLevelCritical == 0)) || (aux-isMethaneLevelCritical()-aux == methaneLevelCritical && (!(pumpRunning == 0) || waterLevel == 1))) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0))) && (((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) [2022-11-03 03:47:36,673 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((pumpRunning == 0 && methAndRunningLastTime == 0) && 1 == systemActive) && waterLevel == 1)) || !(methaneLevelCritical == 0)) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || (!(waterLevel == 1) && methAndRunningLastTime == 0)) || (pumpRunning == 0 && methAndRunningLastTime == 0))) && ((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || (!(waterLevel == 1) && !(pumpRunning == 0))) || (pumpRunning == 0 && methAndRunningLastTime == 0))) && ((((!(1 == systemActive) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && tmp == methaneLevelCritical)) || (((pumpRunning == 0 && methAndRunningLastTime == 0) && 1 == systemActive) && waterLevel == 1)) || !(methaneLevelCritical == 1)) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || waterLevel == 1)) && ((((!(1 == systemActive) || (((pumpRunning == 0 && methAndRunningLastTime == 0) && 1 == systemActive) && waterLevel == 1)) || !(methaneLevelCritical == 0)) || (((methAndRunningLastTime == 0 && !(pumpRunning == 0)) && tmp == 0) && tmp == methaneLevelCritical)) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0))) && (((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || tmp == 0) || !(methaneLevelCritical == 0)) [2022-11-03 03:47:36,674 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || ((!(pumpRunning == 0) || waterLevel == 1) && tmp == methaneLevelCritical)) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0)) && (((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1))) && (((!(1 == systemActive) || !(methaneLevelCritical == 1)) || ((!(pumpRunning == 0) || waterLevel == 1) && tmp == methaneLevelCritical)) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0))) && (((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) [2022-11-03 03:47:36,674 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) && ((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1))) && ((!(1 == systemActive) || !(methaneLevelCritical == 1)) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0))) && ((!(1 == systemActive) || !(methaneLevelCritical == 0)) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0)) [2022-11-03 03:47:36,675 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(methAndRunningLastTime == 0)) && ((((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || (pumpRunning == 0 && tmp == 0)) || !(methaneLevelCritical == 1))) && (((!(1 == systemActive) || !(methaneLevelCritical == 0)) || (!(waterLevel == 1) && \old(pumpRunning) == 0)) || ((pumpRunning == 0 && tmp == 0) && waterLevel == 1))) && (((pumpRunning == 0 || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(methAndRunningLastTime == 0)) [2022-11-03 03:47:36,696 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/witness.graphml [2022-11-03 03:47:36,696 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-03 03:47:36,697 INFO L158 Benchmark]: Toolchain (without parser) took 28195.91ms. Allocated memory was 92.3MB in the beginning and 362.8MB in the end (delta: 270.5MB). Free memory was 60.0MB in the beginning and 238.5MB in the end (delta: -178.5MB). Peak memory consumption was 90.5MB. Max. memory is 16.1GB. [2022-11-03 03:47:36,698 INFO L158 Benchmark]: CDTParser took 0.30ms. Allocated memory is still 92.3MB. Free memory was 46.1MB in the beginning and 46.0MB in the end (delta: 47.2kB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-03 03:47:36,698 INFO L158 Benchmark]: CACSL2BoogieTranslator took 637.96ms. Allocated memory was 92.3MB in the beginning and 119.5MB in the end (delta: 27.3MB). Free memory was 59.8MB in the beginning and 87.0MB in the end (delta: -27.2MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. [2022-11-03 03:47:36,698 INFO L158 Benchmark]: Boogie Procedure Inliner took 77.68ms. Allocated memory is still 119.5MB. Free memory was 86.7MB in the beginning and 84.5MB in the end (delta: 2.2MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-03 03:47:36,699 INFO L158 Benchmark]: Boogie Preprocessor took 61.58ms. Allocated memory is still 119.5MB. Free memory was 84.5MB in the beginning and 82.8MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-03 03:47:36,699 INFO L158 Benchmark]: RCFGBuilder took 752.11ms. Allocated memory is still 119.5MB. Free memory was 82.8MB in the beginning and 87.5MB in the end (delta: -4.7MB). Peak memory consumption was 25.7MB. Max. memory is 16.1GB. [2022-11-03 03:47:36,699 INFO L158 Benchmark]: TraceAbstraction took 26577.13ms. Allocated memory was 119.5MB in the beginning and 362.8MB in the end (delta: 243.3MB). Free memory was 87.0MB in the beginning and 244.8MB in the end (delta: -157.8MB). Peak memory consumption was 210.9MB. Max. memory is 16.1GB. [2022-11-03 03:47:36,700 INFO L158 Benchmark]: Witness Printer took 80.12ms. Allocated memory is still 362.8MB. Free memory was 244.8MB in the beginning and 238.5MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-03 03:47:36,702 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.30ms. Allocated memory is still 92.3MB. Free memory was 46.1MB in the beginning and 46.0MB in the end (delta: 47.2kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 637.96ms. Allocated memory was 92.3MB in the beginning and 119.5MB in the end (delta: 27.3MB). Free memory was 59.8MB in the beginning and 87.0MB in the end (delta: -27.2MB). Peak memory consumption was 8.4MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 77.68ms. Allocated memory is still 119.5MB. Free memory was 86.7MB in the beginning and 84.5MB in the end (delta: 2.2MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 61.58ms. Allocated memory is still 119.5MB. Free memory was 84.5MB in the beginning and 82.8MB in the end (delta: 1.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 752.11ms. Allocated memory is still 119.5MB. Free memory was 82.8MB in the beginning and 87.5MB in the end (delta: -4.7MB). Peak memory consumption was 25.7MB. Max. memory is 16.1GB. * TraceAbstraction took 26577.13ms. Allocated memory was 119.5MB in the beginning and 362.8MB in the end (delta: 243.3MB). Free memory was 87.0MB in the beginning and 244.8MB in the end (delta: -157.8MB). Peak memory consumption was 210.9MB. Max. memory is 16.1GB. * Witness Printer took 80.12ms. Allocated memory is still 362.8MB. Free memory was 244.8MB in the beginning and 238.5MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 445]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 58 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 26.5s, OverallIterations: 10, TraceHistogramMax: 3, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.0s, AutomataDifference: 2.6s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 5.6s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 744 SdHoareTripleChecker+Valid, 1.5s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 728 mSDsluCounter, 1481 SdHoareTripleChecker+Invalid, 1.2s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 1187 mSDsCounter, 209 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 1792 IncrementalHoareTripleChecker+Invalid, 2001 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 209 mSolverCounterUnsat, 566 mSDtfsCounter, 1792 mSolverCounterSat, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 391 GetRequests, 276 SyntacticMatches, 7 SemanticMatches, 108 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1405 ImplicationChecksByTransitivity, 7.3s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=595occurred in iteration=9, InterpolantAutomatonStates: 66, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.4s AutomataMinimizationTime, 10 MinimizatonAttempts, 104 StatesRemovedByMinimization, 5 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 34 LocationsWithAnnotation, 1217 PreInvPairs, 1445 NumberOfFragments, 2448 HoareAnnotationTreeSize, 1217 FomulaSimplifications, 332 FormulaSimplificationTreeSizeReduction, 0.3s HoareSimplificationTime, 34 FomulaSimplificationsInter, 14958 FormulaSimplificationTreeSizeReductionInter, 5.2s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.4s SatisfiabilityAnalysisTime, 2.6s InterpolantComputationTime, 540 NumberOfCodeBlocks, 540 NumberOfCodeBlocksAsserted, 13 NumberOfCheckSat, 594 ConstructedInterpolants, 0 QuantifiedInterpolants, 1572 SizeOfPredicates, 14 NumberOfNonLiveVariables, 1216 ConjunctsInSsa, 58 ConjunctsInUnsatCore, 14 InterpolantComputations, 9 PerfectInterpolantSequences, 128/168 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 99]: Loop Invariant Derived loop invariant: (((((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(methAndRunningLastTime == 0)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(methAndRunningLastTime == 0))) && ((((!(pumpRunning == 0) || !(1 == systemActive)) || \old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || waterLevel == 1)) && ((((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1))) && ((((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) - InvariantResult [Line: 129]: Loop Invariant Derived loop invariant: ((((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || ((!(pumpRunning == 0) || waterLevel == 1) && tmp == methaneLevelCritical)) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0)) && (((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1))) && (((!(1 == systemActive) || !(methaneLevelCritical == 1)) || ((!(pumpRunning == 0) || waterLevel == 1) && tmp == methaneLevelCritical)) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0))) && (((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) - InvariantResult [Line: 103]: Loop Invariant Derived loop invariant: ((((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(methAndRunningLastTime == 0)) && ((((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || (pumpRunning == 0 && tmp == 0)) || !(methaneLevelCritical == 1))) && (((!(1 == systemActive) || !(methaneLevelCritical == 0)) || (!(waterLevel == 1) && \old(pumpRunning) == 0)) || ((pumpRunning == 0 && tmp == 0) && waterLevel == 1))) && (((pumpRunning == 0 || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(methAndRunningLastTime == 0)) - InvariantResult [Line: 63]: Loop Invariant Derived loop invariant: (((((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1))) && (((!(1 == systemActive) || !(methaneLevelCritical == 1)) || (1 == systemActive && (!(pumpRunning == 0) || waterLevel == 1))) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0))) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((!(1 == systemActive) || !(methaneLevelCritical == 0)) || (1 == systemActive && (!(pumpRunning == 0) || waterLevel == 1))) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0)) - InvariantResult [Line: 167]: Loop Invariant Derived loop invariant: ((((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) && (((!(1 == systemActive) || ((!(pumpRunning == 0) || waterLevel == 1) && aux-isMethaneLevelCritical()-aux == 1)) || !(methaneLevelCritical == 1)) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0))) && (((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1))) && (((!(1 == systemActive) || !(methaneLevelCritical == 0)) || (aux-isMethaneLevelCritical()-aux == methaneLevelCritical && (!(pumpRunning == 0) || waterLevel == 1))) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0))) && (((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) - InvariantResult [Line: 902]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 827]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 817]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 121]: Loop Invariant Derived loop invariant: (((((((((!(1 == systemActive) || (((pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive) && waterLevel == 1)) || !(methaneLevelCritical == 0)) || (!(pumpRunning == 0) && tmp == methaneLevelCritical)) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0)) && (((((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (methAndRunningLastTime == 0 && waterLevel == 1)) || !(methaneLevelCritical == 1))) && ((((!(1 == systemActive) || ((pumpRunning == 0 && 1 == systemActive) && tmp == methaneLevelCritical)) || (pumpRunning == 0 && waterLevel == 1)) || !(methaneLevelCritical == 1)) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0))) && ((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || (!(waterLevel == 1) && methAndRunningLastTime == 0)) || !(methaneLevelCritical == 1)) || (pumpRunning == 0 && 1 == systemActive))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive) && waterLevel == 1)) || !(methaneLevelCritical == 0))) && (((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) - InvariantResult [Line: 251]: Loop Invariant Derived loop invariant: ((((((!(waterLevel == 1) && !(pumpRunning == 0)) && 1 == systemActive) && methaneLevelCritical == 1) && splverifierCounter == 0) || ((((pumpRunning == 0 && methAndRunningLastTime == 0) && 1 == systemActive) && methaneLevelCritical == 1) && splverifierCounter == 0)) || ((((!(waterLevel == 1) && !(pumpRunning == 0)) && methaneLevelCritical == 0) && 1 == systemActive) && splverifierCounter == 0)) || (((methAndRunningLastTime == 0 && methaneLevelCritical == 0) && 1 == systemActive) && splverifierCounter == 0) - InvariantResult [Line: 902]: Loop Invariant Derived loop invariant: (((pumpRunning == 0 && methAndRunningLastTime == 0) && methaneLevelCritical == 0) && 1 == systemActive) && waterLevel == 1 - InvariantResult [Line: 316]: Loop Invariant Derived loop invariant: ((((((((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((pumpRunning == 0 && methAndRunningLastTime == 0) && 1 == systemActive) && waterLevel == 1)) || !(methaneLevelCritical == 0)) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || (!(waterLevel == 1) && methAndRunningLastTime == 0)) || (pumpRunning == 0 && methAndRunningLastTime == 0))) && ((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || (!(waterLevel == 1) && !(pumpRunning == 0))) || (pumpRunning == 0 && methAndRunningLastTime == 0))) && ((((!(1 == systemActive) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && tmp == methaneLevelCritical)) || (((pumpRunning == 0 && methAndRunningLastTime == 0) && 1 == systemActive) && waterLevel == 1)) || !(methaneLevelCritical == 1)) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || waterLevel == 1)) && ((((!(1 == systemActive) || (((pumpRunning == 0 && methAndRunningLastTime == 0) && 1 == systemActive) && waterLevel == 1)) || !(methaneLevelCritical == 0)) || (((methAndRunningLastTime == 0 && !(pumpRunning == 0)) && tmp == 0) && tmp == methaneLevelCritical)) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0))) && (((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || tmp == 0) || !(methaneLevelCritical == 0)) - InvariantResult [Line: 445]: Loop Invariant Derived loop invariant: ((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) && ((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1))) && ((!(1 == systemActive) || !(methaneLevelCritical == 1)) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0))) && ((!(1 == systemActive) || !(methaneLevelCritical == 0)) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0)) - InvariantResult [Line: 250]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 241]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 324]: Loop Invariant Derived loop invariant: (((((((((!(1 == systemActive) || (((pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive) && waterLevel == 1)) || !(methaneLevelCritical == 0)) || ((!(pumpRunning == 0) && tmp == 0) && tmp == methaneLevelCritical)) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0)) && (((((!(waterLevel == 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || (methAndRunningLastTime == 0 && tmp == 0))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (methAndRunningLastTime == 0 && waterLevel == 1)) || !(methaneLevelCritical == 1))) && ((((!(1 == systemActive) || ((pumpRunning == 0 && 1 == systemActive) && tmp == methaneLevelCritical)) || (pumpRunning == 0 && waterLevel == 1)) || !(methaneLevelCritical == 1)) || (!(\old(waterLevel) == 1) && \old(pumpRunning) == 0))) && ((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || (!(waterLevel == 1) && methAndRunningLastTime == 0)) || !(methaneLevelCritical == 1)) || (pumpRunning == 0 && 1 == systemActive))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || (((pumpRunning == 0 && methaneLevelCritical == 0) && 1 == systemActive) && waterLevel == 1)) || !(methaneLevelCritical == 0)) RESULT: Ultimate proved your program to be correct! [2022-11-03 03:47:36,766 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_b6243e94-2352-46d1-88ae-e0753785d5d3/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE