./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec2_product52.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 5e519f3a Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec2_product52.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 4583285deb29d8014ded34089a46614a743cea13eee9bbb990cdfd770bfce36e --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-5e519f3 [2022-11-03 02:16:18,986 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-03 02:16:18,988 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-03 02:16:19,032 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-03 02:16:19,033 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-03 02:16:19,037 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-03 02:16:19,040 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-03 02:16:19,047 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-03 02:16:19,049 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-03 02:16:19,060 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-03 02:16:19,061 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-03 02:16:19,063 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-03 02:16:19,064 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-03 02:16:19,066 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-03 02:16:19,069 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-03 02:16:19,071 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-03 02:16:19,073 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-03 02:16:19,074 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-03 02:16:19,076 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-03 02:16:19,084 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-03 02:16:19,087 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-03 02:16:19,089 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-03 02:16:19,091 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-03 02:16:19,094 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-03 02:16:19,101 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-03 02:16:19,106 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-03 02:16:19,106 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-03 02:16:19,107 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-03 02:16:19,109 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-03 02:16:19,110 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-03 02:16:19,111 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-03 02:16:19,112 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-03 02:16:19,114 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-03 02:16:19,116 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-03 02:16:19,118 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-03 02:16:19,118 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-03 02:16:19,119 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-03 02:16:19,119 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-03 02:16:19,120 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-03 02:16:19,121 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-03 02:16:19,122 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-03 02:16:19,123 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-03 02:16:19,166 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-03 02:16:19,169 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-03 02:16:19,170 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-03 02:16:19,170 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-03 02:16:19,171 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-03 02:16:19,171 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-03 02:16:19,172 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-03 02:16:19,172 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-03 02:16:19,172 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-03 02:16:19,172 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-03 02:16:19,174 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-03 02:16:19,174 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-03 02:16:19,174 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-03 02:16:19,175 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-03 02:16:19,175 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-03 02:16:19,175 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-03 02:16:19,175 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-03 02:16:19,176 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-03 02:16:19,176 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-03 02:16:19,177 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-03 02:16:19,177 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-03 02:16:19,177 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-03 02:16:19,178 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-03 02:16:19,178 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-03 02:16:19,178 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-03 02:16:19,178 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-03 02:16:19,179 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-03 02:16:19,179 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-03 02:16:19,179 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-03 02:16:19,179 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-03 02:16:19,180 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-03 02:16:19,180 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-03 02:16:19,180 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 02:16:19,181 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-03 02:16:19,181 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-03 02:16:19,181 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-03 02:16:19,181 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-03 02:16:19,182 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-03 02:16:19,182 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-03 02:16:19,182 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-03 02:16:19,182 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-03 02:16:19,183 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 4583285deb29d8014ded34089a46614a743cea13eee9bbb990cdfd770bfce36e [2022-11-03 02:16:19,484 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-03 02:16:19,528 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-03 02:16:19,530 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-03 02:16:19,532 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-03 02:16:19,532 INFO L275 PluginConnector]: CDTParser initialized [2022-11-03 02:16:19,534 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/../../sv-benchmarks/c/product-lines/minepump_spec2_product52.cil.c [2022-11-03 02:16:19,605 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/data/7c8ec68b8/50519b8fb9fc46418cb52591cb03726b/FLAG9c34c1e4a [2022-11-03 02:16:20,169 INFO L306 CDTParser]: Found 1 translation units. [2022-11-03 02:16:20,170 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/sv-benchmarks/c/product-lines/minepump_spec2_product52.cil.c [2022-11-03 02:16:20,181 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/data/7c8ec68b8/50519b8fb9fc46418cb52591cb03726b/FLAG9c34c1e4a [2022-11-03 02:16:20,434 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/data/7c8ec68b8/50519b8fb9fc46418cb52591cb03726b [2022-11-03 02:16:20,437 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-03 02:16:20,438 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-03 02:16:20,440 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-03 02:16:20,440 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-03 02:16:20,444 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-03 02:16:20,445 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 02:16:20" (1/1) ... [2022-11-03 02:16:20,446 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@237bad84 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:16:20, skipping insertion in model container [2022-11-03 02:16:20,446 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 02:16:20" (1/1) ... [2022-11-03 02:16:20,454 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-03 02:16:20,491 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-03 02:16:20,956 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/sv-benchmarks/c/product-lines/minepump_spec2_product52.cil.c[19177,19190] [2022-11-03 02:16:20,964 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 02:16:20,976 INFO L203 MainTranslator]: Completed pre-run [2022-11-03 02:16:21,077 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/sv-benchmarks/c/product-lines/minepump_spec2_product52.cil.c[19177,19190] [2022-11-03 02:16:21,077 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 02:16:21,095 INFO L208 MainTranslator]: Completed translation [2022-11-03 02:16:21,096 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:16:21 WrapperNode [2022-11-03 02:16:21,096 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-03 02:16:21,097 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-03 02:16:21,097 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-03 02:16:21,097 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-03 02:16:21,105 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:16:21" (1/1) ... [2022-11-03 02:16:21,120 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:16:21" (1/1) ... [2022-11-03 02:16:21,149 INFO L138 Inliner]: procedures = 58, calls = 158, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 265 [2022-11-03 02:16:21,149 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-03 02:16:21,150 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-03 02:16:21,150 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-03 02:16:21,150 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-03 02:16:21,167 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:16:21" (1/1) ... [2022-11-03 02:16:21,168 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:16:21" (1/1) ... [2022-11-03 02:16:21,170 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:16:21" (1/1) ... [2022-11-03 02:16:21,171 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:16:21" (1/1) ... [2022-11-03 02:16:21,177 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:16:21" (1/1) ... [2022-11-03 02:16:21,182 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:16:21" (1/1) ... [2022-11-03 02:16:21,184 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:16:21" (1/1) ... [2022-11-03 02:16:21,185 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:16:21" (1/1) ... [2022-11-03 02:16:21,188 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-03 02:16:21,189 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-03 02:16:21,189 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-03 02:16:21,189 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-03 02:16:21,194 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:16:21" (1/1) ... [2022-11-03 02:16:21,218 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 02:16:21,231 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:16:21,242 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-03 02:16:21,246 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-03 02:16:21,283 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-03 02:16:21,283 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-03 02:16:21,283 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-03 02:16:21,284 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-11-03 02:16:21,284 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-11-03 02:16:21,284 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-03 02:16:21,284 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-03 02:16:21,284 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-03 02:16:21,284 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-03 02:16:21,284 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 02:16:21,285 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 02:16:21,285 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-03 02:16:21,285 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-03 02:16:21,285 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-11-03 02:16:21,285 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-11-03 02:16:21,285 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-03 02:16:21,285 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-03 02:16:21,285 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-03 02:16:21,286 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-03 02:16:21,286 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-03 02:16:21,403 INFO L235 CfgBuilder]: Building ICFG [2022-11-03 02:16:21,405 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-03 02:16:21,887 INFO L276 CfgBuilder]: Performing block encoding [2022-11-03 02:16:22,087 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-03 02:16:22,090 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-03 02:16:22,093 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 02:16:22 BoogieIcfgContainer [2022-11-03 02:16:22,094 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-03 02:16:22,097 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-03 02:16:22,097 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-03 02:16:22,101 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-03 02:16:22,102 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.11 02:16:20" (1/3) ... [2022-11-03 02:16:22,102 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@382f29ac and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 02:16:22, skipping insertion in model container [2022-11-03 02:16:22,103 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:16:21" (2/3) ... [2022-11-03 02:16:22,103 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@382f29ac and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 02:16:22, skipping insertion in model container [2022-11-03 02:16:22,104 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 02:16:22" (3/3) ... [2022-11-03 02:16:22,105 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec2_product52.cil.c [2022-11-03 02:16:22,127 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-03 02:16:22,127 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-03 02:16:22,201 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-03 02:16:22,216 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@2a978483, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-03 02:16:22,217 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-03 02:16:22,221 INFO L276 IsEmpty]: Start isEmpty. Operand has 64 states, 41 states have (on average 1.4634146341463414) internal successors, (60), 50 states have internal predecessors, (60), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2022-11-03 02:16:22,232 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2022-11-03 02:16:22,232 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:16:22,233 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:16:22,234 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:16:22,242 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:16:22,243 INFO L85 PathProgramCache]: Analyzing trace with hash 1871913479, now seen corresponding path program 1 times [2022-11-03 02:16:22,253 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:16:22,255 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2126756874] [2022-11-03 02:16:22,255 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:16:22,256 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:16:22,449 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:16:22,532 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:16:22,533 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:16:22,533 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2126756874] [2022-11-03 02:16:22,534 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2126756874] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:16:22,534 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:16:22,534 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-03 02:16:22,536 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2058888865] [2022-11-03 02:16:22,537 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:16:22,542 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-03 02:16:22,542 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:16:22,580 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-03 02:16:22,582 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 02:16:22,583 INFO L87 Difference]: Start difference. First operand has 64 states, 41 states have (on average 1.4634146341463414) internal successors, (60), 50 states have internal predecessors, (60), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) Second operand has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:16:22,666 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:16:22,666 INFO L93 Difference]: Finished difference Result 126 states and 173 transitions. [2022-11-03 02:16:22,668 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-03 02:16:22,669 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 17 [2022-11-03 02:16:22,669 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:16:22,678 INFO L225 Difference]: With dead ends: 126 [2022-11-03 02:16:22,678 INFO L226 Difference]: Without dead ends: 59 [2022-11-03 02:16:22,682 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 02:16:22,685 INFO L413 NwaCegarLoop]: 65 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 65 SdHoareTripleChecker+Invalid, 19 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:16:22,686 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 65 Invalid, 19 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:16:22,703 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 59 states. [2022-11-03 02:16:22,730 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 59 to 59. [2022-11-03 02:16:22,732 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 59 states, 38 states have (on average 1.368421052631579) internal successors, (52), 46 states have internal predecessors, (52), 13 states have call successors, (13), 8 states have call predecessors, (13), 7 states have return successors, (12), 9 states have call predecessors, (12), 12 states have call successors, (12) [2022-11-03 02:16:22,742 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 59 states to 59 states and 77 transitions. [2022-11-03 02:16:22,744 INFO L78 Accepts]: Start accepts. Automaton has 59 states and 77 transitions. Word has length 17 [2022-11-03 02:16:22,745 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:16:22,745 INFO L495 AbstractCegarLoop]: Abstraction has 59 states and 77 transitions. [2022-11-03 02:16:22,747 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:16:22,747 INFO L276 IsEmpty]: Start isEmpty. Operand 59 states and 77 transitions. [2022-11-03 02:16:22,752 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 19 [2022-11-03 02:16:22,753 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:16:22,753 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:16:22,753 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-03 02:16:22,754 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:16:22,755 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:16:22,755 INFO L85 PathProgramCache]: Analyzing trace with hash 1788829300, now seen corresponding path program 1 times [2022-11-03 02:16:22,756 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:16:22,756 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1675069498] [2022-11-03 02:16:22,757 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:16:22,757 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:16:22,804 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:16:22,944 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:16:22,944 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:16:22,944 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1675069498] [2022-11-03 02:16:22,944 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1675069498] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:16:22,945 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:16:22,945 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 02:16:22,945 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1182041830] [2022-11-03 02:16:22,945 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:16:22,947 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 02:16:22,948 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:16:22,948 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 02:16:22,950 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 02:16:22,950 INFO L87 Difference]: Start difference. First operand 59 states and 77 transitions. Second operand has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:16:23,016 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:16:23,016 INFO L93 Difference]: Finished difference Result 90 states and 116 transitions. [2022-11-03 02:16:23,017 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 02:16:23,017 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 18 [2022-11-03 02:16:23,017 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:16:23,018 INFO L225 Difference]: With dead ends: 90 [2022-11-03 02:16:23,019 INFO L226 Difference]: Without dead ends: 51 [2022-11-03 02:16:23,019 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 02:16:23,021 INFO L413 NwaCegarLoop]: 51 mSDtfsCounter, 14 mSDsluCounter, 46 mSDsCounter, 0 mSdLazyCounter, 26 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 18 SdHoareTripleChecker+Valid, 86 SdHoareTripleChecker+Invalid, 26 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 26 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-03 02:16:23,022 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [18 Valid, 86 Invalid, 26 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 26 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-03 02:16:23,022 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 51 states. [2022-11-03 02:16:23,028 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 51 to 51. [2022-11-03 02:16:23,029 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 51 states, 33 states have (on average 1.393939393939394) internal successors, (46), 41 states have internal predecessors, (46), 10 states have call successors, (10), 7 states have call predecessors, (10), 7 states have return successors, (10), 7 states have call predecessors, (10), 10 states have call successors, (10) [2022-11-03 02:16:23,036 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 51 states to 51 states and 66 transitions. [2022-11-03 02:16:23,037 INFO L78 Accepts]: Start accepts. Automaton has 51 states and 66 transitions. Word has length 18 [2022-11-03 02:16:23,037 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:16:23,038 INFO L495 AbstractCegarLoop]: Abstraction has 51 states and 66 transitions. [2022-11-03 02:16:23,039 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:16:23,040 INFO L276 IsEmpty]: Start isEmpty. Operand 51 states and 66 transitions. [2022-11-03 02:16:23,041 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2022-11-03 02:16:23,042 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:16:23,042 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:16:23,043 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-03 02:16:23,043 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:16:23,043 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:16:23,048 INFO L85 PathProgramCache]: Analyzing trace with hash 605785607, now seen corresponding path program 1 times [2022-11-03 02:16:23,049 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:16:23,049 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1122532548] [2022-11-03 02:16:23,049 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:16:23,050 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:16:23,081 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:16:23,208 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:16:23,208 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:16:23,208 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1122532548] [2022-11-03 02:16:23,209 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1122532548] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:16:23,209 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:16:23,209 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-03 02:16:23,209 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [249377032] [2022-11-03 02:16:23,209 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:16:23,210 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-03 02:16:23,210 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:16:23,211 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-03 02:16:23,211 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-03 02:16:23,211 INFO L87 Difference]: Start difference. First operand 51 states and 66 transitions. Second operand has 4 states, 4 states have (on average 4.5) internal successors, (18), 4 states have internal predecessors, (18), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:16:23,326 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:16:23,326 INFO L93 Difference]: Finished difference Result 134 states and 174 transitions. [2022-11-03 02:16:23,327 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-03 02:16:23,327 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 4.5) internal successors, (18), 4 states have internal predecessors, (18), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 21 [2022-11-03 02:16:23,327 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:16:23,328 INFO L225 Difference]: With dead ends: 134 [2022-11-03 02:16:23,329 INFO L226 Difference]: Without dead ends: 85 [2022-11-03 02:16:23,330 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-03 02:16:23,331 INFO L413 NwaCegarLoop]: 61 mSDtfsCounter, 89 mSDsluCounter, 95 mSDsCounter, 0 mSdLazyCounter, 47 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 93 SdHoareTripleChecker+Valid, 135 SdHoareTripleChecker+Invalid, 56 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 47 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:16:23,332 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [93 Valid, 135 Invalid, 56 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 47 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:16:23,333 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 85 states. [2022-11-03 02:16:23,348 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 85 to 82. [2022-11-03 02:16:23,349 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 82 states, 54 states have (on average 1.3888888888888888) internal successors, (75), 65 states have internal predecessors, (75), 15 states have call successors, (15), 12 states have call predecessors, (15), 12 states have return successors, (16), 11 states have call predecessors, (16), 15 states have call successors, (16) [2022-11-03 02:16:23,349 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 82 states to 82 states and 106 transitions. [2022-11-03 02:16:23,350 INFO L78 Accepts]: Start accepts. Automaton has 82 states and 106 transitions. Word has length 21 [2022-11-03 02:16:23,350 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:16:23,350 INFO L495 AbstractCegarLoop]: Abstraction has 82 states and 106 transitions. [2022-11-03 02:16:23,350 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 4.5) internal successors, (18), 4 states have internal predecessors, (18), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:16:23,351 INFO L276 IsEmpty]: Start isEmpty. Operand 82 states and 106 transitions. [2022-11-03 02:16:23,352 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2022-11-03 02:16:23,352 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:16:23,352 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:16:23,352 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-03 02:16:23,352 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:16:23,353 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:16:23,353 INFO L85 PathProgramCache]: Analyzing trace with hash 2039617653, now seen corresponding path program 1 times [2022-11-03 02:16:23,353 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:16:23,353 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1186747822] [2022-11-03 02:16:23,353 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:16:23,354 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:16:23,398 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:16:23,599 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:16:23,599 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:16:23,600 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1186747822] [2022-11-03 02:16:23,600 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1186747822] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:16:23,600 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:16:23,600 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-03 02:16:23,600 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1191323836] [2022-11-03 02:16:23,601 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:16:23,601 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-03 02:16:23,602 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:16:23,602 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-03 02:16:23,603 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-03 02:16:23,603 INFO L87 Difference]: Start difference. First operand 82 states and 106 transitions. Second operand has 4 states, 4 states have (on average 5.25) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:16:23,729 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:16:23,729 INFO L93 Difference]: Finished difference Result 199 states and 267 transitions. [2022-11-03 02:16:23,730 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-03 02:16:23,730 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 5.25) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2022-11-03 02:16:23,731 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:16:23,738 INFO L225 Difference]: With dead ends: 199 [2022-11-03 02:16:23,738 INFO L226 Difference]: Without dead ends: 119 [2022-11-03 02:16:23,746 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-03 02:16:23,753 INFO L413 NwaCegarLoop]: 58 mSDtfsCounter, 36 mSDsluCounter, 118 mSDsCounter, 0 mSdLazyCounter, 51 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 36 SdHoareTripleChecker+Valid, 157 SdHoareTripleChecker+Invalid, 59 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 51 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:16:23,753 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [36 Valid, 157 Invalid, 59 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 51 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:16:23,754 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 119 states. [2022-11-03 02:16:23,789 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 119 to 112. [2022-11-03 02:16:23,790 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 112 states, 76 states have (on average 1.3026315789473684) internal successors, (99), 86 states have internal predecessors, (99), 18 states have call successors, (18), 17 states have call predecessors, (18), 17 states have return successors, (24), 17 states have call predecessors, (24), 18 states have call successors, (24) [2022-11-03 02:16:23,791 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 112 states to 112 states and 141 transitions. [2022-11-03 02:16:23,791 INFO L78 Accepts]: Start accepts. Automaton has 112 states and 141 transitions. Word has length 24 [2022-11-03 02:16:23,791 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:16:23,791 INFO L495 AbstractCegarLoop]: Abstraction has 112 states and 141 transitions. [2022-11-03 02:16:23,792 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 5.25) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:16:23,792 INFO L276 IsEmpty]: Start isEmpty. Operand 112 states and 141 transitions. [2022-11-03 02:16:23,793 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2022-11-03 02:16:23,793 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:16:23,793 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:16:23,793 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-03 02:16:23,794 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:16:23,794 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:16:23,794 INFO L85 PathProgramCache]: Analyzing trace with hash 1680772318, now seen corresponding path program 1 times [2022-11-03 02:16:23,794 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:16:23,794 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [272396122] [2022-11-03 02:16:23,795 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:16:23,795 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:16:23,811 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:16:23,903 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:16:23,903 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:16:23,904 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [272396122] [2022-11-03 02:16:23,904 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [272396122] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:16:23,904 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:16:23,905 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 02:16:23,908 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1292673867] [2022-11-03 02:16:23,911 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:16:23,912 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 02:16:23,912 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:16:23,913 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 02:16:23,913 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 02:16:23,914 INFO L87 Difference]: Start difference. First operand 112 states and 141 transitions. Second operand has 3 states, 3 states have (on average 8.0) internal successors, (24), 3 states have internal predecessors, (24), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 02:16:24,012 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:16:24,012 INFO L93 Difference]: Finished difference Result 186 states and 241 transitions. [2022-11-03 02:16:24,012 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 02:16:24,013 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.0) internal successors, (24), 3 states have internal predecessors, (24), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 29 [2022-11-03 02:16:24,013 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:16:24,015 INFO L225 Difference]: With dead ends: 186 [2022-11-03 02:16:24,015 INFO L226 Difference]: Without dead ends: 184 [2022-11-03 02:16:24,015 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 02:16:24,016 INFO L413 NwaCegarLoop]: 60 mSDtfsCounter, 42 mSDsluCounter, 61 mSDsCounter, 0 mSdLazyCounter, 31 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 42 SdHoareTripleChecker+Valid, 108 SdHoareTripleChecker+Invalid, 36 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 31 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:16:24,016 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [42 Valid, 108 Invalid, 36 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 31 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:16:24,017 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 184 states. [2022-11-03 02:16:24,043 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 184 to 169. [2022-11-03 02:16:24,044 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 169 states, 113 states have (on average 1.3097345132743363) internal successors, (148), 129 states have internal predecessors, (148), 29 states have call successors, (29), 27 states have call predecessors, (29), 26 states have return successors, (45), 25 states have call predecessors, (45), 29 states have call successors, (45) [2022-11-03 02:16:24,045 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 169 states to 169 states and 222 transitions. [2022-11-03 02:16:24,045 INFO L78 Accepts]: Start accepts. Automaton has 169 states and 222 transitions. Word has length 29 [2022-11-03 02:16:24,046 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:16:24,046 INFO L495 AbstractCegarLoop]: Abstraction has 169 states and 222 transitions. [2022-11-03 02:16:24,046 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.0) internal successors, (24), 3 states have internal predecessors, (24), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 02:16:24,046 INFO L276 IsEmpty]: Start isEmpty. Operand 169 states and 222 transitions. [2022-11-03 02:16:24,049 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2022-11-03 02:16:24,049 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:16:24,050 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:16:24,050 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-03 02:16:24,050 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:16:24,050 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:16:24,050 INFO L85 PathProgramCache]: Analyzing trace with hash -522628244, now seen corresponding path program 1 times [2022-11-03 02:16:24,051 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:16:24,051 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1116313877] [2022-11-03 02:16:24,051 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:16:24,051 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:16:24,070 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:16:24,118 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2022-11-03 02:16:24,118 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:16:24,118 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1116313877] [2022-11-03 02:16:24,118 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1116313877] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:16:24,118 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:16:24,119 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-03 02:16:24,119 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1043457184] [2022-11-03 02:16:24,119 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:16:24,119 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-03 02:16:24,120 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:16:24,120 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-03 02:16:24,120 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-03 02:16:24,121 INFO L87 Difference]: Start difference. First operand 169 states and 222 transitions. Second operand has 4 states, 3 states have (on average 14.666666666666666) internal successors, (44), 4 states have internal predecessors, (44), 3 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) [2022-11-03 02:16:24,246 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:16:24,246 INFO L93 Difference]: Finished difference Result 337 states and 443 transitions. [2022-11-03 02:16:24,247 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-11-03 02:16:24,248 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 14.666666666666666) internal successors, (44), 4 states have internal predecessors, (44), 3 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) Word has length 60 [2022-11-03 02:16:24,248 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:16:24,249 INFO L225 Difference]: With dead ends: 337 [2022-11-03 02:16:24,250 INFO L226 Difference]: Without dead ends: 170 [2022-11-03 02:16:24,251 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-03 02:16:24,252 INFO L413 NwaCegarLoop]: 72 mSDtfsCounter, 82 mSDsluCounter, 63 mSDsCounter, 0 mSdLazyCounter, 80 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 82 SdHoareTripleChecker+Valid, 116 SdHoareTripleChecker+Invalid, 84 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 80 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:16:24,252 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [82 Valid, 116 Invalid, 84 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 80 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:16:24,253 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 170 states. [2022-11-03 02:16:24,273 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 170 to 159. [2022-11-03 02:16:24,273 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 159 states, 107 states have (on average 1.2990654205607477) internal successors, (139), 121 states have internal predecessors, (139), 26 states have call successors, (26), 25 states have call predecessors, (26), 25 states have return successors, (36), 24 states have call predecessors, (36), 26 states have call successors, (36) [2022-11-03 02:16:24,275 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 159 states to 159 states and 201 transitions. [2022-11-03 02:16:24,275 INFO L78 Accepts]: Start accepts. Automaton has 159 states and 201 transitions. Word has length 60 [2022-11-03 02:16:24,275 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:16:24,275 INFO L495 AbstractCegarLoop]: Abstraction has 159 states and 201 transitions. [2022-11-03 02:16:24,276 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 14.666666666666666) internal successors, (44), 4 states have internal predecessors, (44), 3 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) [2022-11-03 02:16:24,276 INFO L276 IsEmpty]: Start isEmpty. Operand 159 states and 201 transitions. [2022-11-03 02:16:24,278 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2022-11-03 02:16:24,278 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:16:24,278 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:16:24,278 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-03 02:16:24,278 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:16:24,279 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:16:24,279 INFO L85 PathProgramCache]: Analyzing trace with hash -1539119106, now seen corresponding path program 1 times [2022-11-03 02:16:24,279 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:16:24,279 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1847625605] [2022-11-03 02:16:24,279 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:16:24,280 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:16:24,299 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:16:24,427 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 19 proven. 2 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2022-11-03 02:16:24,427 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:16:24,427 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1847625605] [2022-11-03 02:16:24,427 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1847625605] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:16:24,428 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1218655586] [2022-11-03 02:16:24,428 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:16:24,428 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:16:24,428 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:16:24,430 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:16:24,438 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-03 02:16:24,603 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:16:24,606 INFO L263 TraceCheckSpWp]: Trace formula consists of 428 conjuncts, 4 conjunts are in the unsatisfiable core [2022-11-03 02:16:24,612 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:16:24,751 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 26 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:16:24,751 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-03 02:16:24,752 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1218655586] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:16:24,752 INFO L184 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2022-11-03 02:16:24,752 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2022-11-03 02:16:24,752 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1667672216] [2022-11-03 02:16:24,755 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:16:24,755 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 02:16:24,755 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:16:24,756 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 02:16:24,756 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=18, Unknown=0, NotChecked=0, Total=30 [2022-11-03 02:16:24,756 INFO L87 Difference]: Start difference. First operand 159 states and 201 transitions. Second operand has 3 states, 3 states have (on average 15.333333333333334) internal successors, (46), 3 states have internal predecessors, (46), 3 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) [2022-11-03 02:16:24,843 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:16:24,844 INFO L93 Difference]: Finished difference Result 307 states and 397 transitions. [2022-11-03 02:16:24,844 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 02:16:24,844 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 15.333333333333334) internal successors, (46), 3 states have internal predecessors, (46), 3 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) Word has length 57 [2022-11-03 02:16:24,846 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:16:24,850 INFO L225 Difference]: With dead ends: 307 [2022-11-03 02:16:24,851 INFO L226 Difference]: Without dead ends: 150 [2022-11-03 02:16:24,852 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 63 GetRequests, 59 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=12, Invalid=18, Unknown=0, NotChecked=0, Total=30 [2022-11-03 02:16:24,853 INFO L413 NwaCegarLoop]: 75 mSDtfsCounter, 28 mSDsluCounter, 44 mSDsCounter, 0 mSdLazyCounter, 40 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 28 SdHoareTripleChecker+Valid, 111 SdHoareTripleChecker+Invalid, 42 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 40 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:16:24,855 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [28 Valid, 111 Invalid, 42 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 40 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:16:24,856 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 150 states. [2022-11-03 02:16:24,885 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 150 to 150. [2022-11-03 02:16:24,887 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 150 states, 102 states have (on average 1.2549019607843137) internal successors, (128), 114 states have internal predecessors, (128), 24 states have call successors, (24), 23 states have call predecessors, (24), 23 states have return successors, (31), 23 states have call predecessors, (31), 24 states have call successors, (31) [2022-11-03 02:16:24,889 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 150 states to 150 states and 183 transitions. [2022-11-03 02:16:24,890 INFO L78 Accepts]: Start accepts. Automaton has 150 states and 183 transitions. Word has length 57 [2022-11-03 02:16:24,891 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:16:24,891 INFO L495 AbstractCegarLoop]: Abstraction has 150 states and 183 transitions. [2022-11-03 02:16:24,891 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 15.333333333333334) internal successors, (46), 3 states have internal predecessors, (46), 3 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) [2022-11-03 02:16:24,891 INFO L276 IsEmpty]: Start isEmpty. Operand 150 states and 183 transitions. [2022-11-03 02:16:24,900 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2022-11-03 02:16:24,900 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:16:24,903 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:16:24,946 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-03 02:16:25,118 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:16:25,119 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:16:25,119 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:16:25,120 INFO L85 PathProgramCache]: Analyzing trace with hash 215137069, now seen corresponding path program 1 times [2022-11-03 02:16:25,120 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:16:25,120 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [101515165] [2022-11-03 02:16:25,120 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:16:25,120 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:16:25,150 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:16:25,622 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 18 proven. 2 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-11-03 02:16:25,622 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:16:25,622 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [101515165] [2022-11-03 02:16:25,623 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [101515165] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:16:25,623 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1438623081] [2022-11-03 02:16:25,623 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:16:25,623 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:16:25,624 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:16:25,625 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:16:25,646 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-03 02:16:25,740 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:16:25,743 INFO L263 TraceCheckSpWp]: Trace formula consists of 433 conjuncts, 17 conjunts are in the unsatisfiable core [2022-11-03 02:16:25,745 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:16:26,092 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 24 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:16:26,092 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-03 02:16:26,092 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1438623081] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:16:26,093 INFO L184 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2022-11-03 02:16:26,093 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [9] total 14 [2022-11-03 02:16:26,093 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1329064039] [2022-11-03 02:16:26,093 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:16:26,095 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-03 02:16:26,095 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:16:26,095 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-03 02:16:26,096 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=40, Invalid=142, Unknown=0, NotChecked=0, Total=182 [2022-11-03 02:16:26,097 INFO L87 Difference]: Start difference. First operand 150 states and 183 transitions. Second operand has 8 states, 8 states have (on average 5.875) internal successors, (47), 8 states have internal predecessors, (47), 4 states have call successors, (7), 4 states have call predecessors, (7), 3 states have return successors, (6), 2 states have call predecessors, (6), 4 states have call successors, (6) [2022-11-03 02:16:26,587 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:16:26,587 INFO L93 Difference]: Finished difference Result 410 states and 507 transitions. [2022-11-03 02:16:26,587 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 13 states. [2022-11-03 02:16:26,587 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 5.875) internal successors, (47), 8 states have internal predecessors, (47), 4 states have call successors, (7), 4 states have call predecessors, (7), 3 states have return successors, (6), 2 states have call predecessors, (6), 4 states have call successors, (6) Word has length 60 [2022-11-03 02:16:26,588 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:16:26,592 INFO L225 Difference]: With dead ends: 410 [2022-11-03 02:16:26,592 INFO L226 Difference]: Without dead ends: 262 [2022-11-03 02:16:26,593 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 75 GetRequests, 57 SyntacticMatches, 0 SemanticMatches, 18 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 49 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=88, Invalid=292, Unknown=0, NotChecked=0, Total=380 [2022-11-03 02:16:26,595 INFO L413 NwaCegarLoop]: 66 mSDtfsCounter, 150 mSDsluCounter, 180 mSDsCounter, 0 mSdLazyCounter, 253 mSolverCounterSat, 66 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 156 SdHoareTripleChecker+Valid, 214 SdHoareTripleChecker+Invalid, 319 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 66 IncrementalHoareTripleChecker+Valid, 253 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-03 02:16:26,596 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [156 Valid, 214 Invalid, 319 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [66 Valid, 253 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-03 02:16:26,597 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 262 states. [2022-11-03 02:16:26,630 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 262 to 251. [2022-11-03 02:16:26,631 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 251 states, 175 states have (on average 1.262857142857143) internal successors, (221), 192 states have internal predecessors, (221), 37 states have call successors, (37), 36 states have call predecessors, (37), 38 states have return successors, (44), 38 states have call predecessors, (44), 37 states have call successors, (44) [2022-11-03 02:16:26,633 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 251 states to 251 states and 302 transitions. [2022-11-03 02:16:26,633 INFO L78 Accepts]: Start accepts. Automaton has 251 states and 302 transitions. Word has length 60 [2022-11-03 02:16:26,633 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:16:26,633 INFO L495 AbstractCegarLoop]: Abstraction has 251 states and 302 transitions. [2022-11-03 02:16:26,634 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 5.875) internal successors, (47), 8 states have internal predecessors, (47), 4 states have call successors, (7), 4 states have call predecessors, (7), 3 states have return successors, (6), 2 states have call predecessors, (6), 4 states have call successors, (6) [2022-11-03 02:16:26,634 INFO L276 IsEmpty]: Start isEmpty. Operand 251 states and 302 transitions. [2022-11-03 02:16:26,635 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 64 [2022-11-03 02:16:26,635 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:16:26,635 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:16:26,674 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-03 02:16:26,862 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable7 [2022-11-03 02:16:26,862 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:16:26,863 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:16:26,863 INFO L85 PathProgramCache]: Analyzing trace with hash 1039553112, now seen corresponding path program 1 times [2022-11-03 02:16:26,863 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:16:26,863 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [642097624] [2022-11-03 02:16:26,863 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:16:26,863 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:16:26,896 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:16:27,048 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 18 proven. 1 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2022-11-03 02:16:27,048 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:16:27,048 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [642097624] [2022-11-03 02:16:27,048 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [642097624] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:16:27,048 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [62823299] [2022-11-03 02:16:27,048 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:16:27,052 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:16:27,052 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:16:27,053 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:16:27,078 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-11-03 02:16:27,172 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:16:27,175 INFO L263 TraceCheckSpWp]: Trace formula consists of 439 conjuncts, 34 conjunts are in the unsatisfiable core [2022-11-03 02:16:27,181 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:16:27,633 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 13 proven. 11 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:16:27,633 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 02:16:28,239 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 11 proven. 3 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2022-11-03 02:16:28,240 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [62823299] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 02:16:28,240 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [106206901] [2022-11-03 02:16:28,259 INFO L159 IcfgInterpreter]: Started Sifa with 40 locations of interest [2022-11-03 02:16:28,259 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 02:16:28,263 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 02:16:28,268 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 02:16:28,269 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 02:16:36,193 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 296 for LOIs [2022-11-03 02:16:36,247 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 303 for LOIs [2022-11-03 02:16:41,250 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 299 for LOIs [2022-11-03 02:16:41,820 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 315 for LOIs [2022-11-03 02:16:41,936 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 02:16:56,621 WARN L234 SmtUtils]: Spent 5.12s on a formula simplification. DAG size of input: 352 DAG size of output: 314 (called from [L 360] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-03 02:17:02,395 WARN L234 SmtUtils]: Spent 5.19s on a formula simplification. DAG size of input: 356 DAG size of output: 319 (called from [L 360] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-03 02:17:08,387 WARN L234 SmtUtils]: Spent 5.39s on a formula simplification. DAG size of input: 354 DAG size of output: 317 (called from [L 360] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-03 02:17:40,988 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSifa [106206901] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:17:40,988 INFO L184 FreeRefinementEngine]: Found 1 perfect and 3 imperfect interpolant sequences. [2022-11-03 02:17:40,988 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [21] imperfect sequences [7, 12, 14] total 49 [2022-11-03 02:17:40,989 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1797291598] [2022-11-03 02:17:40,989 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:17:40,990 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 22 states [2022-11-03 02:17:40,990 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:17:40,990 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 22 interpolants. [2022-11-03 02:17:40,991 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=344, Invalid=2008, Unknown=0, NotChecked=0, Total=2352 [2022-11-03 02:17:40,992 INFO L87 Difference]: Start difference. First operand 251 states and 302 transitions. Second operand has 22 states, 18 states have (on average 1.7777777777777777) internal successors, (32), 18 states have internal predecessors, (32), 5 states have call successors, (6), 5 states have call predecessors, (6), 4 states have return successors, (6), 5 states have call predecessors, (6), 5 states have call successors, (6) [2022-11-03 02:17:54,564 WARN L234 SmtUtils]: Spent 5.10s on a formula simplification. DAG size of input: 317 DAG size of output: 312 (called from [L 360] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-03 02:18:00,204 WARN L234 SmtUtils]: Spent 5.32s on a formula simplification. DAG size of input: 321 DAG size of output: 316 (called from [L 360] de.uni_freiburg.informatik.ultimate.lib.modelcheckerutils.smt.predicates.PredicateUnifier.getOrConstructPredicate) [2022-11-03 02:18:21,446 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:18:21,446 INFO L93 Difference]: Finished difference Result 656 states and 800 transitions. [2022-11-03 02:18:21,447 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2022-11-03 02:18:21,447 INFO L78 Accepts]: Start accepts. Automaton has has 22 states, 18 states have (on average 1.7777777777777777) internal successors, (32), 18 states have internal predecessors, (32), 5 states have call successors, (6), 5 states have call predecessors, (6), 4 states have return successors, (6), 5 states have call predecessors, (6), 5 states have call successors, (6) Word has length 63 [2022-11-03 02:18:21,448 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:18:21,450 INFO L225 Difference]: With dead ends: 656 [2022-11-03 02:18:21,450 INFO L226 Difference]: Without dead ends: 407 [2022-11-03 02:18:21,452 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 205 GetRequests, 140 SyntacticMatches, 7 SemanticMatches, 58 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1181 ImplicationChecksByTransitivity, 93.3s TimeCoverageRelationStatistics Valid=550, Invalid=2990, Unknown=0, NotChecked=0, Total=3540 [2022-11-03 02:18:21,453 INFO L413 NwaCegarLoop]: 80 mSDtfsCounter, 157 mSDsluCounter, 647 mSDsCounter, 0 mSdLazyCounter, 1553 mSolverCounterSat, 90 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 5.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 160 SdHoareTripleChecker+Valid, 671 SdHoareTripleChecker+Invalid, 1643 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 90 IncrementalHoareTripleChecker+Valid, 1553 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 6.4s IncrementalHoareTripleChecker+Time [2022-11-03 02:18:21,453 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [160 Valid, 671 Invalid, 1643 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [90 Valid, 1553 Invalid, 0 Unknown, 0 Unchecked, 6.4s Time] [2022-11-03 02:18:21,455 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 407 states. [2022-11-03 02:18:21,625 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 407 to 369. [2022-11-03 02:18:21,626 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 369 states, 259 states have (on average 1.2586872586872586) internal successors, (326), 279 states have internal predecessors, (326), 53 states have call successors, (53), 52 states have call predecessors, (53), 56 states have return successors, (64), 55 states have call predecessors, (64), 53 states have call successors, (64) [2022-11-03 02:18:21,628 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 369 states to 369 states and 443 transitions. [2022-11-03 02:18:21,629 INFO L78 Accepts]: Start accepts. Automaton has 369 states and 443 transitions. Word has length 63 [2022-11-03 02:18:21,629 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:18:21,629 INFO L495 AbstractCegarLoop]: Abstraction has 369 states and 443 transitions. [2022-11-03 02:18:21,630 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 22 states, 18 states have (on average 1.7777777777777777) internal successors, (32), 18 states have internal predecessors, (32), 5 states have call successors, (6), 5 states have call predecessors, (6), 4 states have return successors, (6), 5 states have call predecessors, (6), 5 states have call successors, (6) [2022-11-03 02:18:21,630 INFO L276 IsEmpty]: Start isEmpty. Operand 369 states and 443 transitions. [2022-11-03 02:18:21,631 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 67 [2022-11-03 02:18:21,632 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:18:21,632 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:18:21,677 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2022-11-03 02:18:21,848 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:18:21,849 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:18:21,849 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:18:21,849 INFO L85 PathProgramCache]: Analyzing trace with hash 744251358, now seen corresponding path program 1 times [2022-11-03 02:18:21,849 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:18:21,850 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1338288056] [2022-11-03 02:18:21,850 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:18:21,850 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:18:21,874 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:18:22,758 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 7 proven. 13 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-11-03 02:18:22,758 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:18:22,758 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1338288056] [2022-11-03 02:18:22,759 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1338288056] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:18:22,759 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1735363099] [2022-11-03 02:18:22,759 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:18:22,759 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:18:22,759 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:18:22,761 INFO L229 MonitoredProcess]: Starting monitored process 5 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:18:22,797 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2022-11-03 02:18:22,909 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:18:22,912 INFO L263 TraceCheckSpWp]: Trace formula consists of 445 conjuncts, 34 conjunts are in the unsatisfiable core [2022-11-03 02:18:22,916 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:18:23,398 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 13 proven. 11 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:18:23,399 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 02:18:24,113 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 11 proven. 3 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2022-11-03 02:18:24,113 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1735363099] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 02:18:24,114 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [905185569] [2022-11-03 02:18:24,119 INFO L159 IcfgInterpreter]: Started Sifa with 43 locations of interest [2022-11-03 02:18:24,122 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 02:18:24,122 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 02:18:24,123 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 02:18:24,123 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 02:18:34,495 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 323 for LOIs [2022-11-03 02:18:34,566 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 37 for LOIs [2022-11-03 02:18:34,832 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 67 for LOIs [2022-11-03 02:18:35,116 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 24 for LOIs [2022-11-03 02:18:35,118 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 51 for LOIs [2022-11-03 02:18:35,129 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 40 for LOIs [2022-11-03 02:18:35,131 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 02:18:49,970 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '7176#(and (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp~6#1| 0)) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification2_spec__2_~tmp___0~3#1|) (<= 0 (+ 2147483648 |old(~pumpRunning~0)|)) (= ~head~0.offset 0) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~1#1|) (<= |old(~pumpRunning~0)| 2147483647) (= 1 ~systemActive~0) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~1#1|) (<= 0 ~methAndRunningLastTime~0) (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp___0~3#1| 0)) (<= 0 |old(~methAndRunningLastTime~0)|) (<= |timeShift___utac_acc__Specification2_spec__2_~tmp~6#1| 1) (<= |old(~methAndRunningLastTime~0)| 1) (<= 0 ~head~0.base) (<= 0 ~methaneLevelCritical~0) (<= |timeShift___utac_acc__Specification2_spec__2_~tmp___0~3#1| 2147483647) (<= ~head~0.base 0) (= |#NULL.offset| 0) (not (= ~methAndRunningLastTime~0 0)) (<= ~methAndRunningLastTime~0 1) (<= 0 (+ |timeShift___utac_acc__Specification2_spec__2_~tmp___0~3#1| 2147483648)) (<= 0 |#StackHeapBarrier|) (= |timeShift___utac_acc__Specification2_spec__2_~tmp~6#1| ~methaneLevelCritical~0) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 02:18:49,971 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 02:18:49,971 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 02:18:49,971 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [14, 12, 14] total 35 [2022-11-03 02:18:49,972 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2064745133] [2022-11-03 02:18:49,972 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 02:18:49,972 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 35 states [2022-11-03 02:18:49,973 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:18:49,973 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 35 interpolants. [2022-11-03 02:18:49,975 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=467, Invalid=3955, Unknown=0, NotChecked=0, Total=4422 [2022-11-03 02:18:49,976 INFO L87 Difference]: Start difference. First operand 369 states and 443 transitions. Second operand has 35 states, 30 states have (on average 3.7333333333333334) internal successors, (112), 30 states have internal predecessors, (112), 15 states have call successors, (24), 12 states have call predecessors, (24), 11 states have return successors, (21), 9 states have call predecessors, (21), 14 states have call successors, (21) [2022-11-03 02:18:54,433 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:18:54,433 INFO L93 Difference]: Finished difference Result 1051 states and 1290 transitions. [2022-11-03 02:18:54,434 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 52 states. [2022-11-03 02:18:54,434 INFO L78 Accepts]: Start accepts. Automaton has has 35 states, 30 states have (on average 3.7333333333333334) internal successors, (112), 30 states have internal predecessors, (112), 15 states have call successors, (24), 12 states have call predecessors, (24), 11 states have return successors, (21), 9 states have call predecessors, (21), 14 states have call successors, (21) Word has length 66 [2022-11-03 02:18:54,435 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:18:54,445 INFO L225 Difference]: With dead ends: 1051 [2022-11-03 02:18:54,445 INFO L226 Difference]: Without dead ends: 768 [2022-11-03 02:18:54,450 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 271 GetRequests, 154 SyntacticMatches, 4 SemanticMatches, 113 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4921 ImplicationChecksByTransitivity, 17.6s TimeCoverageRelationStatistics Valid=1457, Invalid=11653, Unknown=0, NotChecked=0, Total=13110 [2022-11-03 02:18:54,451 INFO L413 NwaCegarLoop]: 151 mSDtfsCounter, 1484 mSDsluCounter, 1798 mSDsCounter, 0 mSdLazyCounter, 2453 mSolverCounterSat, 866 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1488 SdHoareTripleChecker+Valid, 1653 SdHoareTripleChecker+Invalid, 3319 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 866 IncrementalHoareTripleChecker+Valid, 2453 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.0s IncrementalHoareTripleChecker+Time [2022-11-03 02:18:54,452 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1488 Valid, 1653 Invalid, 3319 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [866 Valid, 2453 Invalid, 0 Unknown, 0 Unchecked, 2.0s Time] [2022-11-03 02:18:54,454 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 768 states. [2022-11-03 02:18:54,733 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 768 to 623. [2022-11-03 02:18:54,735 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 623 states, 442 states have (on average 1.253393665158371) internal successors, (554), 476 states have internal predecessors, (554), 88 states have call successors, (88), 87 states have call predecessors, (88), 92 states have return successors, (102), 90 states have call predecessors, (102), 88 states have call successors, (102) [2022-11-03 02:18:54,739 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 623 states to 623 states and 744 transitions. [2022-11-03 02:18:54,740 INFO L78 Accepts]: Start accepts. Automaton has 623 states and 744 transitions. Word has length 66 [2022-11-03 02:18:54,741 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:18:54,741 INFO L495 AbstractCegarLoop]: Abstraction has 623 states and 744 transitions. [2022-11-03 02:18:54,741 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 35 states, 30 states have (on average 3.7333333333333334) internal successors, (112), 30 states have internal predecessors, (112), 15 states have call successors, (24), 12 states have call predecessors, (24), 11 states have return successors, (21), 9 states have call predecessors, (21), 14 states have call successors, (21) [2022-11-03 02:18:54,742 INFO L276 IsEmpty]: Start isEmpty. Operand 623 states and 744 transitions. [2022-11-03 02:18:54,750 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 114 [2022-11-03 02:18:54,751 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:18:54,751 INFO L195 NwaCegarLoop]: trace histogram [4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:18:54,789 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2022-11-03 02:18:54,978 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-03 02:18:54,979 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:18:54,979 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:18:54,979 INFO L85 PathProgramCache]: Analyzing trace with hash -244726395, now seen corresponding path program 1 times [2022-11-03 02:18:54,979 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:18:54,979 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1940035008] [2022-11-03 02:18:54,979 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:18:54,980 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:18:55,022 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:18:55,263 INFO L134 CoverageAnalysis]: Checked inductivity of 131 backedges. 72 proven. 9 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2022-11-03 02:18:55,263 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:18:55,263 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1940035008] [2022-11-03 02:18:55,264 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1940035008] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:18:55,264 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2024696150] [2022-11-03 02:18:55,264 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:18:55,264 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:18:55,265 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:18:55,266 INFO L229 MonitoredProcess]: Starting monitored process 6 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:18:55,286 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2022-11-03 02:18:55,421 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:18:55,424 INFO L263 TraceCheckSpWp]: Trace formula consists of 609 conjuncts, 36 conjunts are in the unsatisfiable core [2022-11-03 02:18:55,429 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:18:56,011 INFO L134 CoverageAnalysis]: Checked inductivity of 131 backedges. 72 proven. 44 refuted. 0 times theorem prover too weak. 15 trivial. 0 not checked. [2022-11-03 02:18:56,012 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 02:18:57,034 INFO L134 CoverageAnalysis]: Checked inductivity of 131 backedges. 77 proven. 25 refuted. 0 times theorem prover too weak. 29 trivial. 0 not checked. [2022-11-03 02:18:57,035 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2024696150] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 02:18:57,035 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1214837429] [2022-11-03 02:18:57,038 INFO L159 IcfgInterpreter]: Started Sifa with 43 locations of interest [2022-11-03 02:18:57,039 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 02:18:57,039 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 02:18:57,039 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 02:18:57,040 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 02:19:06,069 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 25 for LOIs [2022-11-03 02:19:06,073 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 30 for LOIs [2022-11-03 02:19:06,397 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 63 for LOIs [2022-11-03 02:19:06,622 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 23 for LOIs [2022-11-03 02:19:06,624 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 35 for LOIs [2022-11-03 02:19:06,626 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 31 for LOIs [2022-11-03 02:19:06,628 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 02:19:13,361 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSifa [1214837429] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:19:13,361 INFO L184 FreeRefinementEngine]: Found 1 perfect and 3 imperfect interpolant sequences. [2022-11-03 02:19:13,362 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [28] imperfect sequences [7, 13, 13] total 55 [2022-11-03 02:19:13,362 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1149922532] [2022-11-03 02:19:13,362 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:19:13,363 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 29 states [2022-11-03 02:19:13,363 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:19:13,364 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 29 interpolants. [2022-11-03 02:19:13,365 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=374, Invalid=2596, Unknown=0, NotChecked=0, Total=2970 [2022-11-03 02:19:13,365 INFO L87 Difference]: Start difference. First operand 623 states and 744 transitions. Second operand has 29 states, 20 states have (on average 1.75) internal successors, (35), 24 states have internal predecessors, (35), 7 states have call successors, (7), 6 states have call predecessors, (7), 6 states have return successors, (7), 5 states have call predecessors, (7), 7 states have call successors, (7) [2022-11-03 02:19:37,254 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:19:37,254 INFO L93 Difference]: Finished difference Result 1707 states and 2139 transitions. [2022-11-03 02:19:37,255 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 58 states. [2022-11-03 02:19:37,256 INFO L78 Accepts]: Start accepts. Automaton has has 29 states, 20 states have (on average 1.75) internal successors, (35), 24 states have internal predecessors, (35), 7 states have call successors, (7), 6 states have call predecessors, (7), 6 states have return successors, (7), 5 states have call predecessors, (7), 7 states have call successors, (7) Word has length 113 [2022-11-03 02:19:37,258 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:19:37,267 INFO L225 Difference]: With dead ends: 1707 [2022-11-03 02:19:37,268 INFO L226 Difference]: Without dead ends: 1086 [2022-11-03 02:19:37,272 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 391 GetRequests, 280 SyntacticMatches, 14 SemanticMatches, 97 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3164 ImplicationChecksByTransitivity, 27.8s TimeCoverageRelationStatistics Valid=1253, Invalid=8449, Unknown=0, NotChecked=0, Total=9702 [2022-11-03 02:19:37,273 INFO L413 NwaCegarLoop]: 88 mSDtfsCounter, 287 mSDsluCounter, 634 mSDsCounter, 0 mSdLazyCounter, 2032 mSolverCounterSat, 377 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 2.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 290 SdHoareTripleChecker+Valid, 634 SdHoareTripleChecker+Invalid, 2409 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 377 IncrementalHoareTripleChecker+Valid, 2032 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.8s IncrementalHoareTripleChecker+Time [2022-11-03 02:19:37,274 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [290 Valid, 634 Invalid, 2409 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [377 Valid, 2032 Invalid, 0 Unknown, 0 Unchecked, 2.8s Time] [2022-11-03 02:19:37,275 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1086 states. [2022-11-03 02:19:37,629 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1086 to 902. [2022-11-03 02:19:37,631 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 902 states, 646 states have (on average 1.238390092879257) internal successors, (800), 684 states have internal predecessors, (800), 126 states have call successors, (126), 123 states have call predecessors, (126), 129 states have return successors, (147), 128 states have call predecessors, (147), 126 states have call successors, (147) [2022-11-03 02:19:37,636 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 902 states to 902 states and 1073 transitions. [2022-11-03 02:19:37,636 INFO L78 Accepts]: Start accepts. Automaton has 902 states and 1073 transitions. Word has length 113 [2022-11-03 02:19:37,637 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:19:37,637 INFO L495 AbstractCegarLoop]: Abstraction has 902 states and 1073 transitions. [2022-11-03 02:19:37,637 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 29 states, 20 states have (on average 1.75) internal successors, (35), 24 states have internal predecessors, (35), 7 states have call successors, (7), 6 states have call predecessors, (7), 6 states have return successors, (7), 5 states have call predecessors, (7), 7 states have call successors, (7) [2022-11-03 02:19:37,637 INFO L276 IsEmpty]: Start isEmpty. Operand 902 states and 1073 transitions. [2022-11-03 02:19:37,640 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 117 [2022-11-03 02:19:37,640 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:19:37,640 INFO L195 NwaCegarLoop]: trace histogram [4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:19:37,681 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Forceful destruction successful, exit code 0 [2022-11-03 02:19:37,854 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,6 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:19:37,854 INFO L420 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:19:37,854 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:19:37,854 INFO L85 PathProgramCache]: Analyzing trace with hash -1515969141, now seen corresponding path program 1 times [2022-11-03 02:19:37,855 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:19:37,855 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [691975215] [2022-11-03 02:19:37,855 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:19:37,855 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:19:37,892 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:19:38,085 INFO L134 CoverageAnalysis]: Checked inductivity of 131 backedges. 72 proven. 9 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2022-11-03 02:19:38,086 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:19:38,087 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [691975215] [2022-11-03 02:19:38,087 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [691975215] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:19:38,087 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1029765232] [2022-11-03 02:19:38,087 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:19:38,087 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:19:38,088 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:19:38,089 INFO L229 MonitoredProcess]: Starting monitored process 7 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:19:38,110 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Waiting until timeout for monitored process [2022-11-03 02:19:38,233 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:19:38,236 INFO L263 TraceCheckSpWp]: Trace formula consists of 615 conjuncts, 22 conjunts are in the unsatisfiable core [2022-11-03 02:19:38,239 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:19:38,450 INFO L134 CoverageAnalysis]: Checked inductivity of 131 backedges. 87 proven. 16 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2022-11-03 02:19:38,450 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 02:19:38,809 INFO L134 CoverageAnalysis]: Checked inductivity of 131 backedges. 61 proven. 28 refuted. 0 times theorem prover too weak. 42 trivial. 0 not checked. [2022-11-03 02:19:38,809 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1029765232] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 02:19:38,810 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [2121982092] [2022-11-03 02:19:38,816 INFO L159 IcfgInterpreter]: Started Sifa with 46 locations of interest [2022-11-03 02:19:38,816 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 02:19:38,817 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 02:19:38,818 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 02:19:38,818 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 02:19:43,228 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 45 for LOIs [2022-11-03 02:19:43,235 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 30 for LOIs [2022-11-03 02:19:43,543 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 59 for LOIs [2022-11-03 02:19:43,723 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 22 for LOIs [2022-11-03 02:19:43,724 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 43 for LOIs [2022-11-03 02:19:43,731 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 35 for LOIs [2022-11-03 02:19:43,733 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 31 for LOIs [2022-11-03 02:19:43,735 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 02:19:50,569 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '15257#(and (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp~6#1| 0)) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification2_spec__2_~tmp___0~3#1|) (= ~head~0.offset 0) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~1#1|) (= 1 ~systemActive~0) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~1#1|) (<= 0 ~methAndRunningLastTime~0) (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp___0~3#1| 0)) (<= 0 |old(~methAndRunningLastTime~0)|) (<= |timeShift___utac_acc__Specification2_spec__2_~tmp~6#1| 2147483647) (<= 0 ~head~0.base) (<= 0 ~methaneLevelCritical~0) (<= |timeShift___utac_acc__Specification2_spec__2_~tmp___0~3#1| 2147483647) (<= ~head~0.base 0) (= |#NULL.offset| 0) (not (= ~methAndRunningLastTime~0 0)) (<= 0 (+ |timeShift___utac_acc__Specification2_spec__2_~tmp___0~3#1| 2147483648)) (<= 0 |#StackHeapBarrier|) (= |timeShift___utac_acc__Specification2_spec__2_~tmp~6#1| ~methaneLevelCritical~0) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 02:19:50,569 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 02:19:50,569 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 02:19:50,570 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 9, 11] total 21 [2022-11-03 02:19:50,570 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1131347629] [2022-11-03 02:19:50,570 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 02:19:50,571 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 21 states [2022-11-03 02:19:50,571 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:19:50,571 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 21 interpolants. [2022-11-03 02:19:50,572 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=286, Invalid=2576, Unknown=0, NotChecked=0, Total=2862 [2022-11-03 02:19:50,573 INFO L87 Difference]: Start difference. First operand 902 states and 1073 transitions. Second operand has 21 states, 15 states have (on average 8.733333333333333) internal successors, (131), 16 states have internal predecessors, (131), 8 states have call successors, (30), 7 states have call predecessors, (30), 12 states have return successors, (33), 10 states have call predecessors, (33), 8 states have call successors, (33) [2022-11-03 02:19:52,732 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:19:52,733 INFO L93 Difference]: Finished difference Result 2485 states and 3087 transitions. [2022-11-03 02:19:52,733 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2022-11-03 02:19:52,733 INFO L78 Accepts]: Start accepts. Automaton has has 21 states, 15 states have (on average 8.733333333333333) internal successors, (131), 16 states have internal predecessors, (131), 8 states have call successors, (30), 7 states have call predecessors, (30), 12 states have return successors, (33), 10 states have call predecessors, (33), 8 states have call successors, (33) Word has length 116 [2022-11-03 02:19:52,734 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:19:52,744 INFO L225 Difference]: With dead ends: 2485 [2022-11-03 02:19:52,744 INFO L226 Difference]: Without dead ends: 1937 [2022-11-03 02:19:52,748 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 387 GetRequests, 301 SyntacticMatches, 12 SemanticMatches, 74 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2168 ImplicationChecksByTransitivity, 7.5s TimeCoverageRelationStatistics Valid=547, Invalid=5153, Unknown=0, NotChecked=0, Total=5700 [2022-11-03 02:19:52,749 INFO L413 NwaCegarLoop]: 104 mSDtfsCounter, 450 mSDsluCounter, 516 mSDsCounter, 0 mSdLazyCounter, 1245 mSolverCounterSat, 225 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 457 SdHoareTripleChecker+Valid, 517 SdHoareTripleChecker+Invalid, 1470 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 225 IncrementalHoareTripleChecker+Valid, 1245 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.8s IncrementalHoareTripleChecker+Time [2022-11-03 02:19:52,750 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [457 Valid, 517 Invalid, 1470 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [225 Valid, 1245 Invalid, 0 Unknown, 0 Unchecked, 0.8s Time] [2022-11-03 02:19:52,752 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1937 states. [2022-11-03 02:19:53,210 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1937 to 1692. [2022-11-03 02:19:53,213 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1692 states, 1218 states have (on average 1.2192118226600985) internal successors, (1485), 1286 states have internal predecessors, (1485), 234 states have call successors, (234), 229 states have call predecessors, (234), 239 states have return successors, (274), 238 states have call predecessors, (274), 234 states have call successors, (274) [2022-11-03 02:19:53,220 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1692 states to 1692 states and 1993 transitions. [2022-11-03 02:19:53,221 INFO L78 Accepts]: Start accepts. Automaton has 1692 states and 1993 transitions. Word has length 116 [2022-11-03 02:19:53,221 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:19:53,221 INFO L495 AbstractCegarLoop]: Abstraction has 1692 states and 1993 transitions. [2022-11-03 02:19:53,222 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 21 states, 15 states have (on average 8.733333333333333) internal successors, (131), 16 states have internal predecessors, (131), 8 states have call successors, (30), 7 states have call predecessors, (30), 12 states have return successors, (33), 10 states have call predecessors, (33), 8 states have call successors, (33) [2022-11-03 02:19:53,222 INFO L276 IsEmpty]: Start isEmpty. Operand 1692 states and 1993 transitions. [2022-11-03 02:19:53,226 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 117 [2022-11-03 02:19:53,227 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:19:53,227 INFO L195 NwaCegarLoop]: trace histogram [4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:19:53,273 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Forceful destruction successful, exit code 0 [2022-11-03 02:19:53,454 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11,7 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:19:53,455 INFO L420 AbstractCegarLoop]: === Iteration 13 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:19:53,455 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:19:53,455 INFO L85 PathProgramCache]: Analyzing trace with hash 342131089, now seen corresponding path program 2 times [2022-11-03 02:19:53,455 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:19:53,455 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1108048373] [2022-11-03 02:19:53,455 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:19:53,455 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:19:53,482 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:19:54,757 INFO L134 CoverageAnalysis]: Checked inductivity of 131 backedges. 52 proven. 58 refuted. 0 times theorem prover too weak. 21 trivial. 0 not checked. [2022-11-03 02:19:54,757 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:19:54,757 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1108048373] [2022-11-03 02:19:54,758 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1108048373] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:19:54,758 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1197111609] [2022-11-03 02:19:54,758 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2022-11-03 02:19:54,758 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:19:54,758 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:19:54,759 INFO L229 MonitoredProcess]: Starting monitored process 8 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:19:54,762 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (8)] Waiting until timeout for monitored process [2022-11-03 02:19:54,885 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) [2022-11-03 02:19:54,886 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2022-11-03 02:19:54,888 INFO L263 TraceCheckSpWp]: Trace formula consists of 439 conjuncts, 33 conjunts are in the unsatisfiable core [2022-11-03 02:19:54,895 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:19:55,098 INFO L134 CoverageAnalysis]: Checked inductivity of 131 backedges. 86 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2022-11-03 02:19:55,098 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-03 02:19:55,099 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1197111609] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:19:55,099 INFO L184 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2022-11-03 02:19:55,099 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [20] total 25 [2022-11-03 02:19:55,099 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1579979763] [2022-11-03 02:19:55,099 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:19:55,100 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-03 02:19:55,100 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:19:55,100 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-03 02:19:55,101 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=78, Invalid=522, Unknown=0, NotChecked=0, Total=600 [2022-11-03 02:19:55,101 INFO L87 Difference]: Start difference. First operand 1692 states and 1993 transitions. Second operand has 8 states, 8 states have (on average 7.875) internal successors, (63), 8 states have internal predecessors, (63), 4 states have call successors, (11), 4 states have call predecessors, (11), 3 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2022-11-03 02:19:56,247 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:19:56,247 INFO L93 Difference]: Finished difference Result 3454 states and 4128 transitions. [2022-11-03 02:19:56,248 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2022-11-03 02:19:56,248 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 7.875) internal successors, (63), 8 states have internal predecessors, (63), 4 states have call successors, (11), 4 states have call predecessors, (11), 3 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) Word has length 116 [2022-11-03 02:19:56,248 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:19:56,251 INFO L225 Difference]: With dead ends: 3454 [2022-11-03 02:19:56,251 INFO L226 Difference]: Without dead ends: 0 [2022-11-03 02:19:56,265 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 141 GetRequests, 114 SyntacticMatches, 0 SemanticMatches, 27 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 165 ImplicationChecksByTransitivity, 0.5s TimeCoverageRelationStatistics Valid=103, Invalid=709, Unknown=0, NotChecked=0, Total=812 [2022-11-03 02:19:56,268 INFO L413 NwaCegarLoop]: 113 mSDtfsCounter, 132 mSDsluCounter, 438 mSDsCounter, 0 mSdLazyCounter, 315 mSolverCounterSat, 32 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 135 SdHoareTripleChecker+Valid, 457 SdHoareTripleChecker+Invalid, 347 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 32 IncrementalHoareTripleChecker+Valid, 315 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-03 02:19:56,268 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [135 Valid, 457 Invalid, 347 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [32 Valid, 315 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-03 02:19:56,269 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-03 02:19:56,269 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-03 02:19:56,270 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 02:19:56,270 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-03 02:19:56,270 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 116 [2022-11-03 02:19:56,271 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:19:56,271 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-03 02:19:56,271 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 7.875) internal successors, (63), 8 states have internal predecessors, (63), 4 states have call successors, (11), 4 states have call predecessors, (11), 3 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2022-11-03 02:19:56,271 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-03 02:19:56,271 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-03 02:19:56,274 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-03 02:19:56,321 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (8)] Forceful destruction successful, exit code 0 [2022-11-03 02:19:56,490 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 8 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable12 [2022-11-03 02:19:56,493 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-03 02:20:07,572 WARN L234 SmtUtils]: Spent 5.50s on a formula simplification. DAG size of input: 400 DAG size of output: 396 (called from [L 182] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.or) [2022-11-03 02:20:24,889 WARN L234 SmtUtils]: Spent 16.40s on a formula simplification. DAG size of input: 450 DAG size of output: 450 (called from [L 182] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.or) [2022-11-03 02:20:30,348 WARN L234 SmtUtils]: Spent 5.46s on a formula simplification. DAG size of input: 462 DAG size of output: 446 (called from [L 182] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.or) [2022-11-03 02:20:42,482 WARN L234 SmtUtils]: Spent 6.68s on a formula simplification. DAG size of input: 475 DAG size of output: 464 (called from [L 182] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.or) [2022-11-03 02:21:41,299 INFO L895 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 229 236) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= |old(~pumpRunning~0)| 1))) (.cse2 (not (= ~methaneLevelCritical~0 1))) (.cse3 (= ~pumpRunning~0 1))) (and (or .cse0 (not (<= 2 ~waterLevel~0)) .cse1 .cse2 .cse3) (or .cse0 (not (<= 1 ~waterLevel~0)) (not (= ~methaneLevelCritical~0 0)) .cse1 .cse3) (or (not (= ~waterLevel~0 1)) .cse0 .cse1 .cse2 .cse3))) [2022-11-03 02:21:41,299 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 229 236) no Hoare annotation was computed. [2022-11-03 02:21:41,299 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 162 168) no Hoare annotation was computed. [2022-11-03 02:21:41,299 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 162 168) the Hoare annotation is: true [2022-11-03 02:21:41,300 INFO L895 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 558 569) the Hoare annotation is: (let ((.cse4 (not (= 0 ~systemActive~0))) (.cse0 (not (= ~pumpRunning~0 0))) (.cse1 (= ~methaneLevelCritical~0 1)) (.cse2 (not (= |old(~methaneLevelCritical~0)| 1))) (.cse5 (not (= |old(~methaneLevelCritical~0)| 0))) (.cse7 (not (= 1 ~systemActive~0))) (.cse6 (= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)) (.cse9 (not (<= 2 ~waterLevel~0))) (.cse8 (not (= ~pumpRunning~0 1))) (.cse3 (not (= ~methAndRunningLastTime~0 0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse0 .cse6 .cse3 .cse4) (or .cse5 .cse7 (not (= 2 ~waterLevel~0)) .cse6 .cse8) (or .cse7 .cse9 .cse1 .cse8 .cse2) (or .cse5 .cse0 .cse7 .cse6 .cse3) (or .cse0 .cse7 .cse1 .cse2 .cse3) (or .cse5 .cse7 .cse6 .cse9 .cse8 .cse3))) [2022-11-03 02:21:41,300 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 558 569) no Hoare annotation was computed. [2022-11-03 02:21:41,300 INFO L902 garLoopResultBuilder]: At program point isMethaneLevelCriticalENTRY(lines 570 578) the Hoare annotation is: true [2022-11-03 02:21:41,300 INFO L899 garLoopResultBuilder]: For program point isMethaneLevelCriticalEXIT(lines 570 578) no Hoare annotation was computed. [2022-11-03 02:21:41,300 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 356 385) no Hoare annotation was computed. [2022-11-03 02:21:41,301 INFO L902 garLoopResultBuilder]: At program point L381(lines 356 385) the Hoare annotation is: true [2022-11-03 02:21:41,301 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 356 385) the Hoare annotation is: true [2022-11-03 02:21:41,301 INFO L899 garLoopResultBuilder]: For program point L377(line 377) no Hoare annotation was computed. [2022-11-03 02:21:41,301 INFO L899 garLoopResultBuilder]: For program point L370(lines 370 374) no Hoare annotation was computed. [2022-11-03 02:21:41,301 INFO L902 garLoopResultBuilder]: At program point L370-1(lines 370 374) the Hoare annotation is: true [2022-11-03 02:21:41,301 INFO L902 garLoopResultBuilder]: At program point L366-2(lines 366 380) the Hoare annotation is: true [2022-11-03 02:21:41,301 INFO L902 garLoopResultBuilder]: At program point L362(line 362) the Hoare annotation is: true [2022-11-03 02:21:41,302 INFO L899 garLoopResultBuilder]: For program point L362-1(line 362) no Hoare annotation was computed. [2022-11-03 02:21:41,302 INFO L899 garLoopResultBuilder]: For program point L478(lines 478 488) no Hoare annotation was computed. [2022-11-03 02:21:41,302 INFO L895 garLoopResultBuilder]: At program point L474(lines 474 491) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse7 (<= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse5 (<= ~waterLevel~0 1)) (.cse4 (= ~pumpRunning~0 0)) (.cse25 (= 1 ~systemActive~0)) (.cse6 (<= ~waterLevel~0 |old(~waterLevel~0)|)) (.cse8 (= |timeShift___utac_acc__Specification2_spec__2_~tmp~6#1| ~methaneLevelCritical~0)) (.cse26 (or .cse0 .cse7))) (let ((.cse10 (= ~methAndRunningLastTime~0 0)) (.cse11 (= ~pumpRunning~0 1)) (.cse15 (and .cse4 (= |timeShift_processEnvironment_~tmp~2#1| 1) .cse25 .cse6 .cse8 .cse26)) (.cse16 (not (<= 2 |old(~waterLevel~0)|))) (.cse17 (and .cse5 (<= 1 ~waterLevel~0))) (.cse13 (not (= |old(~pumpRunning~0)| 1))) (.cse18 (not (= |old(~waterLevel~0)| 2))) (.cse14 (not (= ~methaneLevelCritical~0 1))) (.cse2 (and .cse4 .cse6 .cse8 .cse26)) (.cse3 (not (= 0 ~systemActive~0))) (.cse19 (not (= |#NULL.offset| 0))) (.cse9 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse12 (not .cse25)) (.cse20 (not (= ~head~0.offset 0))) (.cse1 (not (= ~methaneLevelCritical~0 0))) (.cse21 (not (= |#NULL.base| 0))) (.cse22 (not (<= 0 |#StackHeapBarrier|))) (.cse23 (not (= ~head~0.base 0))) (.cse24 (not (= ~cleanupTimeShifts~0 4)))) (and (or .cse0 .cse1 .cse2 .cse3) (or (and .cse4 .cse5 .cse6 .cse7 .cse8) .cse0 .cse9 (and .cse10 (<= 2 ~waterLevel~0) .cse6 .cse7 .cse8 .cse11) .cse12 .cse1) (or .cse12 .cse13 .cse14 .cse15 .cse16) (or (not (<= |old(~waterLevel~0)| 1)) .cse0 (and .cse4 .cse6 .cse7 .cse8) .cse9 .cse12 .cse14) (or .cse0 .cse9 .cse12 .cse14 (and .cse10 .cse6 .cse7 .cse8 .cse11) .cse16) (or .cse12 .cse1 .cse17 .cse13 .cse18) (or .cse12 .cse1 .cse13 .cse15 .cse16) (or .cse19 .cse9 .cse12 .cse20 .cse1 .cse13 .cse21 (and (<= ~methAndRunningLastTime~0 0) (= (ite (= ~waterLevel~0 0) 1 0) 0) (<= 0 ~methAndRunningLastTime~0)) .cse22 .cse23 .cse24 .cse16) (or .cse12 .cse17 .cse13 .cse14 .cse18) (or .cse0 .cse14 .cse2 .cse3) (or .cse0 .cse19 .cse9 .cse12 .cse20 .cse1 .cse21 .cse22 (= |old(~methAndRunningLastTime~0)| ~methAndRunningLastTime~0) .cse23 .cse24))))) [2022-11-03 02:21:41,303 INFO L895 garLoopResultBuilder]: At program point L474-1(lines 466 494) the Hoare annotation is: (let ((.cse11 (not (= |old(~pumpRunning~0)| 0))) (.cse9 (<= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse7 (<= ~waterLevel~0 1)) (.cse5 (= ~pumpRunning~0 0)) (.cse6 (= ~methAndRunningLastTime~0 0)) (.cse19 (= 1 ~systemActive~0)) (.cse8 (<= ~waterLevel~0 |old(~waterLevel~0)|)) (.cse10 (= |timeShift___utac_acc__Specification2_spec__2_~tmp~6#1| ~methaneLevelCritical~0)) (.cse20 (or .cse11 .cse9))) (let ((.cse3 (and .cse5 .cse6 (= |timeShift_processEnvironment_~tmp~2#1| 1) .cse19 .cse8 .cse10 .cse20)) (.cse13 (= ~pumpRunning~0 1)) (.cse12 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse1 (not (= ~methaneLevelCritical~0 0))) (.cse4 (not (<= 2 |old(~waterLevel~0)|))) (.cse17 (and .cse5 .cse6 .cse8 .cse10 .cse20)) (.cse18 (not (= 0 ~systemActive~0))) (.cse0 (not .cse19)) (.cse15 (and .cse7 (<= 1 ~waterLevel~0))) (.cse2 (not (= |old(~pumpRunning~0)| 1))) (.cse14 (not (= ~methaneLevelCritical~0 1))) (.cse16 (not (= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or (and .cse5 .cse6 .cse7 .cse8 .cse9 .cse10) .cse11 .cse12 (and .cse6 (<= 2 ~waterLevel~0) .cse8 .cse9 .cse10 .cse13) .cse0 .cse1) (or .cse0 .cse2 .cse3 .cse14 .cse4) (or .cse0 .cse1 .cse15 .cse2 .cse16) (or .cse11 .cse1 .cse17 .cse18) (or .cse11 .cse12 .cse0 (and .cse8 .cse9 .cse10 .cse13) .cse14 .cse4) (or (not (<= |old(~waterLevel~0)| 1)) .cse11 .cse12 .cse0 (and .cse5 .cse6 .cse8 .cse9 .cse10) .cse14) (or (not (= |#NULL.offset| 0)) .cse12 .cse0 (= (ite (= ~waterLevel~0 0) 1 0) 0) (not (= ~head~0.offset 0)) .cse1 .cse2 (not (= |#NULL.base| 0)) (not (<= 0 |#StackHeapBarrier|)) (not (= ~head~0.base 0)) (not (= ~cleanupTimeShifts~0 4)) .cse4) (or .cse11 .cse17 .cse14 .cse18) (or .cse0 .cse15 .cse2 .cse14 .cse16))))) [2022-11-03 02:21:41,303 INFO L895 garLoopResultBuilder]: At program point L210(line 210) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 1))) (.cse3 (not (<= 2 |old(~waterLevel~0)|))) (.cse6 (not (= 0 ~systemActive~0))) (.cse1 (not (= ~methaneLevelCritical~0 0))) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse7 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse5 (not (= ~methaneLevelCritical~0 1)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse5 .cse6) (or .cse0 .cse2 .cse5 .cse3) (or .cse4 .cse1 .cse6) (or .cse4 .cse7 .cse0 .cse1) (or .cse4 .cse7 .cse0 .cse5))) [2022-11-03 02:21:41,304 INFO L895 garLoopResultBuilder]: At program point L206(line 206) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse9 (= 1 ~systemActive~0))) (let ((.cse2 (not (= 0 ~systemActive~0))) (.cse8 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse5 (not (= ~methaneLevelCritical~0 0))) (.cse3 (let ((.cse10 (+ ~waterLevel~0 1))) (and .cse0 (= |timeShift_processEnvironment_~tmp~2#1| 1) .cse9 (<= .cse10 |old(~waterLevel~0)|) (<= |old(~waterLevel~0)| .cse10) (= ~pumpRunning~0 1)))) (.cse4 (not .cse9)) (.cse6 (not (= |old(~pumpRunning~0)| 1))) (.cse1 (not (= ~methaneLevelCritical~0 1))) (.cse7 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 .cse1 .cse2) (or .cse3 .cse4 .cse5 .cse6 .cse7) (or .cse0 .cse5 .cse2) (or .cse0 .cse8 .cse4 .cse5) (or .cse0 .cse8 .cse4 .cse1) (or (not (= |#NULL.offset| 0)) .cse8 .cse4 (and (= |timeShift_isLowWaterLevel_~tmp___0~2#1| |timeShift_isLowWaterLevel_~retValue_acc~3#1|) (= |timeShift_isLowWaterLevel_~tmp~4#1| 0) (= |timeShift_isLowWaterSensorDry_~retValue_acc~10#1| |timeShift_isLowWaterSensorDry_#res#1|) (= |timeShift_isLowWaterLevel_~tmp___0~2#1| 1) (= |timeShift_isLowWaterSensorDry_#res#1| |timeShift_isLowWaterLevel_~tmp~4#1|) (= |timeShift_isLowWaterLevel_~retValue_acc~3#1| |timeShift_isLowWaterLevel_#res#1|) (= |old(~methAndRunningLastTime~0)| ~methAndRunningLastTime~0)) (not (= ~head~0.offset 0)) .cse5 .cse6 (not (= |#NULL.base| 0)) (not (<= 0 |#StackHeapBarrier|)) (not (= ~head~0.base 0)) (not (= ~cleanupTimeShifts~0 4)) .cse7) (or .cse3 .cse4 .cse6 .cse1 .cse7)))) [2022-11-03 02:21:41,304 INFO L899 garLoopResultBuilder]: For program point L479(lines 479 485) no Hoare annotation was computed. [2022-11-03 02:21:41,304 INFO L895 garLoopResultBuilder]: At program point L215(line 215) the Hoare annotation is: (let ((.cse1 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse2 (and (= ~pumpRunning~0 0) (= ~methAndRunningLastTime~0 0) (<= ~waterLevel~0 |old(~waterLevel~0)|) (<= |old(~waterLevel~0)| ~waterLevel~0))) (.cse3 (not (= 1 ~systemActive~0))) (.cse6 (not (= |old(~pumpRunning~0)| 1))) (.cse4 (not (= ~methaneLevelCritical~0 1))) (.cse7 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (not (= ~methaneLevelCritical~0 0))) (.cse8 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse3 .cse5 .cse6 .cse7) (or .cse0 .cse1 .cse2 .cse3 .cse5) (or .cse0 .cse4 .cse8) (or .cse3 .cse6 .cse4 .cse7) (or .cse0 .cse5 .cse8))) [2022-11-03 02:21:41,305 INFO L895 garLoopResultBuilder]: At program point L215-1(lines 196 220) the Hoare annotation is: (let ((.cse22 (= ~pumpRunning~0 0)) (.cse21 (= 1 ~systemActive~0)) (.cse19 (<= ~waterLevel~0 |old(~waterLevel~0)|)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse20 (<= |old(~waterLevel~0)| ~waterLevel~0)) (.cse23 (<= ~waterLevel~0 1))) (let ((.cse2 (not (= 0 ~systemActive~0))) (.cse5 (and .cse23 (<= 1 ~waterLevel~0))) (.cse7 (not (= |old(~waterLevel~0)| 2))) (.cse6 (not (= |old(~pumpRunning~0)| 1))) (.cse11 (and .cse22 (= |timeShift_processEnvironment_~tmp~2#1| 1) .cse21 .cse19 (or .cse0 .cse20))) (.cse1 (not (= ~methaneLevelCritical~0 1))) (.cse12 (not (<= 2 |old(~waterLevel~0)|))) (.cse13 (not (= |#NULL.offset| 0))) (.cse14 (not (= ~head~0.offset 0))) (.cse15 (not (= |#NULL.base| 0))) (.cse16 (not (<= 0 |#StackHeapBarrier|))) (.cse17 (not (= ~head~0.base 0))) (.cse18 (not (= ~cleanupTimeShifts~0 4))) (.cse8 (and .cse22 .cse23 .cse19 .cse20)) (.cse9 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse3 (not .cse21)) (.cse10 (and (= ~methAndRunningLastTime~0 0) (<= 2 ~waterLevel~0) .cse19 .cse20 (= ~pumpRunning~0 1))) (.cse4 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2) (or .cse3 .cse4 .cse5 .cse6 .cse7) (or .cse0 .cse4 .cse2) (or .cse8 .cse0 .cse9 .cse3 .cse10 .cse1) (or .cse3 .cse4 .cse6 .cse11 .cse12) (or .cse13 .cse9 .cse3 .cse14 .cse4 .cse6 .cse15 (and (<= ~methAndRunningLastTime~0 0) (= (ite (= ~waterLevel~0 0) 1 0) 0) (<= 0 ~methAndRunningLastTime~0)) .cse16 .cse17 .cse18 .cse12) (or .cse3 .cse5 .cse6 .cse1 .cse7) (or .cse3 .cse6 .cse11 .cse1 .cse12) (or .cse0 .cse13 .cse9 .cse3 .cse14 .cse4 .cse15 .cse16 (= |old(~methAndRunningLastTime~0)| ~methAndRunningLastTime~0) .cse17 .cse18) (or .cse8 .cse0 .cse9 .cse3 .cse10 .cse4)))) [2022-11-03 02:21:41,305 INFO L899 garLoopResultBuilder]: For program point L149-1(lines 149 155) no Hoare annotation was computed. [2022-11-03 02:21:41,306 INFO L895 garLoopResultBuilder]: At program point L472(line 472) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse23 (<= |old(~waterLevel~0)| ~waterLevel~0)) (.cse25 (= ~pumpRunning~0 0)) (.cse22 (<= ~waterLevel~0 |old(~waterLevel~0)|))) (let ((.cse26 (<= ~waterLevel~0 1)) (.cse24 (= 1 ~systemActive~0)) (.cse27 (or (<= (+ ~waterLevel~0 1) |old(~waterLevel~0)|) (and (not (< 0 ~waterLevel~0)) .cse22) (and .cse25 .cse22))) (.cse28 (or .cse0 .cse23))) (let ((.cse1 (and .cse27 .cse28)) (.cse14 (and .cse27 .cse25 (= |timeShift_processEnvironment_~tmp~2#1| 1) .cse24 .cse28)) (.cse15 (not (<= 2 |old(~waterLevel~0)|))) (.cse6 (and .cse26 (<= 1 ~waterLevel~0))) (.cse7 (not (= |old(~pumpRunning~0)| 1))) (.cse2 (not (= ~methaneLevelCritical~0 1))) (.cse8 (not (= |old(~waterLevel~0)| 2))) (.cse16 (not (= |#NULL.offset| 0))) (.cse17 (not (= ~head~0.offset 0))) (.cse18 (not (= |#NULL.base| 0))) (.cse19 (not (<= 0 |#StackHeapBarrier|))) (.cse20 (not (= ~head~0.base 0))) (.cse21 (not (= ~cleanupTimeShifts~0 4))) (.cse9 (not (<= |old(~waterLevel~0)| 1))) (.cse10 (and .cse27 .cse25 .cse28)) (.cse3 (not (= 0 ~systemActive~0))) (.cse11 (and .cse25 .cse26 .cse22 .cse23)) (.cse12 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse5 (not .cse24)) (.cse13 (and (= ~methAndRunningLastTime~0 0) (<= 2 ~waterLevel~0) .cse22 .cse23 (= ~pumpRunning~0 1))) (.cse4 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse4 .cse1 .cse3) (or .cse5 .cse4 .cse6 .cse7 .cse8) (or .cse9 .cse0 .cse2 .cse10 .cse3) (or .cse11 .cse0 .cse12 .cse5 .cse13 .cse2) (or .cse5 .cse4 .cse7 .cse14 .cse15) (or .cse5 .cse7 .cse2 .cse14 .cse15) (or .cse16 .cse12 .cse5 .cse17 .cse4 .cse7 .cse18 (and (<= ~methAndRunningLastTime~0 0) (= (ite (= ~waterLevel~0 0) 1 0) 0) (<= 0 ~methAndRunningLastTime~0)) .cse19 .cse20 .cse21 .cse15) (or .cse5 .cse6 .cse7 .cse2 .cse8) (or .cse0 .cse16 .cse12 .cse5 .cse17 .cse4 .cse18 .cse19 (= |old(~methAndRunningLastTime~0)| ~methAndRunningLastTime~0) .cse20 .cse21) (or .cse9 .cse0 .cse4 .cse10 .cse3) (or .cse11 .cse0 .cse12 .cse5 .cse13 .cse4))))) [2022-11-03 02:21:41,306 INFO L899 garLoopResultBuilder]: For program point L472-1(line 472) no Hoare annotation was computed. [2022-11-03 02:21:41,306 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 138 161) the Hoare annotation is: (let ((.cse11 (= ~methAndRunningLastTime~0 0)) (.cse12 (= 1 ~systemActive~0)) (.cse15 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse13 (= ~pumpRunning~0 0)) (.cse14 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse16 (= 0 ~systemActive~0))) (let ((.cse6 (and .cse15 .cse13 .cse14 .cse16)) (.cse7 (not .cse16)) (.cse8 (and .cse15 .cse12 .cse14 (= ~pumpRunning~0 1))) (.cse5 (not (= |old(~pumpRunning~0)| 0))) (.cse9 (and .cse13 .cse11 .cse14)) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse0 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse1 (not .cse12)) (.cse3 (not (= |old(~pumpRunning~0)| 1))) (.cse10 (not (= ~methaneLevelCritical~0 1))) (.cse4 (not (<= 2 |old(~waterLevel~0)|)))) (and (or (not (= |#NULL.offset| 0)) .cse0 .cse1 (not (= ~head~0.offset 0)) .cse2 .cse3 (not (= |#NULL.base| 0)) (not (<= 0 |#StackHeapBarrier|)) (= |old(~methAndRunningLastTime~0)| ~methAndRunningLastTime~0) (not (= ~head~0.base 0)) (not (= ~cleanupTimeShifts~0 4)) .cse4) (or .cse5 .cse6 .cse2 .cse7) (or .cse1 .cse2 .cse3 .cse8 .cse4) (or .cse5 .cse0 .cse1 .cse9 .cse10) (or .cse5 .cse6 .cse10 .cse7) (or .cse1 .cse3 .cse8 .cse10 .cse4) (or .cse5 .cse0 .cse1 .cse9 .cse2) (or .cse0 .cse11 .cse1 .cse3 .cse10 .cse4)))) [2022-11-03 02:21:41,307 INFO L899 garLoopResultBuilder]: For program point L142-1(lines 141 160) no Hoare annotation was computed. [2022-11-03 02:21:41,307 INFO L895 garLoopResultBuilder]: At program point L1005(line 1005) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 1))) (.cse3 (not (<= 2 |old(~waterLevel~0)|))) (.cse6 (not (= 0 ~systemActive~0))) (.cse1 (not (= ~methaneLevelCritical~0 0))) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse7 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse5 (not (= ~methaneLevelCritical~0 1)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse5 .cse6) (or .cse0 .cse2 .cse5 .cse3) (or .cse4 .cse1 .cse6) (or .cse4 .cse7 .cse0 .cse1) (or .cse4 .cse7 .cse0 .cse5))) [2022-11-03 02:21:41,307 INFO L899 garLoopResultBuilder]: For program point L204(lines 204 212) no Hoare annotation was computed. [2022-11-03 02:21:41,307 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 138 161) no Hoare annotation was computed. [2022-11-03 02:21:41,307 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 1005) no Hoare annotation was computed. [2022-11-03 02:21:41,308 INFO L895 garLoopResultBuilder]: At program point L200(lines 200 217) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse15 (+ ~waterLevel~0 1)) (.cse9 (= ~pumpRunning~0 0))) (let ((.cse14 (= 1 ~systemActive~0)) (.cse13 (let ((.cse17 (<= ~waterLevel~0 |old(~waterLevel~0)|))) (or (<= .cse15 |old(~waterLevel~0)|) (and (not (< 0 ~waterLevel~0)) .cse17) (and .cse9 .cse17)))) (.cse12 (= ~methAndRunningLastTime~0 0)) (.cse16 (or .cse0 (<= |old(~waterLevel~0)| ~waterLevel~0)))) (let ((.cse10 (not (= 0 ~systemActive~0))) (.cse4 (and .cse13 .cse12 .cse16)) (.cse8 (not (<= |old(~waterLevel~0)| 1))) (.cse1 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse3 (not (= ~methaneLevelCritical~0 1))) (.cse2 (not .cse14)) (.cse5 (not (= ~methaneLevelCritical~0 0))) (.cse6 (not (= |old(~pumpRunning~0)| 1))) (.cse11 (and .cse13 .cse14 (<= |old(~waterLevel~0)| .cse15) (= ~pumpRunning~0 1) .cse16)) (.cse7 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or (not (= |#NULL.offset| 0)) .cse1 .cse2 (not (= ~head~0.offset 0)) .cse5 .cse6 (not (= |#NULL.base| 0)) (not (<= 0 |#StackHeapBarrier|)) (= |old(~methAndRunningLastTime~0)| ~methAndRunningLastTime~0) (not (= ~head~0.base 0)) (not (= ~cleanupTimeShifts~0 4)) .cse7) (or .cse8 .cse0 .cse9 .cse1 .cse2 .cse3) (or .cse0 .cse3 .cse10) (or .cse0 .cse5 .cse10) (or .cse0 .cse1 .cse2 .cse5 .cse4) (or .cse8 .cse0 .cse9 .cse1 .cse2 .cse5) (or .cse2 .cse6 .cse3 .cse11 .cse7) (or .cse1 .cse12 .cse2 .cse6 .cse3 .cse7) (or .cse2 .cse5 .cse6 .cse11 .cse7))))) [2022-11-03 02:21:41,308 INFO L895 garLoopResultBuilder]: At program point L337(line 337) the Hoare annotation is: (let ((.cse0 (<= 2 ~waterLevel~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (= |ULTIMATE.start_main_~tmp~5#1| 1)) (.cse4 (not (= 0 ~systemActive~0))) (.cse5 (= ~pumpRunning~0 1))) (or (and (= ~methaneLevelCritical~0 0) .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse1 (= ~methaneLevelCritical~0 1) .cse2 .cse3 .cse4 .cse5))) [2022-11-03 02:21:41,308 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-03 02:21:41,308 INFO L902 garLoopResultBuilder]: At program point L119(lines 56 123) the Hoare annotation is: true [2022-11-03 02:21:41,308 INFO L899 garLoopResultBuilder]: For program point L86(lines 86 92) no Hoare annotation was computed. [2022-11-03 02:21:41,309 INFO L899 garLoopResultBuilder]: For program point L86-1(lines 86 92) no Hoare annotation was computed. [2022-11-03 02:21:41,309 INFO L895 garLoopResultBuilder]: At program point L78(line 78) the Hoare annotation is: (let ((.cse5 (= 0 ~systemActive~0))) (let ((.cse2 (= ~methaneLevelCritical~0 0)) (.cse6 (<= 2 ~waterLevel~0)) (.cse8 (= ~pumpRunning~0 1)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse7 (= 1 ~systemActive~0)) (.cse9 (= ~methaneLevelCritical~0 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (= |ULTIMATE.start_main_~tmp~5#1| 1)) (.cse10 (not .cse5))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse1 .cse2 .cse6 .cse7 .cse3 .cse4 .cse8) (and .cse0 .cse1 .cse9 .cse3 .cse4 .cse5) (and .cse0 .cse1 .cse2 .cse7 .cse3 .cse4 .cse10) (and (= 2 ~waterLevel~0) .cse2 .cse7 .cse3 .cse4 .cse8) (and .cse6 .cse7 .cse9 .cse3 .cse4 .cse8) (and .cse0 .cse1 .cse7 .cse9 .cse3 .cse4 .cse10)))) [2022-11-03 02:21:41,309 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-03 02:21:41,310 INFO L895 garLoopResultBuilder]: At program point L442(lines 442 449) the Hoare annotation is: (let ((.cse2 (select |#memory_int| 11)) (.cse8 (select |#memory_int| 8)) (.cse9 (select |#memory_int| 16)) (.cse4 (select |#memory_int| 9)) (.cse0 (select |#memory_int| 14)) (.cse5 (select |#memory_int| 7)) (.cse1 (select |#memory_int| 6)) (.cse6 (select |#memory_int| 13)) (.cse10 (select |#memory_int| 1)) (.cse11 (select |#memory_int| 15)) (.cse3 (select |#memory_int| 10)) (.cse7 (select |#memory_int| 5))) (and (= (select .cse0 3) 84) (= (select .cse1 2) 102) (= (select .cse2 1) 0) (= 1 (select |#valid| 5)) (= 32 (select .cse3 1)) (= (select |#length| 3) 12) (= (select .cse4 0) 79) (= (select |#valid| 15) 1) (= 112 (select .cse5 4)) (= (select .cse1 0) 79) (= 3 (select |#length| 10)) (= ~pumpRunning~0 0) (= (select |#valid| 26) 1) (= (select .cse5 1) 80) (= 58 (select .cse6 5)) (= (select |#length| 8) 3) (= ~methAndRunningLastTime~0 0) (= (select |#length| 6) 4) (= (select |#valid| 9) 1) (= (select |#length| 4) 13) (= 117 (select .cse5 2)) (= (select .cse7 2) 0) (= 7 (select |#length| 7)) (= 7 (select |#length| 13)) (= 110 (select .cse8 1)) (= (select .cse1 1) 102) (= (select |#valid| 11) 1) (= (select |#valid| 27) 1) (= ~methaneLevelCritical~0 0) (= 58 (select .cse5 5)) (= (select .cse8 0) 79) (= 30 (select |#length| 23)) (= 41 (select .cse9 0)) (= 44 (select .cse5 0)) (= (select |#length| 24) 9) (= |ULTIMATE.start_valid_product_~retValue_acc~6#1| |ULTIMATE.start_valid_product_#res#1|) (= 31 (select |#length| 2)) (= ~head~0.offset 0) (= 44 (select .cse6 0)) (= (select .cse2 0) 10) (= (select .cse0 4) 0) (= 2 (select |#length| 1)) (= (select |#length| 17) 30) (= 73 (select .cse0 2)) (= 9 (select |#length| 18)) (= (select |#length| 19) 21) (= (select |#valid| 3) 1) (= (select |#valid| 7) 1) (= (select |#length| 22) 21) (= (select |#valid| 18) 1) (= (select |#valid| 22) 1) (= 3 (select |#length| 5)) (= 30 (select |#length| 26)) (= 77 (select .cse6 1)) (= 2 (select |#length| 11)) (= 1 ~systemActive~0) (= (select |#length| 15) 3) (= (select |#valid| 24) 1) (= (select .cse4 3) 0) (= (select |#valid| 12) 1) (= (select |#valid| 28) 1) (= (select .cse0 1) 82) (= (select |#valid| 4) 1) (= (select .cse4 1) 102) (= (select .cse8 2) 0) (= (select .cse9 1) 0) (= 101 (select .cse6 2)) (= 25 (select |#length| 25)) (= (select |#valid| 1) 1) (= (select .cse5 6) 0) (= (select .cse4 2) 102) (= (select |#valid| 20) 1) (= (select .cse7 0) 79) (= (select |#length| 12) 13) (= 2 (select |#length| 16)) (= (select |#valid| 21) 1) (= (select |#length| 9) 4) (= 104 (select .cse6 4)) (= (select |#length| 21) 9) (= (select |#valid| 14) 1) (= |ULTIMATE.start_main_~tmp~5#1| 1) (= 116 (select .cse6 3)) (= 5 (select |#length| 14)) (= (select |#valid| 0) 0) (= 30 (select |#length| 20)) (= (select |#valid| 25) 1) (= ~head~0.base 0) (= (select |#valid| 2) 1) (= |#NULL.offset| 0) (= (select .cse0 0) 67) (= ~waterLevel~0 1) (= (select .cse3 2) 0) (= (select |#length| 27) 9) (= (select .cse10 0) 48) (= |ULTIMATE.start_valid_product_#res#1| |ULTIMATE.start_main_~tmp~5#1|) (= (select |#valid| 23) 1) (= (select |#valid| 19) 1) (= (select .cse11 1) 75) (= 109 (select .cse5 3)) (= (select .cse1 3) 0) (= 0 (select .cse6 6)) (= (select |#valid| 16) 1) (= (select .cse11 2) 0) (= (select |#valid| 6) 1) (= (select .cse10 1) 0) (= (select .cse11 0) 79) (= (select .cse3 0) 41) (= (select |#valid| 17) 1) (= (select |#valid| 10) 1) (= (select .cse7 1) 110) (= (select |#valid| 8) 1) (= (select |#length| 28) 25) (= (select |#valid| 13) 1) (< 0 |#StackHeapBarrier|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))) [2022-11-03 02:21:41,310 INFO L902 garLoopResultBuilder]: At program point L442-2(lines 442 449) the Hoare annotation is: true [2022-11-03 02:21:41,311 INFO L895 garLoopResultBuilder]: At program point L116(lines 65 117) the Hoare annotation is: false [2022-11-03 02:21:41,311 INFO L899 garLoopResultBuilder]: For program point L335(lines 335 341) no Hoare annotation was computed. [2022-11-03 02:21:41,311 INFO L895 garLoopResultBuilder]: At program point L335-1(lines 335 341) the Hoare annotation is: (let ((.cse0 (let ((.cse2 (= 0 ~systemActive~0))) (let ((.cse1 (let ((.cse3 (= ~pumpRunning~0 0)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse5 (= |ULTIMATE.start_main_~tmp~5#1| 1))) (or (and .cse3 .cse4 .cse5 (not .cse2)) (and .cse3 (= ~methAndRunningLastTime~0 0) .cse4 .cse5))))) (or (and (= 1 ~systemActive~0) .cse1) (and .cse1 (or (< 1 ~waterLevel~0) .cse2))))))) (or (and .cse0 (= ~methaneLevelCritical~0 1)) (and (= ~methaneLevelCritical~0 0) .cse0))) [2022-11-03 02:21:41,311 INFO L899 garLoopResultBuilder]: For program point L104(lines 104 110) no Hoare annotation was computed. [2022-11-03 02:21:41,311 INFO L895 garLoopResultBuilder]: At program point L104-2(lines 96 111) the Hoare annotation is: (let ((.cse1 (= ~methAndRunningLastTime~0 0)) (.cse3 (= ~methaneLevelCritical~0 1)) (.cse0 (= ~pumpRunning~0 0)) (.cse6 (= 0 ~systemActive~0)) (.cse7 (= ~methaneLevelCritical~0 0)) (.cse8 (<= 2 ~waterLevel~0)) (.cse2 (= 1 ~systemActive~0)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse5 (= |ULTIMATE.start_main_~tmp~5#1| 1)) (.cse9 (= ~pumpRunning~0 1))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse3 .cse4 .cse5 .cse6) (and .cse0 .cse1 .cse7 .cse2 .cse4 .cse5) (and .cse8 .cse2 .cse3 .cse4 .cse5 .cse9) (and .cse0 .cse7 .cse4 .cse5 .cse6) (and .cse7 .cse8 .cse2 .cse4 .cse5 .cse9))) [2022-11-03 02:21:41,312 INFO L899 garLoopResultBuilder]: For program point L67(lines 66 115) no Hoare annotation was computed. [2022-11-03 02:21:41,312 INFO L895 garLoopResultBuilder]: At program point L96(lines 96 111) the Hoare annotation is: (let ((.cse7 (= 0 ~systemActive~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse3 (= ~methaneLevelCritical~0 1)) (.cse6 (= ~methaneLevelCritical~0 0)) (.cse8 (<= 2 ~waterLevel~0)) (.cse2 (= 1 ~systemActive~0)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse5 (= |ULTIMATE.start_main_~tmp~5#1| 1)) (.cse9 (= ~pumpRunning~0 1))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse1 .cse6 .cse4 .cse5 .cse7) (and .cse0 .cse1 .cse3 .cse4 .cse5 .cse7) (and .cse0 .cse1 .cse6 .cse2 .cse4 .cse5) (and .cse8 .cse2 .cse3 .cse4 .cse5 .cse9) (and .cse6 .cse8 .cse2 .cse4 .cse5 .cse9))) [2022-11-03 02:21:41,312 INFO L895 garLoopResultBuilder]: At program point L88(line 88) the Hoare annotation is: (let ((.cse7 (= 0 ~systemActive~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse6 (= ~methaneLevelCritical~0 0)) (.cse8 (<= 2 ~waterLevel~0)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= ~methaneLevelCritical~0 1)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse5 (= |ULTIMATE.start_main_~tmp~5#1| 1)) (.cse9 (= ~pumpRunning~0 1))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse1 .cse6 .cse4 .cse5 .cse7) (and .cse1 .cse6 .cse8 .cse2 .cse4 .cse5 .cse9) (and .cse0 .cse1 .cse3 .cse4 .cse5 .cse7) (and .cse0 .cse1 .cse6 .cse2 .cse4 .cse5) (and (= 2 ~waterLevel~0) .cse6 .cse2 .cse4 .cse5 .cse9) (and .cse8 .cse2 .cse3 .cse4 .cse5 .cse9))) [2022-11-03 02:21:41,312 INFO L895 garLoopResultBuilder]: At program point L113(lines 66 115) the Hoare annotation is: (let ((.cse7 (= 0 ~systemActive~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse6 (= ~methaneLevelCritical~0 0)) (.cse8 (<= 2 ~waterLevel~0)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= ~methaneLevelCritical~0 1)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse5 (= |ULTIMATE.start_main_~tmp~5#1| 1)) (.cse9 (= ~pumpRunning~0 1))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse1 .cse6 .cse4 .cse5 .cse7) (and .cse1 .cse6 .cse8 .cse2 .cse4 .cse5 .cse9) (and .cse0 .cse1 .cse3 .cse4 .cse5 .cse7) (and .cse0 .cse1 .cse6 .cse2 .cse4 .cse5) (and (= 2 ~waterLevel~0) .cse6 .cse2 .cse4 .cse5 .cse9) (and .cse8 .cse2 .cse3 .cse4 .cse5 .cse9))) [2022-11-03 02:21:41,313 INFO L899 garLoopResultBuilder]: For program point L76(lines 76 82) no Hoare annotation was computed. [2022-11-03 02:21:41,313 INFO L899 garLoopResultBuilder]: For program point L76-1(lines 76 82) no Hoare annotation was computed. [2022-11-03 02:21:41,313 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 170 194) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= 1 ~systemActive~0))) (.cse3 (not (= ~methAndRunningLastTime~0 0)))) (and (or .cse0 .cse1 .cse2 (not (= ~methaneLevelCritical~0 1)) .cse3) (or .cse0 .cse1 .cse2 (not (= ~methaneLevelCritical~0 0)) .cse3))) [2022-11-03 02:21:41,313 INFO L895 garLoopResultBuilder]: At program point L184(line 184) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (and (= ~pumpRunning~0 0) (< ~waterLevel~0 2) (= |processEnvironment__wrappee__highWaterSensor_~tmp~1#1| 0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (= ~methaneLevelCritical~0 0))) (.cse3 (not (= ~methAndRunningLastTime~0 0)))) (and (or .cse0 .cse1 .cse2 (not (= ~methaneLevelCritical~0 1)) .cse3) (or .cse0 (not (= |#NULL.offset| 0)) .cse2 (and (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~retValue_acc~2#1| |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1|) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_~retValue_acc~9#1| |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1|) (= |processEnvironment__wrappee__highWaterSensor_~tmp~1#1| |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1|) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp___0~1#1| 0) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_~retValue_acc~9#1| 1) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1| |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp~3#1|)) (not (= ~head~0.offset 0)) .cse4 (not (= |#NULL.base| 0)) (not (<= 0 |#StackHeapBarrier|)) .cse3 (not (= ~head~0.base 0)) (not (= ~cleanupTimeShifts~0 4))) (or .cse0 .cse1 .cse2 .cse4 .cse3))) [2022-11-03 02:21:41,314 INFO L895 garLoopResultBuilder]: At program point L178(lines 178 186) the Hoare annotation is: (let ((.cse2 (< ~waterLevel~0 2))) (let ((.cse1 (not .cse2))) (let ((.cse8 (= ~pumpRunning~0 0)) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (not (= 1 ~systemActive~0))) (.cse6 (not (= ~methaneLevelCritical~0 0))) (.cse9 (and .cse2 (= |processEnvironment__wrappee__highWaterSensor_~tmp~1#1| 0))) (.cse7 (not (= ~methAndRunningLastTime~0 0))) (.cse10 (and .cse1 (= |processEnvironment__wrappee__highWaterSensor_~tmp~1#1| 1)))) (and (or (and (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~retValue_acc~2#1| |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1|) (let ((.cse0 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_~retValue_acc~9#1| |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1|))) (or (and .cse0 .cse1 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_~retValue_acc~9#1| 0)) (and .cse0 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_~retValue_acc~9#1| 1) .cse2))) (= |processEnvironment__wrappee__highWaterSensor_~tmp~1#1| |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1|) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1| |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp~3#1|) (let ((.cse3 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp~3#1| 0))) (or (and .cse3 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp___0~1#1| 1)) (and (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp___0~1#1| 0) (not .cse3))))) .cse4 (not (= |#NULL.offset| 0)) .cse5 (not (= ~head~0.offset 0)) .cse6 (not (= |#NULL.base| 0)) (not (<= 0 |#StackHeapBarrier|)) .cse7 (not (= ~head~0.base 0)) (not (= ~cleanupTimeShifts~0 4))) (or .cse4 .cse8 .cse5 .cse6 .cse7) (or .cse4 .cse5 (and .cse8 (or .cse9 .cse10)) (not (= ~methaneLevelCritical~0 1)) .cse7) (or .cse4 .cse5 .cse6 .cse9 .cse7 .cse10))))) [2022-11-03 02:21:41,314 INFO L895 garLoopResultBuilder]: At program point L174(lines 174 191) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= 1 ~systemActive~0))) (.cse3 (not (= ~methAndRunningLastTime~0 0)))) (and (or .cse0 .cse1 .cse2 (not (= ~methaneLevelCritical~0 1)) .cse3) (or .cse0 .cse1 .cse2 (not (= ~methaneLevelCritical~0 0)) .cse3))) [2022-11-03 02:21:41,314 INFO L895 garLoopResultBuilder]: At program point L189(line 189) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methAndRunningLastTime~0 0)))) (and (or .cse0 .cse1 (not (= ~methaneLevelCritical~0 1)) .cse2) (or .cse0 .cse1 (not (= ~methaneLevelCritical~0 0)) .cse2))) [2022-11-03 02:21:41,314 INFO L899 garLoopResultBuilder]: For program point L189-1(lines 170 194) no Hoare annotation was computed. [2022-11-03 02:21:41,315 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 170 194) no Hoare annotation was computed. [2022-11-03 02:21:41,315 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 546 557) no Hoare annotation was computed. [2022-11-03 02:21:41,315 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 546 557) the Hoare annotation is: (let ((.cse9 (= 0 ~systemActive~0))) (let ((.cse7 (not (= ~methaneLevelCritical~0 1))) (.cse4 (not .cse9)) (.cse6 (not (= ~pumpRunning~0 1))) (.cse8 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= ~pumpRunning~0 0))) (.cse5 (not (= 1 ~systemActive~0))) (.cse1 (not (= ~methaneLevelCritical~0 0))) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse3 (not (= ~methAndRunningLastTime~0 0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse6 .cse7 .cse2 .cse8) (or .cse0 .cse5 .cse7 .cse2 .cse9 .cse3) (or .cse0 .cse7 .cse2 .cse3 .cse4) (or .cse5 .cse1 .cse6 (not (= |old(~waterLevel~0)| 2)) .cse2) (or .cse5 .cse1 .cse6 .cse2 .cse3 .cse8) (or .cse0 .cse5 .cse1 .cse2 .cse9 .cse3)))) [2022-11-03 02:21:41,318 INFO L444 BasicCegarLoop]: Path program histogram: [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:21:41,320 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-03 02:21:41,376 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 03.11 02:21:41 BoogieIcfgContainer [2022-11-03 02:21:41,377 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-03 02:21:41,377 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-03 02:21:41,377 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-03 02:21:41,377 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-03 02:21:41,378 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 02:16:22" (3/4) ... [2022-11-03 02:21:41,381 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-03 02:21:41,386 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-11-03 02:21:41,386 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-03 02:21:41,387 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-03 02:21:41,387 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2022-11-03 02:21:41,387 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-03 02:21:41,387 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-03 02:21:41,387 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 02:21:41,388 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-03 02:21:41,394 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 74 nodes and edges [2022-11-03 02:21:41,395 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 27 nodes and edges [2022-11-03 02:21:41,395 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 12 nodes and edges [2022-11-03 02:21:41,396 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-03 02:21:41,396 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-11-03 02:21:41,396 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 02:21:41,397 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 02:21:41,422 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((unknown-#memory_int-unknown[14][3] == 84 && unknown-#memory_int-unknown[6][2] == 102) && unknown-#memory_int-unknown[11][1] == 0) && 1 == \valid[5]) && 32 == unknown-#memory_int-unknown[10][1]) && unknown-#length-unknown[3] == 12) && unknown-#memory_int-unknown[9][0] == 79) && \valid[15] == 1) && 112 == unknown-#memory_int-unknown[7][4]) && unknown-#memory_int-unknown[6][0] == 79) && 3 == unknown-#length-unknown[10]) && pumpRunning == 0) && \valid[26] == 1) && unknown-#memory_int-unknown[7][1] == 80) && 58 == unknown-#memory_int-unknown[13][5]) && unknown-#length-unknown[8] == 3) && methAndRunningLastTime == 0) && unknown-#length-unknown[6] == 4) && \valid[9] == 1) && unknown-#length-unknown[4] == 13) && 117 == unknown-#memory_int-unknown[7][2]) && unknown-#memory_int-unknown[5][2] == 0) && 7 == unknown-#length-unknown[7]) && 7 == unknown-#length-unknown[13]) && 110 == unknown-#memory_int-unknown[8][1]) && unknown-#memory_int-unknown[6][1] == 102) && \valid[11] == 1) && \valid[27] == 1) && methaneLevelCritical == 0) && 58 == unknown-#memory_int-unknown[7][5]) && unknown-#memory_int-unknown[8][0] == 79) && 30 == unknown-#length-unknown[23]) && 41 == unknown-#memory_int-unknown[16][0]) && 44 == unknown-#memory_int-unknown[7][0]) && unknown-#length-unknown[24] == 9) && retValue_acc == \result) && 31 == unknown-#length-unknown[2]) && head == 0) && 44 == unknown-#memory_int-unknown[13][0]) && unknown-#memory_int-unknown[11][0] == 10) && unknown-#memory_int-unknown[14][4] == 0) && 2 == unknown-#length-unknown[1]) && unknown-#length-unknown[17] == 30) && 73 == unknown-#memory_int-unknown[14][2]) && 9 == unknown-#length-unknown[18]) && unknown-#length-unknown[19] == 21) && \valid[3] == 1) && \valid[7] == 1) && unknown-#length-unknown[22] == 21) && \valid[18] == 1) && \valid[22] == 1) && 3 == unknown-#length-unknown[5]) && 30 == unknown-#length-unknown[26]) && 77 == unknown-#memory_int-unknown[13][1]) && 2 == unknown-#length-unknown[11]) && 1 == systemActive) && unknown-#length-unknown[15] == 3) && \valid[24] == 1) && unknown-#memory_int-unknown[9][3] == 0) && \valid[12] == 1) && \valid[28] == 1) && unknown-#memory_int-unknown[14][1] == 82) && \valid[4] == 1) && unknown-#memory_int-unknown[9][1] == 102) && unknown-#memory_int-unknown[8][2] == 0) && unknown-#memory_int-unknown[16][1] == 0) && 101 == unknown-#memory_int-unknown[13][2]) && 25 == unknown-#length-unknown[25]) && \valid[1] == 1) && unknown-#memory_int-unknown[7][6] == 0) && unknown-#memory_int-unknown[9][2] == 102) && \valid[20] == 1) && unknown-#memory_int-unknown[5][0] == 79) && unknown-#length-unknown[12] == 13) && 2 == unknown-#length-unknown[16]) && \valid[21] == 1) && unknown-#length-unknown[9] == 4) && 104 == unknown-#memory_int-unknown[13][4]) && unknown-#length-unknown[21] == 9) && \valid[14] == 1) && tmp == 1) && 116 == unknown-#memory_int-unknown[13][3]) && 5 == unknown-#length-unknown[14]) && \valid[0] == 0) && 30 == unknown-#length-unknown[20]) && \valid[25] == 1) && head == 0) && \valid[2] == 1) && #NULL == 0) && unknown-#memory_int-unknown[14][0] == 67) && waterLevel == 1) && unknown-#memory_int-unknown[10][2] == 0) && unknown-#length-unknown[27] == 9) && unknown-#memory_int-unknown[1][0] == 48) && \result == tmp) && \valid[23] == 1) && \valid[19] == 1) && unknown-#memory_int-unknown[15][1] == 75) && 109 == unknown-#memory_int-unknown[7][3]) && unknown-#memory_int-unknown[6][3] == 0) && 0 == unknown-#memory_int-unknown[13][6]) && \valid[16] == 1) && unknown-#memory_int-unknown[15][2] == 0) && \valid[6] == 1) && unknown-#memory_int-unknown[1][1] == 0) && unknown-#memory_int-unknown[15][0] == 79) && unknown-#memory_int-unknown[10][0] == 41) && \valid[17] == 1) && \valid[10] == 1) && unknown-#memory_int-unknown[5][1] == 110) && \valid[8] == 1) && unknown-#length-unknown[28] == 25) && \valid[13] == 1) && 0 < unknown-#StackHeapBarrier-unknown) && cleanupTimeShifts == 4) && #NULL == 0 [2022-11-03 02:21:41,423 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((((((((!(#NULL == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(#NULL == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || \old(methAndRunningLastTime) == methAndRunningLastTime) || !(head == 0)) || !(cleanupTimeShifts == 4)) || !(2 <= \old(waterLevel))) && (((!(\old(pumpRunning) == 0) || (((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && \old(waterLevel) == waterLevel) && 0 == systemActive)) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (((pumpRunning == \old(pumpRunning) && 1 == systemActive) && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && \old(waterLevel) == waterLevel)) || !(methaneLevelCritical == 1))) && (((!(\old(pumpRunning) == 0) || (((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && \old(waterLevel) == waterLevel) && 0 == systemActive)) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && ((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || (((pumpRunning == \old(pumpRunning) && 1 == systemActive) && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(methaneLevelCritical == 1)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && \old(waterLevel) == waterLevel)) || !(methaneLevelCritical == 0))) && (((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(2 <= \old(waterLevel))) [2022-11-03 02:21:41,423 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || ((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && methAndRunningLastTime == 0) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) && (((((((((((!(#NULL == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(#NULL == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || \old(methAndRunningLastTime) == methAndRunningLastTime) || !(head == 0)) || !(cleanupTimeShifts == 4)) || !(2 <= \old(waterLevel)))) && (((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || ((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && methAndRunningLastTime == 0) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel)))) && (((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && ((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || ((((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && 1 == systemActive) && \old(waterLevel) <= waterLevel + 1) && pumpRunning == 1) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(2 <= \old(waterLevel)))) && (((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(2 <= \old(waterLevel)))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || ((((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && 1 == systemActive) && \old(waterLevel) <= waterLevel + 1) && pumpRunning == 1) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(2 <= \old(waterLevel))) [2022-11-03 02:21:41,424 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(0 == systemActive)) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || (waterLevel <= 1 && 1 <= waterLevel)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && ((((((((pumpRunning == 0 && waterLevel <= 1) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) || !(\old(pumpRunning) == 0)) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || ((((methAndRunningLastTime == 0 && 2 <= waterLevel) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && pumpRunning == 1)) || !(methaneLevelCritical == 1))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || ((((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && waterLevel <= \old(waterLevel)) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(2 <= \old(waterLevel)))) && (((((((((((!(#NULL == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(#NULL == 0)) || ((methAndRunningLastTime <= 0 && (if waterLevel == 0 then 1 else 0) == 0) && 0 <= methAndRunningLastTime)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(head == 0)) || !(cleanupTimeShifts == 4)) || !(2 <= \old(waterLevel)))) && ((((!(1 == systemActive) || (waterLevel <= 1 && 1 <= waterLevel)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && ((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || ((((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && waterLevel <= \old(waterLevel)) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(methaneLevelCritical == 1)) || !(2 <= \old(waterLevel)))) && ((((((((((!(\old(pumpRunning) == 0) || !(#NULL == 0)) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(#NULL == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || \old(methAndRunningLastTime) == methAndRunningLastTime) || !(head == 0)) || !(cleanupTimeShifts == 4))) && ((((((((pumpRunning == 0 && waterLevel <= 1) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) || !(\old(pumpRunning) == 0)) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || ((((methAndRunningLastTime == 0 && 2 <= waterLevel) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && pumpRunning == 1)) || !(methaneLevelCritical == 0)) [2022-11-03 02:21:41,424 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(methAndRunningLastTime == 0)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(methAndRunningLastTime == 0)) [2022-11-03 02:21:41,425 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || (((pumpRunning == 0 && waterLevel <= \old(waterLevel)) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(0 == systemActive)) && (((((((((pumpRunning == 0 && waterLevel <= 1) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical) || !(\old(pumpRunning) == 0)) || !(\old(methAndRunningLastTime) == 0)) || (((((methAndRunningLastTime == 0 && 2 <= waterLevel) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical) && pumpRunning == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && ((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || (((((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && waterLevel <= \old(waterLevel)) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(2 <= \old(waterLevel)))) && (((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (((pumpRunning == 0 && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical)) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || ((((methAndRunningLastTime == 0 && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical) && pumpRunning == 1)) || !(2 <= \old(waterLevel)))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || (waterLevel <= 1 && 1 <= waterLevel)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (((((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && waterLevel <= \old(waterLevel)) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(2 <= \old(waterLevel)))) && (((((((((((!(#NULL == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(#NULL == 0)) || ((methAndRunningLastTime <= 0 && (if waterLevel == 0 then 1 else 0) == 0) && 0 <= methAndRunningLastTime)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(head == 0)) || !(cleanupTimeShifts == 4)) || !(2 <= \old(waterLevel)))) && ((((!(1 == systemActive) || (waterLevel <= 1 && 1 <= waterLevel)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || (((pumpRunning == 0 && waterLevel <= \old(waterLevel)) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(0 == systemActive))) && ((((((((((!(\old(pumpRunning) == 0) || !(#NULL == 0)) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(#NULL == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || \old(methAndRunningLastTime) == methAndRunningLastTime) || !(head == 0)) || !(cleanupTimeShifts == 4)) [2022-11-03 02:21:41,425 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || ((((((pumpRunning == 0 && methAndRunningLastTime == 0) && tmp == 1) && 1 == systemActive) && waterLevel <= \old(waterLevel)) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(2 <= \old(waterLevel))) && ((((((((((pumpRunning == 0 && methAndRunningLastTime == 0) && waterLevel <= 1) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical) || !(\old(pumpRunning) == 0)) || !(\old(methAndRunningLastTime) == 0)) || (((((methAndRunningLastTime == 0 && 2 <= waterLevel) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical) && pumpRunning == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && ((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || ((((((pumpRunning == 0 && methAndRunningLastTime == 0) && tmp == 1) && 1 == systemActive) && waterLevel <= \old(waterLevel)) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(methaneLevelCritical == 1)) || !(2 <= \old(waterLevel)))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || (waterLevel <= 1 && 1 <= waterLevel)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) && (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || ((((pumpRunning == 0 && methAndRunningLastTime == 0) && waterLevel <= \old(waterLevel)) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || (((waterLevel <= \old(waterLevel) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical) && pumpRunning == 1)) || !(methaneLevelCritical == 1)) || !(2 <= \old(waterLevel)))) && (((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || ((((pumpRunning == 0 && methAndRunningLastTime == 0) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical)) || !(methaneLevelCritical == 1))) && (((((((((((!(#NULL == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || (if waterLevel == 0 then 1 else 0) == 0) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(#NULL == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(head == 0)) || !(cleanupTimeShifts == 4)) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || ((((pumpRunning == 0 && methAndRunningLastTime == 0) && waterLevel <= \old(waterLevel)) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && ((((!(1 == systemActive) || (waterLevel <= 1 && 1 <= waterLevel)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) [2022-11-03 02:21:41,426 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(2 <= \old(waterLevel))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(2 <= \old(waterLevel)))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && (((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) [2022-11-03 02:21:41,427 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((((retValue_acc == \result && (((retValue_acc == \result && !(waterLevel < 2)) && retValue_acc == 0) || ((retValue_acc == \result && retValue_acc == 1) && waterLevel < 2))) && tmp == \result) && \result == tmp) && ((tmp == 0 && tmp___0 == 1) || (tmp___0 == 0 && !(tmp == 0)))) || !(\old(pumpRunning) == 0)) || !(#NULL == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(#NULL == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(methAndRunningLastTime == 0)) || !(head == 0)) || !(cleanupTimeShifts == 4)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(methAndRunningLastTime == 0))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && ((waterLevel < 2 && tmp == 0) || (!(waterLevel < 2) && tmp == 1)))) || !(methaneLevelCritical == 1)) || !(methAndRunningLastTime == 0))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || (waterLevel < 2 && tmp == 0)) || !(methAndRunningLastTime == 0)) || (!(waterLevel < 2) && tmp == 1)) [2022-11-03 02:21:41,451 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/witness.graphml [2022-11-03 02:21:41,452 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-03 02:21:41,452 INFO L158 Benchmark]: Toolchain (without parser) took 321014.13ms. Allocated memory was 100.7MB in the beginning and 775.9MB in the end (delta: 675.3MB). Free memory was 63.2MB in the beginning and 489.3MB in the end (delta: -426.1MB). Peak memory consumption was 249.0MB. Max. memory is 16.1GB. [2022-11-03 02:21:41,453 INFO L158 Benchmark]: CDTParser took 0.27ms. Allocated memory is still 100.7MB. Free memory was 80.5MB in the beginning and 80.4MB in the end (delta: 93.2kB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-03 02:21:41,453 INFO L158 Benchmark]: CACSL2BoogieTranslator took 656.31ms. Allocated memory is still 100.7MB. Free memory was 63.1MB in the beginning and 66.1MB in the end (delta: -3.0MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2022-11-03 02:21:41,454 INFO L158 Benchmark]: Boogie Procedure Inliner took 52.54ms. Allocated memory is still 100.7MB. Free memory was 66.1MB in the beginning and 63.6MB in the end (delta: 2.5MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-11-03 02:21:41,454 INFO L158 Benchmark]: Boogie Preprocessor took 37.89ms. Allocated memory is still 100.7MB. Free memory was 63.6MB in the beginning and 61.8MB in the end (delta: 1.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-03 02:21:41,454 INFO L158 Benchmark]: RCFGBuilder took 905.12ms. Allocated memory was 100.7MB in the beginning and 132.1MB in the end (delta: 31.5MB). Free memory was 61.8MB in the beginning and 95.8MB in the end (delta: -34.0MB). Peak memory consumption was 28.5MB. Max. memory is 16.1GB. [2022-11-03 02:21:41,455 INFO L158 Benchmark]: TraceAbstraction took 319279.49ms. Allocated memory was 132.1MB in the beginning and 775.9MB in the end (delta: 643.8MB). Free memory was 94.9MB in the beginning and 494.6MB in the end (delta: -399.7MB). Peak memory consumption was 480.9MB. Max. memory is 16.1GB. [2022-11-03 02:21:41,455 INFO L158 Benchmark]: Witness Printer took 74.77ms. Allocated memory is still 775.9MB. Free memory was 494.6MB in the beginning and 489.3MB in the end (delta: 5.2MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-03 02:21:41,457 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.27ms. Allocated memory is still 100.7MB. Free memory was 80.5MB in the beginning and 80.4MB in the end (delta: 93.2kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 656.31ms. Allocated memory is still 100.7MB. Free memory was 63.1MB in the beginning and 66.1MB in the end (delta: -3.0MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 52.54ms. Allocated memory is still 100.7MB. Free memory was 66.1MB in the beginning and 63.6MB in the end (delta: 2.5MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 37.89ms. Allocated memory is still 100.7MB. Free memory was 63.6MB in the beginning and 61.8MB in the end (delta: 1.8MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 905.12ms. Allocated memory was 100.7MB in the beginning and 132.1MB in the end (delta: 31.5MB). Free memory was 61.8MB in the beginning and 95.8MB in the end (delta: -34.0MB). Peak memory consumption was 28.5MB. Max. memory is 16.1GB. * TraceAbstraction took 319279.49ms. Allocated memory was 132.1MB in the beginning and 775.9MB in the end (delta: 643.8MB). Free memory was 94.9MB in the beginning and 494.6MB in the end (delta: -399.7MB). Peak memory consumption was 480.9MB. Max. memory is 16.1GB. * Witness Printer took 74.77ms. Allocated memory is still 775.9MB. Free memory was 494.6MB in the beginning and 489.3MB in the end (delta: 5.2MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 1005]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 64 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 319.1s, OverallIterations: 13, TraceHistogramMax: 4, PathProgramHistogramMax: 2, EmptinessCheckTime: 0.1s, AutomataDifference: 73.5s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 104.8s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2985 SdHoareTripleChecker+Valid, 13.0s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2951 mSDsluCounter, 4924 SdHoareTripleChecker+Invalid, 11.5s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 4640 mSDsCounter, 1685 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 8144 IncrementalHoareTripleChecker+Invalid, 9829 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 1685 mSolverCounterUnsat, 1044 mSDtfsCounter, 8144 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 1559 GetRequests, 1121 SyntacticMatches, 37 SemanticMatches, 401 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 11648 ImplicationChecksByTransitivity, 147.0s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1692occurred in iteration=12, InterpolantAutomatonStates: 215, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 1.5s AutomataMinimizationTime, 13 MinimizatonAttempts, 659 StatesRemovedByMinimization, 9 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 37 LocationsWithAnnotation, 2977 PreInvPairs, 3626 NumberOfFragments, 5076 HoareAnnotationTreeSize, 2977 FomulaSimplifications, 34927 FormulaSimplificationTreeSizeReduction, 50.5s HoareSimplificationTime, 37 FomulaSimplificationsInter, 1254388 FormulaSimplificationTreeSizeReductionInter, 53.9s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.2s SsaConstructionTime, 0.9s SatisfiabilityAnalysisTime, 9.2s InterpolantComputationTime, 1351 NumberOfCodeBlocks, 1298 NumberOfCodeBlocksAsserted, 21 NumberOfCheckSat, 1685 ConstructedInterpolants, 0 QuantifiedInterpolants, 5456 SizeOfPredicates, 69 NumberOfNonLiveVariables, 3408 ConjunctsInSsa, 180 ConjunctsInUnsatCore, 24 InterpolantComputations, 9 PerfectInterpolantSequences, 1083/1318 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: OVERALL_TIME: 23.3s, ICFG_INTERPRETER_ENTERED_PROCEDURES: 12, DAG_INTERPRETER_EARLY_EXIT_QUERIES_NONTRIVIAL: 106, DAG_INTERPRETER_EARLY_EXITS: 6, TOOLS_POST_APPLICATIONS: 133, TOOLS_POST_TIME: 8.2s, TOOLS_POST_CALL_APPLICATIONS: 67, TOOLS_POST_CALL_TIME: 10.0s, TOOLS_POST_RETURN_APPLICATIONS: 56, TOOLS_POST_RETURN_TIME: 3.0s, TOOLS_QUANTIFIERELIM_APPLICATIONS: 254, TOOLS_QUANTIFIERELIM_TIME: 21.0s, TOOLS_QUANTIFIERELIM_MAX_TIME: 1.3s, FLUID_QUERY_TIME: 0.0s, FLUID_QUERIES: 316, FLUID_YES_ANSWERS: 0, DOMAIN_JOIN_APPLICATIONS: 60, DOMAIN_JOIN_TIME: 1.5s, DOMAIN_ALPHA_APPLICATIONS: 0, DOMAIN_ALPHA_TIME: 0.0s, DOMAIN_WIDEN_APPLICATIONS: 2, DOMAIN_WIDEN_TIME: 0.1s, DOMAIN_ISSUBSETEQ_APPLICATIONS: 4, DOMAIN_ISSUBSETEQ_TIME: 0.0s, DOMAIN_ISBOTTOM_APPLICATIONS: 106, DOMAIN_ISBOTTOM_TIME: 0.4s, LOOP_SUMMARIZER_APPLICATIONS: 2, LOOP_SUMMARIZER_CACHE_MISSES: 2, LOOP_SUMMARIZER_OVERALL_TIME: 12.3s, LOOP_SUMMARIZER_NEW_COMPUTATION_TIME: 12.3s, LOOP_SUMMARIZER_FIXPOINT_ITERATIONS: 4, CALL_SUMMARIZER_APPLICATIONS: 56, CALL_SUMMARIZER_CACHE_MISSES: 11, CALL_SUMMARIZER_OVERALL_TIME: 0.2s, CALL_SUMMARIZER_NEW_COMPUTATION_TIME: 0.2s, PROCEDURE_GRAPH_BUILDER_TIME: 0.0s, PATH_EXPR_TIME: 0.0s, REGEX_TO_DAG_TIME: 0.0s, DAG_COMPRESSION_TIME: 0.0s, DAG_COMPRESSION_PROCESSED_NODES: 1492, DAG_COMPRESSION_RETAINED_NODES: 273, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 56]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 200]: Loop Invariant Derived loop invariant: ((((((((((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || ((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && methAndRunningLastTime == 0) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) && (((((((((((!(#NULL == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(#NULL == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || \old(methAndRunningLastTime) == methAndRunningLastTime) || !(head == 0)) || !(cleanupTimeShifts == 4)) || !(2 <= \old(waterLevel)))) && (((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || ((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && methAndRunningLastTime == 0) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel)))) && (((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && ((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || ((((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && 1 == systemActive) && \old(waterLevel) <= waterLevel + 1) && pumpRunning == 1) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(2 <= \old(waterLevel)))) && (((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(2 <= \old(waterLevel)))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || ((((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && 1 == systemActive) && \old(waterLevel) <= waterLevel + 1) && pumpRunning == 1) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 466]: Loop Invariant Derived loop invariant: ((((((((((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || ((((((pumpRunning == 0 && methAndRunningLastTime == 0) && tmp == 1) && 1 == systemActive) && waterLevel <= \old(waterLevel)) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(2 <= \old(waterLevel))) && ((((((((((pumpRunning == 0 && methAndRunningLastTime == 0) && waterLevel <= 1) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical) || !(\old(pumpRunning) == 0)) || !(\old(methAndRunningLastTime) == 0)) || (((((methAndRunningLastTime == 0 && 2 <= waterLevel) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical) && pumpRunning == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && ((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || ((((((pumpRunning == 0 && methAndRunningLastTime == 0) && tmp == 1) && 1 == systemActive) && waterLevel <= \old(waterLevel)) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(methaneLevelCritical == 1)) || !(2 <= \old(waterLevel)))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || (waterLevel <= 1 && 1 <= waterLevel)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) && (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || ((((pumpRunning == 0 && methAndRunningLastTime == 0) && waterLevel <= \old(waterLevel)) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || (((waterLevel <= \old(waterLevel) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical) && pumpRunning == 1)) || !(methaneLevelCritical == 1)) || !(2 <= \old(waterLevel)))) && (((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || ((((pumpRunning == 0 && methAndRunningLastTime == 0) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical)) || !(methaneLevelCritical == 1))) && (((((((((((!(#NULL == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || (if waterLevel == 0 then 1 else 0) == 0) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(#NULL == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(head == 0)) || !(cleanupTimeShifts == 4)) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || ((((pumpRunning == 0 && methAndRunningLastTime == 0) && waterLevel <= \old(waterLevel)) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && ((((!(1 == systemActive) || (waterLevel <= 1 && 1 <= waterLevel)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) - InvariantResult [Line: 138]: Loop Invariant Derived loop invariant: (((((((((((((((((!(#NULL == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(#NULL == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || \old(methAndRunningLastTime) == methAndRunningLastTime) || !(head == 0)) || !(cleanupTimeShifts == 4)) || !(2 <= \old(waterLevel))) && (((!(\old(pumpRunning) == 0) || (((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && \old(waterLevel) == waterLevel) && 0 == systemActive)) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (((pumpRunning == \old(pumpRunning) && 1 == systemActive) && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && \old(waterLevel) == waterLevel)) || !(methaneLevelCritical == 1))) && (((!(\old(pumpRunning) == 0) || (((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && \old(waterLevel) == waterLevel) && 0 == systemActive)) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && ((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || (((pumpRunning == \old(pumpRunning) && 1 == systemActive) && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(methaneLevelCritical == 1)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && \old(waterLevel) == waterLevel)) || !(methaneLevelCritical == 0))) && (((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 196]: Loop Invariant Derived loop invariant: ((((((((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(0 == systemActive)) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || (waterLevel <= 1 && 1 <= waterLevel)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && ((((((((pumpRunning == 0 && waterLevel <= 1) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) || !(\old(pumpRunning) == 0)) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || ((((methAndRunningLastTime == 0 && 2 <= waterLevel) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && pumpRunning == 1)) || !(methaneLevelCritical == 1))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || ((((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && waterLevel <= \old(waterLevel)) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(2 <= \old(waterLevel)))) && (((((((((((!(#NULL == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(#NULL == 0)) || ((methAndRunningLastTime <= 0 && (if waterLevel == 0 then 1 else 0) == 0) && 0 <= methAndRunningLastTime)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(head == 0)) || !(cleanupTimeShifts == 4)) || !(2 <= \old(waterLevel)))) && ((((!(1 == systemActive) || (waterLevel <= 1 && 1 <= waterLevel)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && ((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || ((((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && waterLevel <= \old(waterLevel)) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(methaneLevelCritical == 1)) || !(2 <= \old(waterLevel)))) && ((((((((((!(\old(pumpRunning) == 0) || !(#NULL == 0)) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(#NULL == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || \old(methAndRunningLastTime) == methAndRunningLastTime) || !(head == 0)) || !(cleanupTimeShifts == 4))) && ((((((((pumpRunning == 0 && waterLevel <= 1) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) || !(\old(pumpRunning) == 0)) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || ((((methAndRunningLastTime == 0 && 2 <= waterLevel) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && pumpRunning == 1)) || !(methaneLevelCritical == 0)) - InvariantResult [Line: 474]: Loop Invariant Derived loop invariant: ((((((((((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || (((pumpRunning == 0 && waterLevel <= \old(waterLevel)) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(0 == systemActive)) && (((((((((pumpRunning == 0 && waterLevel <= 1) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical) || !(\old(pumpRunning) == 0)) || !(\old(methAndRunningLastTime) == 0)) || (((((methAndRunningLastTime == 0 && 2 <= waterLevel) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical) && pumpRunning == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && ((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || (((((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && waterLevel <= \old(waterLevel)) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(2 <= \old(waterLevel)))) && (((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (((pumpRunning == 0 && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical)) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || ((((methAndRunningLastTime == 0 && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical) && pumpRunning == 1)) || !(2 <= \old(waterLevel)))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || (waterLevel <= 1 && 1 <= waterLevel)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (((((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && waterLevel <= \old(waterLevel)) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(2 <= \old(waterLevel)))) && (((((((((((!(#NULL == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(#NULL == 0)) || ((methAndRunningLastTime <= 0 && (if waterLevel == 0 then 1 else 0) == 0) && 0 <= methAndRunningLastTime)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(head == 0)) || !(cleanupTimeShifts == 4)) || !(2 <= \old(waterLevel)))) && ((((!(1 == systemActive) || (waterLevel <= 1 && 1 <= waterLevel)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || (((pumpRunning == 0 && waterLevel <= \old(waterLevel)) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(0 == systemActive))) && ((((((((((!(\old(pumpRunning) == 0) || !(#NULL == 0)) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(#NULL == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || \old(methAndRunningLastTime) == methAndRunningLastTime) || !(head == 0)) || !(cleanupTimeShifts == 4)) - InvariantResult [Line: 366]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 442]: Loop Invariant Derived loop invariant: ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((unknown-#memory_int-unknown[14][3] == 84 && unknown-#memory_int-unknown[6][2] == 102) && unknown-#memory_int-unknown[11][1] == 0) && 1 == \valid[5]) && 32 == unknown-#memory_int-unknown[10][1]) && unknown-#length-unknown[3] == 12) && unknown-#memory_int-unknown[9][0] == 79) && \valid[15] == 1) && 112 == unknown-#memory_int-unknown[7][4]) && unknown-#memory_int-unknown[6][0] == 79) && 3 == unknown-#length-unknown[10]) && pumpRunning == 0) && \valid[26] == 1) && unknown-#memory_int-unknown[7][1] == 80) && 58 == unknown-#memory_int-unknown[13][5]) && unknown-#length-unknown[8] == 3) && methAndRunningLastTime == 0) && unknown-#length-unknown[6] == 4) && \valid[9] == 1) && unknown-#length-unknown[4] == 13) && 117 == unknown-#memory_int-unknown[7][2]) && unknown-#memory_int-unknown[5][2] == 0) && 7 == unknown-#length-unknown[7]) && 7 == unknown-#length-unknown[13]) && 110 == unknown-#memory_int-unknown[8][1]) && unknown-#memory_int-unknown[6][1] == 102) && \valid[11] == 1) && \valid[27] == 1) && methaneLevelCritical == 0) && 58 == unknown-#memory_int-unknown[7][5]) && unknown-#memory_int-unknown[8][0] == 79) && 30 == unknown-#length-unknown[23]) && 41 == unknown-#memory_int-unknown[16][0]) && 44 == unknown-#memory_int-unknown[7][0]) && unknown-#length-unknown[24] == 9) && retValue_acc == \result) && 31 == unknown-#length-unknown[2]) && head == 0) && 44 == unknown-#memory_int-unknown[13][0]) && unknown-#memory_int-unknown[11][0] == 10) && unknown-#memory_int-unknown[14][4] == 0) && 2 == unknown-#length-unknown[1]) && unknown-#length-unknown[17] == 30) && 73 == unknown-#memory_int-unknown[14][2]) && 9 == unknown-#length-unknown[18]) && unknown-#length-unknown[19] == 21) && \valid[3] == 1) && \valid[7] == 1) && unknown-#length-unknown[22] == 21) && \valid[18] == 1) && \valid[22] == 1) && 3 == unknown-#length-unknown[5]) && 30 == unknown-#length-unknown[26]) && 77 == unknown-#memory_int-unknown[13][1]) && 2 == unknown-#length-unknown[11]) && 1 == systemActive) && unknown-#length-unknown[15] == 3) && \valid[24] == 1) && unknown-#memory_int-unknown[9][3] == 0) && \valid[12] == 1) && \valid[28] == 1) && unknown-#memory_int-unknown[14][1] == 82) && \valid[4] == 1) && unknown-#memory_int-unknown[9][1] == 102) && unknown-#memory_int-unknown[8][2] == 0) && unknown-#memory_int-unknown[16][1] == 0) && 101 == unknown-#memory_int-unknown[13][2]) && 25 == unknown-#length-unknown[25]) && \valid[1] == 1) && unknown-#memory_int-unknown[7][6] == 0) && unknown-#memory_int-unknown[9][2] == 102) && \valid[20] == 1) && unknown-#memory_int-unknown[5][0] == 79) && unknown-#length-unknown[12] == 13) && 2 == unknown-#length-unknown[16]) && \valid[21] == 1) && unknown-#length-unknown[9] == 4) && 104 == unknown-#memory_int-unknown[13][4]) && unknown-#length-unknown[21] == 9) && \valid[14] == 1) && tmp == 1) && 116 == unknown-#memory_int-unknown[13][3]) && 5 == unknown-#length-unknown[14]) && \valid[0] == 0) && 30 == unknown-#length-unknown[20]) && \valid[25] == 1) && head == 0) && \valid[2] == 1) && #NULL == 0) && unknown-#memory_int-unknown[14][0] == 67) && waterLevel == 1) && unknown-#memory_int-unknown[10][2] == 0) && unknown-#length-unknown[27] == 9) && unknown-#memory_int-unknown[1][0] == 48) && \result == tmp) && \valid[23] == 1) && \valid[19] == 1) && unknown-#memory_int-unknown[15][1] == 75) && 109 == unknown-#memory_int-unknown[7][3]) && unknown-#memory_int-unknown[6][3] == 0) && 0 == unknown-#memory_int-unknown[13][6]) && \valid[16] == 1) && unknown-#memory_int-unknown[15][2] == 0) && \valid[6] == 1) && unknown-#memory_int-unknown[1][1] == 0) && unknown-#memory_int-unknown[15][0] == 79) && unknown-#memory_int-unknown[10][0] == 41) && \valid[17] == 1) && \valid[10] == 1) && unknown-#memory_int-unknown[5][1] == 110) && \valid[8] == 1) && unknown-#length-unknown[28] == 25) && \valid[13] == 1) && 0 < unknown-#StackHeapBarrier-unknown) && cleanupTimeShifts == 4) && #NULL == 0 - InvariantResult [Line: 96]: Loop Invariant Derived loop invariant: (((((((((pumpRunning == 0 && methAndRunningLastTime == 0) && 1 == systemActive) && methaneLevelCritical == 1) && splverifierCounter == 0) && tmp == 1) || (((((pumpRunning == 0 && methAndRunningLastTime == 0) && methaneLevelCritical == 0) && splverifierCounter == 0) && tmp == 1) && 0 == systemActive)) || (((((pumpRunning == 0 && methAndRunningLastTime == 0) && methaneLevelCritical == 1) && splverifierCounter == 0) && tmp == 1) && 0 == systemActive)) || (((((pumpRunning == 0 && methAndRunningLastTime == 0) && methaneLevelCritical == 0) && 1 == systemActive) && splverifierCounter == 0) && tmp == 1)) || (((((2 <= waterLevel && 1 == systemActive) && methaneLevelCritical == 1) && splverifierCounter == 0) && tmp == 1) && pumpRunning == 1)) || (((((methaneLevelCritical == 0 && 2 <= waterLevel) && 1 == systemActive) && splverifierCounter == 0) && tmp == 1) && pumpRunning == 1) - InvariantResult [Line: 335]: Loop Invariant Derived loop invariant: (((1 == systemActive && ((((pumpRunning == 0 && splverifierCounter == 0) && tmp == 1) && !(0 == systemActive)) || (((pumpRunning == 0 && methAndRunningLastTime == 0) && splverifierCounter == 0) && tmp == 1))) || (((((pumpRunning == 0 && splverifierCounter == 0) && tmp == 1) && !(0 == systemActive)) || (((pumpRunning == 0 && methAndRunningLastTime == 0) && splverifierCounter == 0) && tmp == 1)) && (1 < waterLevel || 0 == systemActive))) && methaneLevelCritical == 1) || (methaneLevelCritical == 0 && ((1 == systemActive && ((((pumpRunning == 0 && splverifierCounter == 0) && tmp == 1) && !(0 == systemActive)) || (((pumpRunning == 0 && methAndRunningLastTime == 0) && splverifierCounter == 0) && tmp == 1))) || (((((pumpRunning == 0 && splverifierCounter == 0) && tmp == 1) && !(0 == systemActive)) || (((pumpRunning == 0 && methAndRunningLastTime == 0) && splverifierCounter == 0) && tmp == 1)) && (1 < waterLevel || 0 == systemActive)))) - InvariantResult [Line: 178]: Loop Invariant Derived loop invariant: ((((((((((((((((retValue_acc == \result && (((retValue_acc == \result && !(waterLevel < 2)) && retValue_acc == 0) || ((retValue_acc == \result && retValue_acc == 1) && waterLevel < 2))) && tmp == \result) && \result == tmp) && ((tmp == 0 && tmp___0 == 1) || (tmp___0 == 0 && !(tmp == 0)))) || !(\old(pumpRunning) == 0)) || !(#NULL == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(#NULL == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(methAndRunningLastTime == 0)) || !(head == 0)) || !(cleanupTimeShifts == 4)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(methAndRunningLastTime == 0))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && ((waterLevel < 2 && tmp == 0) || (!(waterLevel < 2) && tmp == 1)))) || !(methaneLevelCritical == 1)) || !(methAndRunningLastTime == 0))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || (waterLevel < 2 && tmp == 0)) || !(methAndRunningLastTime == 0)) || (!(waterLevel < 2) && tmp == 1)) - InvariantResult [Line: 174]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(methAndRunningLastTime == 0)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(methAndRunningLastTime == 0)) - InvariantResult [Line: 1005]: Loop Invariant Derived loop invariant: (((((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(2 <= \old(waterLevel))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(2 <= \old(waterLevel)))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && (((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) - InvariantResult [Line: 66]: Loop Invariant Derived loop invariant: ((((((((((pumpRunning == 0 && methAndRunningLastTime == 0) && 1 == systemActive) && methaneLevelCritical == 1) && splverifierCounter == 0) && tmp == 1) || (((((pumpRunning == 0 && methAndRunningLastTime == 0) && methaneLevelCritical == 0) && splverifierCounter == 0) && tmp == 1) && 0 == systemActive)) || ((((((methAndRunningLastTime == 0 && methaneLevelCritical == 0) && 2 <= waterLevel) && 1 == systemActive) && splverifierCounter == 0) && tmp == 1) && pumpRunning == 1)) || (((((pumpRunning == 0 && methAndRunningLastTime == 0) && methaneLevelCritical == 1) && splverifierCounter == 0) && tmp == 1) && 0 == systemActive)) || (((((pumpRunning == 0 && methAndRunningLastTime == 0) && methaneLevelCritical == 0) && 1 == systemActive) && splverifierCounter == 0) && tmp == 1)) || (((((2 == waterLevel && methaneLevelCritical == 0) && 1 == systemActive) && splverifierCounter == 0) && tmp == 1) && pumpRunning == 1)) || (((((2 <= waterLevel && 1 == systemActive) && methaneLevelCritical == 1) && splverifierCounter == 0) && tmp == 1) && pumpRunning == 1) - InvariantResult [Line: 65]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 356]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 442]: Loop Invariant Derived loop invariant: 1 RESULT: Ultimate proved your program to be correct! [2022-11-03 02:21:41,543 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_41c79498-b977-4d4d-bdbf-d9d74661a92b/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE