./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec3_product58.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 5e519f3a Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec3_product58.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash ae631a30e0cfb00652c35b082fd4038988aa5f3b2e1b026ceeb94d0624c45642 --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-5e519f3 [2022-11-03 02:17:36,524 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-03 02:17:36,526 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-03 02:17:36,570 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-03 02:17:36,571 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-03 02:17:36,575 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-03 02:17:36,577 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-03 02:17:36,582 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-03 02:17:36,584 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-03 02:17:36,589 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-03 02:17:36,590 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-03 02:17:36,593 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-03 02:17:36,593 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-03 02:17:36,595 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-03 02:17:36,597 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-03 02:17:36,598 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-03 02:17:36,600 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-03 02:17:36,601 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-03 02:17:36,602 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-03 02:17:36,611 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-03 02:17:36,613 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-03 02:17:36,614 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-03 02:17:36,617 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-03 02:17:36,618 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-03 02:17:36,624 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-03 02:17:36,625 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-03 02:17:36,625 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-03 02:17:36,627 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-03 02:17:36,627 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-03 02:17:36,628 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-03 02:17:36,629 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-03 02:17:36,630 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-03 02:17:36,632 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-03 02:17:36,633 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-03 02:17:36,634 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-03 02:17:36,634 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-03 02:17:36,635 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-03 02:17:36,635 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-03 02:17:36,635 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-03 02:17:36,636 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-03 02:17:36,637 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-03 02:17:36,638 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-03 02:17:36,683 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-03 02:17:36,683 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-03 02:17:36,684 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-03 02:17:36,684 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-03 02:17:36,685 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-03 02:17:36,685 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-03 02:17:36,685 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-03 02:17:36,685 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-03 02:17:36,686 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-03 02:17:36,686 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-03 02:17:36,687 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-03 02:17:36,687 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-03 02:17:36,687 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-03 02:17:36,687 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-03 02:17:36,688 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-03 02:17:36,688 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-03 02:17:36,688 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-03 02:17:36,688 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-03 02:17:36,689 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-03 02:17:36,690 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-03 02:17:36,690 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-03 02:17:36,690 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-03 02:17:36,690 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-03 02:17:36,690 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-03 02:17:36,691 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-03 02:17:36,691 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-03 02:17:36,691 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-03 02:17:36,691 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-03 02:17:36,691 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-03 02:17:36,692 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-03 02:17:36,692 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-03 02:17:36,692 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-03 02:17:36,692 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 02:17:36,693 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-03 02:17:36,693 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-03 02:17:36,693 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-03 02:17:36,693 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-03 02:17:36,693 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-03 02:17:36,694 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-03 02:17:36,694 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-03 02:17:36,694 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-03 02:17:36,694 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> ae631a30e0cfb00652c35b082fd4038988aa5f3b2e1b026ceeb94d0624c45642 [2022-11-03 02:17:37,027 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-03 02:17:37,048 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-03 02:17:37,051 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-03 02:17:37,052 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-03 02:17:37,060 INFO L275 PluginConnector]: CDTParser initialized [2022-11-03 02:17:37,061 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/../../sv-benchmarks/c/product-lines/minepump_spec3_product58.cil.c [2022-11-03 02:17:37,135 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/data/240be5699/dfe2fef4a7d04829bfc2709b5a677e9f/FLAG5d84f53bc [2022-11-03 02:17:37,592 INFO L306 CDTParser]: Found 1 translation units. [2022-11-03 02:17:37,593 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/sv-benchmarks/c/product-lines/minepump_spec3_product58.cil.c [2022-11-03 02:17:37,615 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/data/240be5699/dfe2fef4a7d04829bfc2709b5a677e9f/FLAG5d84f53bc [2022-11-03 02:17:37,944 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/data/240be5699/dfe2fef4a7d04829bfc2709b5a677e9f [2022-11-03 02:17:37,949 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-03 02:17:37,951 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-03 02:17:37,954 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-03 02:17:37,955 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-03 02:17:37,958 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-03 02:17:37,959 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 02:17:37" (1/1) ... [2022-11-03 02:17:37,961 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@24dac2bc and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:17:37, skipping insertion in model container [2022-11-03 02:17:37,961 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 02:17:37" (1/1) ... [2022-11-03 02:17:37,968 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-03 02:17:38,027 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-03 02:17:38,303 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/sv-benchmarks/c/product-lines/minepump_spec3_product58.cil.c[13037,13050] [2022-11-03 02:17:38,375 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 02:17:38,397 INFO L203 MainTranslator]: Completed pre-run [2022-11-03 02:17:38,451 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/sv-benchmarks/c/product-lines/minepump_spec3_product58.cil.c[13037,13050] [2022-11-03 02:17:38,479 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 02:17:38,504 INFO L208 MainTranslator]: Completed translation [2022-11-03 02:17:38,504 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:17:38 WrapperNode [2022-11-03 02:17:38,505 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-03 02:17:38,506 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-03 02:17:38,506 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-03 02:17:38,506 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-03 02:17:38,513 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:17:38" (1/1) ... [2022-11-03 02:17:38,527 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:17:38" (1/1) ... [2022-11-03 02:17:38,557 INFO L138 Inliner]: procedures = 57, calls = 158, calls flagged for inlining = 26, calls inlined = 23, statements flattened = 283 [2022-11-03 02:17:38,558 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-03 02:17:38,558 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-03 02:17:38,559 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-03 02:17:38,559 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-03 02:17:38,576 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:17:38" (1/1) ... [2022-11-03 02:17:38,576 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:17:38" (1/1) ... [2022-11-03 02:17:38,583 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:17:38" (1/1) ... [2022-11-03 02:17:38,583 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:17:38" (1/1) ... [2022-11-03 02:17:38,594 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:17:38" (1/1) ... [2022-11-03 02:17:38,599 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:17:38" (1/1) ... [2022-11-03 02:17:38,600 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:17:38" (1/1) ... [2022-11-03 02:17:38,602 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:17:38" (1/1) ... [2022-11-03 02:17:38,604 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-03 02:17:38,605 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-03 02:17:38,606 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-03 02:17:38,606 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-03 02:17:38,607 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:17:38" (1/1) ... [2022-11-03 02:17:38,613 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 02:17:38,632 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:17:38,650 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-03 02:17:38,667 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-03 02:17:38,693 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-03 02:17:38,693 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-03 02:17:38,693 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-03 02:17:38,694 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-11-03 02:17:38,694 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-11-03 02:17:38,694 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-03 02:17:38,694 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-03 02:17:38,694 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-03 02:17:38,694 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-03 02:17:38,695 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 02:17:38,695 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 02:17:38,695 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-03 02:17:38,695 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-03 02:17:38,695 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-03 02:17:38,695 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-03 02:17:38,696 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-03 02:17:38,696 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-03 02:17:38,696 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-03 02:17:38,776 INFO L235 CfgBuilder]: Building ICFG [2022-11-03 02:17:38,779 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-03 02:17:39,170 INFO L276 CfgBuilder]: Performing block encoding [2022-11-03 02:17:39,396 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-03 02:17:39,396 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-03 02:17:39,399 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 02:17:39 BoogieIcfgContainer [2022-11-03 02:17:39,399 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-03 02:17:39,403 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-03 02:17:39,403 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-03 02:17:39,407 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-03 02:17:39,407 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.11 02:17:37" (1/3) ... [2022-11-03 02:17:39,408 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@869e757 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 02:17:39, skipping insertion in model container [2022-11-03 02:17:39,408 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 02:17:38" (2/3) ... [2022-11-03 02:17:39,408 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@869e757 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 02:17:39, skipping insertion in model container [2022-11-03 02:17:39,409 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 02:17:39" (3/3) ... [2022-11-03 02:17:39,411 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec3_product58.cil.c [2022-11-03 02:17:39,430 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-03 02:17:39,430 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-03 02:17:39,476 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-03 02:17:39,483 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@3a3a0d19, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-03 02:17:39,484 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-03 02:17:39,488 INFO L276 IsEmpty]: Start isEmpty. Operand has 58 states, 37 states have (on average 1.4324324324324325) internal successors, (53), 45 states have internal predecessors, (53), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) [2022-11-03 02:17:39,497 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2022-11-03 02:17:39,497 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:17:39,498 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:17:39,499 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:17:39,503 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:17:39,504 INFO L85 PathProgramCache]: Analyzing trace with hash -1778790351, now seen corresponding path program 1 times [2022-11-03 02:17:39,513 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:17:39,514 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1483083886] [2022-11-03 02:17:39,514 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:17:39,514 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:17:39,621 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:17:39,714 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:17:39,714 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:17:39,716 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1483083886] [2022-11-03 02:17:39,716 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1483083886] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:17:39,717 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:17:39,717 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-03 02:17:39,718 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [173498341] [2022-11-03 02:17:39,721 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:17:39,725 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-03 02:17:39,727 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:17:39,763 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-03 02:17:39,764 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 02:17:39,766 INFO L87 Difference]: Start difference. First operand has 58 states, 37 states have (on average 1.4324324324324325) internal successors, (53), 45 states have internal predecessors, (53), 12 states have call successors, (12), 7 states have call predecessors, (12), 7 states have return successors, (12), 10 states have call predecessors, (12), 12 states have call successors, (12) Second operand has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:17:39,870 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:17:39,870 INFO L93 Difference]: Finished difference Result 114 states and 155 transitions. [2022-11-03 02:17:39,872 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-03 02:17:39,873 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 17 [2022-11-03 02:17:39,873 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:17:39,882 INFO L225 Difference]: With dead ends: 114 [2022-11-03 02:17:39,882 INFO L226 Difference]: Without dead ends: 53 [2022-11-03 02:17:39,886 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 02:17:39,889 INFO L413 NwaCegarLoop]: 56 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 56 SdHoareTripleChecker+Invalid, 19 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:17:39,890 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 56 Invalid, 19 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:17:39,911 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 53 states. [2022-11-03 02:17:39,931 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 53 to 53. [2022-11-03 02:17:39,932 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 53 states, 34 states have (on average 1.3235294117647058) internal successors, (45), 41 states have internal predecessors, (45), 12 states have call successors, (12), 7 states have call predecessors, (12), 6 states have return successors, (11), 9 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-03 02:17:39,934 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 53 states to 53 states and 68 transitions. [2022-11-03 02:17:39,936 INFO L78 Accepts]: Start accepts. Automaton has 53 states and 68 transitions. Word has length 17 [2022-11-03 02:17:39,936 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:17:39,936 INFO L495 AbstractCegarLoop]: Abstraction has 53 states and 68 transitions. [2022-11-03 02:17:39,936 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:17:39,937 INFO L276 IsEmpty]: Start isEmpty. Operand 53 states and 68 transitions. [2022-11-03 02:17:39,938 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 19 [2022-11-03 02:17:39,938 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:17:39,939 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:17:39,939 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-03 02:17:39,939 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:17:39,940 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:17:39,940 INFO L85 PathProgramCache]: Analyzing trace with hash 942296326, now seen corresponding path program 1 times [2022-11-03 02:17:39,940 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:17:39,941 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1878108958] [2022-11-03 02:17:39,941 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:17:39,941 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:17:39,970 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:17:40,105 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:17:40,105 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:17:40,106 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1878108958] [2022-11-03 02:17:40,106 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1878108958] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:17:40,106 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:17:40,106 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 02:17:40,106 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [330936509] [2022-11-03 02:17:40,107 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:17:40,108 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 02:17:40,108 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:17:40,109 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 02:17:40,109 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 02:17:40,109 INFO L87 Difference]: Start difference. First operand 53 states and 68 transitions. Second operand has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:17:40,182 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:17:40,182 INFO L93 Difference]: Finished difference Result 83 states and 107 transitions. [2022-11-03 02:17:40,183 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 02:17:40,183 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 18 [2022-11-03 02:17:40,184 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:17:40,187 INFO L225 Difference]: With dead ends: 83 [2022-11-03 02:17:40,187 INFO L226 Difference]: Without dead ends: 45 [2022-11-03 02:17:40,193 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 02:17:40,195 INFO L413 NwaCegarLoop]: 42 mSDtfsCounter, 7 mSDsluCounter, 45 mSDsCounter, 0 mSdLazyCounter, 27 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 10 SdHoareTripleChecker+Valid, 75 SdHoareTripleChecker+Invalid, 27 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 27 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-03 02:17:40,199 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [10 Valid, 75 Invalid, 27 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 27 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-03 02:17:40,200 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 45 states. [2022-11-03 02:17:40,207 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 45 to 45. [2022-11-03 02:17:40,208 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 45 states, 29 states have (on average 1.3448275862068966) internal successors, (39), 36 states have internal predecessors, (39), 9 states have call successors, (9), 6 states have call predecessors, (9), 6 states have return successors, (9), 7 states have call predecessors, (9), 9 states have call successors, (9) [2022-11-03 02:17:40,209 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 45 states to 45 states and 57 transitions. [2022-11-03 02:17:40,209 INFO L78 Accepts]: Start accepts. Automaton has 45 states and 57 transitions. Word has length 18 [2022-11-03 02:17:40,209 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:17:40,209 INFO L495 AbstractCegarLoop]: Abstraction has 45 states and 57 transitions. [2022-11-03 02:17:40,210 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:17:40,210 INFO L276 IsEmpty]: Start isEmpty. Operand 45 states and 57 transitions. [2022-11-03 02:17:40,211 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 21 [2022-11-03 02:17:40,211 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:17:40,211 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:17:40,211 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-03 02:17:40,211 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:17:40,212 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:17:40,212 INFO L85 PathProgramCache]: Analyzing trace with hash 1782950032, now seen corresponding path program 1 times [2022-11-03 02:17:40,212 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:17:40,213 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1235660376] [2022-11-03 02:17:40,213 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:17:40,213 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:17:40,258 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:17:40,569 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:17:40,569 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:17:40,569 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1235660376] [2022-11-03 02:17:40,570 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1235660376] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:17:40,570 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:17:40,570 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [5] imperfect sequences [] total 5 [2022-11-03 02:17:40,570 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1219545125] [2022-11-03 02:17:40,570 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:17:40,571 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 5 states [2022-11-03 02:17:40,571 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:17:40,572 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 5 interpolants. [2022-11-03 02:17:40,572 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=8, Invalid=12, Unknown=0, NotChecked=0, Total=20 [2022-11-03 02:17:40,572 INFO L87 Difference]: Start difference. First operand 45 states and 57 transitions. Second operand has 5 states, 5 states have (on average 3.4) internal successors, (17), 5 states have internal predecessors, (17), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:17:40,779 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:17:40,779 INFO L93 Difference]: Finished difference Result 153 states and 195 transitions. [2022-11-03 02:17:40,780 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 6 states. [2022-11-03 02:17:40,780 INFO L78 Accepts]: Start accepts. Automaton has has 5 states, 5 states have (on average 3.4) internal successors, (17), 5 states have internal predecessors, (17), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 20 [2022-11-03 02:17:40,780 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:17:40,784 INFO L225 Difference]: With dead ends: 153 [2022-11-03 02:17:40,785 INFO L226 Difference]: Without dead ends: 110 [2022-11-03 02:17:40,790 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 8 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 5 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=18, Invalid=24, Unknown=0, NotChecked=0, Total=42 [2022-11-03 02:17:40,795 INFO L413 NwaCegarLoop]: 53 mSDtfsCounter, 66 mSDsluCounter, 178 mSDsCounter, 0 mSdLazyCounter, 84 mSolverCounterSat, 6 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 66 SdHoareTripleChecker+Valid, 203 SdHoareTripleChecker+Invalid, 90 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 6 IncrementalHoareTripleChecker+Valid, 84 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:17:40,797 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [66 Valid, 203 Invalid, 90 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [6 Valid, 84 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:17:40,799 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 110 states. [2022-11-03 02:17:40,840 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 110 to 91. [2022-11-03 02:17:40,841 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 91 states, 60 states have (on average 1.2666666666666666) internal successors, (76), 69 states have internal predecessors, (76), 16 states have call successors, (16), 12 states have call predecessors, (16), 14 states have return successors, (18), 15 states have call predecessors, (18), 16 states have call successors, (18) [2022-11-03 02:17:40,843 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 91 states to 91 states and 110 transitions. [2022-11-03 02:17:40,843 INFO L78 Accepts]: Start accepts. Automaton has 91 states and 110 transitions. Word has length 20 [2022-11-03 02:17:40,843 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:17:40,843 INFO L495 AbstractCegarLoop]: Abstraction has 91 states and 110 transitions. [2022-11-03 02:17:40,844 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 5 states, 5 states have (on average 3.4) internal successors, (17), 5 states have internal predecessors, (17), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-03 02:17:40,844 INFO L276 IsEmpty]: Start isEmpty. Operand 91 states and 110 transitions. [2022-11-03 02:17:40,845 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 24 [2022-11-03 02:17:40,845 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:17:40,845 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:17:40,846 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-03 02:17:40,846 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:17:40,846 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:17:40,847 INFO L85 PathProgramCache]: Analyzing trace with hash -1529217304, now seen corresponding path program 1 times [2022-11-03 02:17:40,847 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:17:40,847 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1525479143] [2022-11-03 02:17:40,847 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:17:40,848 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:17:40,865 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:17:40,931 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:17:40,932 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:17:40,932 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1525479143] [2022-11-03 02:17:40,932 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1525479143] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:17:40,932 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:17:40,932 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 02:17:40,933 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2002423048] [2022-11-03 02:17:40,933 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:17:40,933 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 02:17:40,939 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:17:40,940 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 02:17:40,941 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 02:17:40,941 INFO L87 Difference]: Start difference. First operand 91 states and 110 transitions. Second operand has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-03 02:17:40,981 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:17:40,981 INFO L93 Difference]: Finished difference Result 180 states and 220 transitions. [2022-11-03 02:17:40,981 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 02:17:40,982 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 23 [2022-11-03 02:17:40,982 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:17:40,983 INFO L225 Difference]: With dead ends: 180 [2022-11-03 02:17:40,983 INFO L226 Difference]: Without dead ends: 91 [2022-11-03 02:17:40,983 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 02:17:40,984 INFO L413 NwaCegarLoop]: 40 mSDtfsCounter, 45 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 16 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 45 SdHoareTripleChecker+Valid, 40 SdHoareTripleChecker+Invalid, 16 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 16 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-03 02:17:40,985 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [45 Valid, 40 Invalid, 16 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 16 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-03 02:17:40,985 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 91 states. [2022-11-03 02:17:41,006 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 91 to 91. [2022-11-03 02:17:41,008 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 91 states, 60 states have (on average 1.2333333333333334) internal successors, (74), 69 states have internal predecessors, (74), 16 states have call successors, (16), 12 states have call predecessors, (16), 14 states have return successors, (18), 15 states have call predecessors, (18), 16 states have call successors, (18) [2022-11-03 02:17:41,011 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 91 states to 91 states and 108 transitions. [2022-11-03 02:17:41,015 INFO L78 Accepts]: Start accepts. Automaton has 91 states and 108 transitions. Word has length 23 [2022-11-03 02:17:41,015 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:17:41,015 INFO L495 AbstractCegarLoop]: Abstraction has 91 states and 108 transitions. [2022-11-03 02:17:41,016 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 6.0) internal successors, (18), 3 states have internal predecessors, (18), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-03 02:17:41,016 INFO L276 IsEmpty]: Start isEmpty. Operand 91 states and 108 transitions. [2022-11-03 02:17:41,017 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 27 [2022-11-03 02:17:41,020 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:17:41,020 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:17:41,021 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-03 02:17:41,021 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:17:41,021 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:17:41,022 INFO L85 PathProgramCache]: Analyzing trace with hash 542471680, now seen corresponding path program 1 times [2022-11-03 02:17:41,022 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:17:41,022 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2094606545] [2022-11-03 02:17:41,022 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:17:41,022 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:17:41,047 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:17:41,151 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:17:41,152 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:17:41,152 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2094606545] [2022-11-03 02:17:41,152 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2094606545] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:17:41,152 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:17:41,152 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 02:17:41,152 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [912096448] [2022-11-03 02:17:41,153 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:17:41,153 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 02:17:41,153 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:17:41,154 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 02:17:41,154 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 02:17:41,154 INFO L87 Difference]: Start difference. First operand 91 states and 108 transitions. Second operand has 3 states, 3 states have (on average 7.0) internal successors, (21), 3 states have internal predecessors, (21), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-03 02:17:41,221 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:17:41,221 INFO L93 Difference]: Finished difference Result 169 states and 208 transitions. [2022-11-03 02:17:41,222 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 02:17:41,222 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 7.0) internal successors, (21), 3 states have internal predecessors, (21), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 26 [2022-11-03 02:17:41,222 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:17:41,226 INFO L225 Difference]: With dead ends: 169 [2022-11-03 02:17:41,226 INFO L226 Difference]: Without dead ends: 126 [2022-11-03 02:17:41,229 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 02:17:41,230 INFO L413 NwaCegarLoop]: 52 mSDtfsCounter, 37 mSDsluCounter, 40 mSDsCounter, 0 mSdLazyCounter, 31 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 37 SdHoareTripleChecker+Valid, 85 SdHoareTripleChecker+Invalid, 35 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 31 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-03 02:17:41,230 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [37 Valid, 85 Invalid, 35 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 31 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-03 02:17:41,232 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 126 states. [2022-11-03 02:17:41,276 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 126 to 124. [2022-11-03 02:17:41,277 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 124 states, 83 states have (on average 1.2289156626506024) internal successors, (102), 92 states have internal predecessors, (102), 20 states have call successors, (20), 18 states have call predecessors, (20), 20 states have return successors, (26), 21 states have call predecessors, (26), 20 states have call successors, (26) [2022-11-03 02:17:41,278 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 124 states to 124 states and 148 transitions. [2022-11-03 02:17:41,279 INFO L78 Accepts]: Start accepts. Automaton has 124 states and 148 transitions. Word has length 26 [2022-11-03 02:17:41,279 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:17:41,280 INFO L495 AbstractCegarLoop]: Abstraction has 124 states and 148 transitions. [2022-11-03 02:17:41,280 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 7.0) internal successors, (21), 3 states have internal predecessors, (21), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-03 02:17:41,280 INFO L276 IsEmpty]: Start isEmpty. Operand 124 states and 148 transitions. [2022-11-03 02:17:41,281 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 35 [2022-11-03 02:17:41,282 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:17:41,282 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:17:41,282 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-03 02:17:41,283 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:17:41,283 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:17:41,283 INFO L85 PathProgramCache]: Analyzing trace with hash -232290254, now seen corresponding path program 1 times [2022-11-03 02:17:41,283 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:17:41,284 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1111197698] [2022-11-03 02:17:41,284 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:17:41,284 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:17:41,316 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:17:41,751 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:17:41,751 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:17:41,752 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1111197698] [2022-11-03 02:17:41,752 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1111197698] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:17:41,752 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:17:41,752 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2022-11-03 02:17:41,753 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1264812698] [2022-11-03 02:17:41,753 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:17:41,753 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2022-11-03 02:17:41,754 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:17:41,754 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2022-11-03 02:17:41,754 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=22, Invalid=50, Unknown=0, NotChecked=0, Total=72 [2022-11-03 02:17:41,755 INFO L87 Difference]: Start difference. First operand 124 states and 148 transitions. Second operand has 9 states, 8 states have (on average 3.125) internal successors, (25), 8 states have internal predecessors, (25), 5 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-03 02:17:42,388 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:17:42,389 INFO L93 Difference]: Finished difference Result 371 states and 471 transitions. [2022-11-03 02:17:42,389 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2022-11-03 02:17:42,389 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 8 states have (on average 3.125) internal successors, (25), 8 states have internal predecessors, (25), 5 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) Word has length 34 [2022-11-03 02:17:42,390 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:17:42,395 INFO L225 Difference]: With dead ends: 371 [2022-11-03 02:17:42,396 INFO L226 Difference]: Without dead ends: 295 [2022-11-03 02:17:42,397 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 20 GetRequests, 6 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 36 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=70, Invalid=170, Unknown=0, NotChecked=0, Total=240 [2022-11-03 02:17:42,400 INFO L413 NwaCegarLoop]: 85 mSDtfsCounter, 342 mSDsluCounter, 176 mSDsCounter, 0 mSdLazyCounter, 329 mSolverCounterSat, 180 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 354 SdHoareTripleChecker+Valid, 224 SdHoareTripleChecker+Invalid, 509 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 180 IncrementalHoareTripleChecker+Valid, 329 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2022-11-03 02:17:42,403 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [354 Valid, 224 Invalid, 509 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [180 Valid, 329 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2022-11-03 02:17:42,405 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 295 states. [2022-11-03 02:17:42,455 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 295 to 269. [2022-11-03 02:17:42,456 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 269 states, 184 states have (on average 1.2717391304347827) internal successors, (234), 202 states have internal predecessors, (234), 44 states have call successors, (44), 36 states have call predecessors, (44), 40 states have return successors, (61), 43 states have call predecessors, (61), 44 states have call successors, (61) [2022-11-03 02:17:42,459 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 269 states to 269 states and 339 transitions. [2022-11-03 02:17:42,460 INFO L78 Accepts]: Start accepts. Automaton has 269 states and 339 transitions. Word has length 34 [2022-11-03 02:17:42,460 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:17:42,460 INFO L495 AbstractCegarLoop]: Abstraction has 269 states and 339 transitions. [2022-11-03 02:17:42,460 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 8 states have (on average 3.125) internal successors, (25), 8 states have internal predecessors, (25), 5 states have call successors, (5), 3 states have call predecessors, (5), 3 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-03 02:17:42,461 INFO L276 IsEmpty]: Start isEmpty. Operand 269 states and 339 transitions. [2022-11-03 02:17:42,467 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 36 [2022-11-03 02:17:42,467 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:17:42,467 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:17:42,467 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-03 02:17:42,468 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:17:42,468 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:17:42,470 INFO L85 PathProgramCache]: Analyzing trace with hash 1779709984, now seen corresponding path program 1 times [2022-11-03 02:17:42,470 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:17:42,470 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [105205720] [2022-11-03 02:17:42,470 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:17:42,471 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:17:42,492 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:17:42,659 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-03 02:17:42,659 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:17:42,660 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [105205720] [2022-11-03 02:17:42,660 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [105205720] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:17:42,660 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2052135082] [2022-11-03 02:17:42,660 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:17:42,661 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:17:42,661 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:17:42,666 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:17:42,696 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-03 02:17:42,803 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:17:42,806 INFO L263 TraceCheckSpWp]: Trace formula consists of 357 conjuncts, 35 conjunts are in the unsatisfiable core [2022-11-03 02:17:42,813 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:17:43,049 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 2 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 02:17:43,050 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 02:17:43,534 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 1 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-03 02:17:43,534 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2052135082] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 02:17:43,535 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1481125823] [2022-11-03 02:17:43,556 INFO L159 IcfgInterpreter]: Started Sifa with 34 locations of interest [2022-11-03 02:17:43,556 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 02:17:43,561 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 02:17:43,566 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 02:17:43,567 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 02:17:45,799 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 294 for LOIs [2022-11-03 02:17:45,899 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 295 for LOIs [2022-11-03 02:17:52,373 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 292 for LOIs [2022-11-03 02:17:53,216 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 45 for LOIs [2022-11-03 02:17:53,223 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 02:18:40,856 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '3105#(and (= (select |#length| 15) 25) (= (select (select |#memory_int| 19) 0) 79) (= (select (select |#memory_int| 17) 6) 0) (= 9 (select |#length| 5)) (= (select |#length| 9) 21) (= 30 (select |#length| 7)) (= 1 (select |#valid| 5)) (= (select |#length| 3) 12) (= 2 (select |#length| 20)) (= (select |#valid| 15) 1) (= (select (select |#memory_int| 22) 0) 79) (= 5 (select |#length| 18)) (= (select |#valid| 26) 1) (= (select (select |#memory_int| 27) 2) 0) (= (select (select |#memory_int| 26) 3) 0) (= |timeShift_getWaterLevel_~retValue_acc~7#1| |timeShift_getWaterLevel_#res#1|) (= (select |#valid| 9) 1) (= 13 (select |#length| 16)) (= (select |#length| 12) 25) (= (select (select |#memory_int| 18) 2) 73) (= (select |#length| 28) 2) (= (select |#valid| 11) 1) (= (select |#valid| 27) 1) (= 30 (select |#length| 4)) (= (select |#length| 22) 3) (= 4 (select |#length| 26)) (= 102 (select (select |#memory_int| 23) 1)) (= 31 (select |#length| 2)) (= ~head~0.offset 0) (= (select |#length| 21) 13) (= (select |#length| 27) 3) (<= 1 ~systemActive~0) (= 2 (select |#length| 1)) (= (select |#length| 8) 9) (= 84 (select (select |#memory_int| 18) 3)) (= 41 (select (select |#memory_int| 27) 0)) (= (select |#valid| 3) 1) (= (select |#length| 19) 3) (= (select |#valid| 7) 1) (= |timeShift_getWaterLevel_#res#1| |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1|) (= (select |#valid| 18) 1) (<= |#NULL.offset| 0) (= 0 |timeShift___utac_acc__Specification3_spec__1_~tmp___1~0#1|) (= (select |#valid| 22) 1) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~11#1|) (= 30 (select |#length| 13)) (= 117 (select (select |#memory_int| 24) 2)) (= |old(~pumpRunning~0)| 0) (= (select |#valid| 24) 1) (= 30 (select |#length| 10)) (= (select (select |#memory_int| 19) 2) 0) (= 3 (select |#length| 25)) (= (select |#valid| 12) 1) (= 82 (select (select |#memory_int| 18) 1)) (= (select (select |#memory_int| 25) 1) 110) (= (select |#valid| 28) 1) (= (select (select |#memory_int| 25) 2) 0) (= 102 (select (select |#memory_int| 23) 2)) (= (select (select |#memory_int| 28) 1) 0) (<= ~methaneLevelCritical~0 0) (= (select |#valid| 4) 1) (= |timeShift___utac_acc__Specification3_spec__1_~tmp~4#1| 0) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~11#1|) (<= 0 ~head~0.base) (= (select (select |#memory_int| 22) 2) 0) (= (select |#valid| 1) 1) (= (select |#valid| 20) 1) (= |timeShift_getWaterLevel_~retValue_acc~7#1| ~waterLevel~0) (= (select |#length| 6) 21) (= (select |#valid| 21) 1) (= 7 (select |#length| 24)) (= 58 (select (select |#memory_int| 24) 5)) (= (select (select |#memory_int| 24) 1) 80) (= (select (select |#memory_int| 26) 2) 102) (= (select (select |#memory_int| 24) 6) 0) (<= 0 ~methaneLevelCritical~0) (= (select (select |#memory_int| 18) 4) 0) (= (select |#valid| 14) 1) (= 109 (select (select |#memory_int| 24) 3)) (= |old(~waterLevel~0)| ~waterLevel~0) (= 77 (select (select |#memory_int| 17) 1)) (= 110 (select (select |#memory_int| 22) 1)) (= 9 (select |#length| 14)) (= (select (select |#memory_int| 17) 4) 104) (= (select |#valid| 0) 0) (= 79 (select (select |#memory_int| 26) 0)) (= (select (select |#memory_int| 28) 0) 10) (= (select |#valid| 25) 1) (<= ~head~0.base 0) (= 112 (select (select |#memory_int| 24) 4)) (= (select (select |#memory_int| 23) 3) 0) (= 116 (select (select |#memory_int| 17) 3)) (= (select |#valid| 2) 1) (= (select (select |#memory_int| 20) 0) 41) (= 9 (select |#length| 11)) (= 44 (select (select |#memory_int| 24) 0)) (= (select (select |#memory_int| 26) 1) 102) (= (select (select |#memory_int| 1) 0) 48) (= 67 (select (select |#memory_int| 18) 0)) (= (select |#valid| 23) 1) (= 4 (select |#length| 23)) (= (select (select |#memory_int| 23) 0) 79) (= (select (select |#memory_int| 27) 1) 32) (= 101 (select (select |#memory_int| 17) 2)) (= (select |#valid| 19) 1) (= (select (select |#memory_int| 19) 1) 75) (= (select (select |#memory_int| 20) 1) 0) (<= 0 |#NULL.offset|) (= 44 (select (select |#memory_int| 17) 0)) (= (select |#valid| 16) 1) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification3_spec__1_~tmp___1~0#1|) (= (select |#valid| 6) 1) (= (select (select |#memory_int| 1) 1) 0) (= (select |#length| 17) 7) (= (select |#valid| 17) 1) (= (select |#valid| 10) 1) (= (select |#valid| 8) 1) (= (select (select |#memory_int| 17) 5) 58) (= (select |#valid| 13) 1) (< 0 |#StackHeapBarrier|) (<= ~systemActive~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0) (= 2 |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1|) (= (select (select |#memory_int| 25) 0) 79))' at error location [2022-11-03 02:18:40,856 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 02:18:40,856 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 02:18:40,857 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [8, 8, 10] total 19 [2022-11-03 02:18:40,857 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [52260407] [2022-11-03 02:18:40,857 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 02:18:40,858 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 19 states [2022-11-03 02:18:40,858 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:18:40,858 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 19 interpolants. [2022-11-03 02:18:40,859 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=239, Invalid=1567, Unknown=0, NotChecked=0, Total=1806 [2022-11-03 02:18:40,859 INFO L87 Difference]: Start difference. First operand 269 states and 339 transitions. Second operand has 19 states, 16 states have (on average 2.9375) internal successors, (47), 16 states have internal predecessors, (47), 4 states have call successors, (10), 3 states have call predecessors, (10), 9 states have return successors, (11), 6 states have call predecessors, (11), 4 states have call successors, (11) [2022-11-03 02:18:43,265 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:18:43,265 INFO L93 Difference]: Finished difference Result 1356 states and 1842 transitions. [2022-11-03 02:18:43,269 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 57 states. [2022-11-03 02:18:43,269 INFO L78 Accepts]: Start accepts. Automaton has has 19 states, 16 states have (on average 2.9375) internal successors, (47), 16 states have internal predecessors, (47), 4 states have call successors, (10), 3 states have call predecessors, (10), 9 states have return successors, (11), 6 states have call predecessors, (11), 4 states have call successors, (11) Word has length 35 [2022-11-03 02:18:43,270 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:18:43,276 INFO L225 Difference]: With dead ends: 1356 [2022-11-03 02:18:43,276 INFO L226 Difference]: Without dead ends: 1196 [2022-11-03 02:18:43,280 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 161 GetRequests, 71 SyntacticMatches, 5 SemanticMatches, 85 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2810 ImplicationChecksByTransitivity, 49.0s TimeCoverageRelationStatistics Valid=802, Invalid=6680, Unknown=0, NotChecked=0, Total=7482 [2022-11-03 02:18:43,281 INFO L413 NwaCegarLoop]: 126 mSDtfsCounter, 736 mSDsluCounter, 693 mSDsCounter, 0 mSdLazyCounter, 1063 mSolverCounterSat, 406 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.9s Time, 0 mProtectedPredicate, 0 mProtectedAction, 744 SdHoareTripleChecker+Valid, 714 SdHoareTripleChecker+Invalid, 1469 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 406 IncrementalHoareTripleChecker+Valid, 1063 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:18:43,282 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [744 Valid, 714 Invalid, 1469 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [406 Valid, 1063 Invalid, 0 Unknown, 0 Unchecked, 1.1s Time] [2022-11-03 02:18:43,283 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1196 states. [2022-11-03 02:18:43,399 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1196 to 968. [2022-11-03 02:18:43,401 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 968 states, 683 states have (on average 1.2606149341142021) internal successors, (861), 722 states have internal predecessors, (861), 151 states have call successors, (151), 118 states have call predecessors, (151), 133 states have return successors, (237), 150 states have call predecessors, (237), 151 states have call successors, (237) [2022-11-03 02:18:43,409 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 968 states to 968 states and 1249 transitions. [2022-11-03 02:18:43,410 INFO L78 Accepts]: Start accepts. Automaton has 968 states and 1249 transitions. Word has length 35 [2022-11-03 02:18:43,412 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:18:43,412 INFO L495 AbstractCegarLoop]: Abstraction has 968 states and 1249 transitions. [2022-11-03 02:18:43,412 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 19 states, 16 states have (on average 2.9375) internal successors, (47), 16 states have internal predecessors, (47), 4 states have call successors, (10), 3 states have call predecessors, (10), 9 states have return successors, (11), 6 states have call predecessors, (11), 4 states have call successors, (11) [2022-11-03 02:18:43,413 INFO L276 IsEmpty]: Start isEmpty. Operand 968 states and 1249 transitions. [2022-11-03 02:18:43,414 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 39 [2022-11-03 02:18:43,414 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:18:43,415 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:18:43,454 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-03 02:18:43,634 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:18:43,634 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:18:43,634 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:18:43,635 INFO L85 PathProgramCache]: Analyzing trace with hash 1154155862, now seen corresponding path program 1 times [2022-11-03 02:18:43,635 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:18:43,635 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [685865846] [2022-11-03 02:18:43,635 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:18:43,635 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:18:43,653 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:18:43,781 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-03 02:18:43,782 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:18:43,782 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [685865846] [2022-11-03 02:18:43,782 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [685865846] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:18:43,782 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 02:18:43,782 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [] total 9 [2022-11-03 02:18:43,783 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [695040582] [2022-11-03 02:18:43,783 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:18:43,783 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 9 states [2022-11-03 02:18:43,783 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:18:43,784 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 9 interpolants. [2022-11-03 02:18:43,784 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=16, Invalid=56, Unknown=0, NotChecked=0, Total=72 [2022-11-03 02:18:43,784 INFO L87 Difference]: Start difference. First operand 968 states and 1249 transitions. Second operand has 9 states, 7 states have (on average 3.857142857142857) internal successors, (27), 7 states have internal predecessors, (27), 3 states have call successors, (6), 3 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) [2022-11-03 02:18:44,305 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:18:44,305 INFO L93 Difference]: Finished difference Result 2322 states and 3086 transitions. [2022-11-03 02:18:44,306 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-11-03 02:18:44,306 INFO L78 Accepts]: Start accepts. Automaton has has 9 states, 7 states have (on average 3.857142857142857) internal successors, (27), 7 states have internal predecessors, (27), 3 states have call successors, (6), 3 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) Word has length 38 [2022-11-03 02:18:44,306 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:18:44,316 INFO L225 Difference]: With dead ends: 2322 [2022-11-03 02:18:44,316 INFO L226 Difference]: Without dead ends: 1611 [2022-11-03 02:18:44,319 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 14 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 22 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=56, Invalid=184, Unknown=0, NotChecked=0, Total=240 [2022-11-03 02:18:44,320 INFO L413 NwaCegarLoop]: 59 mSDtfsCounter, 134 mSDsluCounter, 101 mSDsCounter, 0 mSdLazyCounter, 407 mSolverCounterSat, 76 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 137 SdHoareTripleChecker+Valid, 133 SdHoareTripleChecker+Invalid, 483 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 76 IncrementalHoareTripleChecker+Valid, 407 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-03 02:18:44,321 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [137 Valid, 133 Invalid, 483 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [76 Valid, 407 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-03 02:18:44,323 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1611 states. [2022-11-03 02:18:44,497 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1611 to 1611. [2022-11-03 02:18:44,500 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1611 states, 1119 states have (on average 1.2144772117962466) internal successors, (1359), 1184 states have internal predecessors, (1359), 261 states have call successors, (261), 203 states have call predecessors, (261), 230 states have return successors, (423), 261 states have call predecessors, (423), 261 states have call successors, (423) [2022-11-03 02:18:44,508 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1611 states to 1611 states and 2043 transitions. [2022-11-03 02:18:44,509 INFO L78 Accepts]: Start accepts. Automaton has 1611 states and 2043 transitions. Word has length 38 [2022-11-03 02:18:44,509 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:18:44,510 INFO L495 AbstractCegarLoop]: Abstraction has 1611 states and 2043 transitions. [2022-11-03 02:18:44,510 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 9 states, 7 states have (on average 3.857142857142857) internal successors, (27), 7 states have internal predecessors, (27), 3 states have call successors, (6), 3 states have call predecessors, (6), 3 states have return successors, (5), 4 states have call predecessors, (5), 3 states have call successors, (5) [2022-11-03 02:18:44,510 INFO L276 IsEmpty]: Start isEmpty. Operand 1611 states and 2043 transitions. [2022-11-03 02:18:44,512 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 53 [2022-11-03 02:18:44,512 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:18:44,512 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:18:44,513 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7 [2022-11-03 02:18:44,513 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:18:44,513 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:18:44,513 INFO L85 PathProgramCache]: Analyzing trace with hash 1564877046, now seen corresponding path program 1 times [2022-11-03 02:18:44,514 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:18:44,514 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [592518195] [2022-11-03 02:18:44,514 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:18:44,514 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:18:44,528 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:18:44,604 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 16 proven. 1 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-11-03 02:18:44,605 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:18:44,605 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [592518195] [2022-11-03 02:18:44,605 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [592518195] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:18:44,605 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1542951259] [2022-11-03 02:18:44,605 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:18:44,606 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:18:44,606 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:18:44,607 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:18:44,637 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-03 02:18:44,714 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:18:44,741 INFO L263 TraceCheckSpWp]: Trace formula consists of 420 conjuncts, 19 conjunts are in the unsatisfiable core [2022-11-03 02:18:44,743 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:18:44,972 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 4 proven. 8 refuted. 0 times theorem prover too weak. 9 trivial. 0 not checked. [2022-11-03 02:18:44,973 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 02:18:45,262 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 6 proven. 2 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2022-11-03 02:18:45,262 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1542951259] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 02:18:45,262 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [913356914] [2022-11-03 02:18:45,265 INFO L159 IcfgInterpreter]: Started Sifa with 34 locations of interest [2022-11-03 02:18:45,265 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 02:18:45,266 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 02:18:45,266 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 02:18:45,266 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 02:18:46,926 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 296 for LOIs [2022-11-03 02:18:47,511 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 294 for LOIs [2022-11-03 02:18:47,613 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 02:19:01,804 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSifa [913356914] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:19:01,804 INFO L184 FreeRefinementEngine]: Found 1 perfect and 3 imperfect interpolant sequences. [2022-11-03 02:19:01,805 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [11] imperfect sequences [7, 8, 8] total 29 [2022-11-03 02:19:01,805 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [68532142] [2022-11-03 02:19:01,806 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:19:01,806 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 12 states [2022-11-03 02:19:01,806 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:19:01,806 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 12 interpolants. [2022-11-03 02:19:01,807 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=187, Invalid=625, Unknown=0, NotChecked=0, Total=812 [2022-11-03 02:19:01,807 INFO L87 Difference]: Start difference. First operand 1611 states and 2043 transitions. Second operand has 12 states, 11 states have (on average 2.5454545454545454) internal successors, (28), 11 states have internal predecessors, (28), 3 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-03 02:19:04,109 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:19:04,110 INFO L93 Difference]: Finished difference Result 2748 states and 3496 transitions. [2022-11-03 02:19:04,110 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 11 states. [2022-11-03 02:19:04,111 INFO L78 Accepts]: Start accepts. Automaton has has 12 states, 11 states have (on average 2.5454545454545454) internal successors, (28), 11 states have internal predecessors, (28), 3 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) Word has length 52 [2022-11-03 02:19:04,111 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:19:04,120 INFO L225 Difference]: With dead ends: 2748 [2022-11-03 02:19:04,120 INFO L226 Difference]: Without dead ends: 1601 [2022-11-03 02:19:04,126 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 162 GetRequests, 129 SyntacticMatches, 5 SemanticMatches, 28 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 234 ImplicationChecksByTransitivity, 15.8s TimeCoverageRelationStatistics Valid=202, Invalid=668, Unknown=0, NotChecked=0, Total=870 [2022-11-03 02:19:04,129 INFO L413 NwaCegarLoop]: 37 mSDtfsCounter, 35 mSDsluCounter, 84 mSDsCounter, 0 mSdLazyCounter, 173 mSolverCounterSat, 15 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 36 SdHoareTripleChecker+Valid, 116 SdHoareTripleChecker+Invalid, 188 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 15 IncrementalHoareTripleChecker+Valid, 173 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2022-11-03 02:19:04,129 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [36 Valid, 116 Invalid, 188 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [15 Valid, 173 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2022-11-03 02:19:04,131 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1601 states. [2022-11-03 02:19:04,323 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1601 to 1597. [2022-11-03 02:19:04,326 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1597 states, 1110 states have (on average 1.2144144144144144) internal successors, (1348), 1174 states have internal predecessors, (1348), 259 states have call successors, (259), 202 states have call predecessors, (259), 227 states have return successors, (419), 258 states have call predecessors, (419), 259 states have call successors, (419) [2022-11-03 02:19:04,333 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1597 states to 1597 states and 2026 transitions. [2022-11-03 02:19:04,334 INFO L78 Accepts]: Start accepts. Automaton has 1597 states and 2026 transitions. Word has length 52 [2022-11-03 02:19:04,334 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:19:04,334 INFO L495 AbstractCegarLoop]: Abstraction has 1597 states and 2026 transitions. [2022-11-03 02:19:04,335 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 12 states, 11 states have (on average 2.5454545454545454) internal successors, (28), 11 states have internal predecessors, (28), 3 states have call successors, (4), 3 states have call predecessors, (4), 1 states have return successors, (4), 2 states have call predecessors, (4), 3 states have call successors, (4) [2022-11-03 02:19:04,335 INFO L276 IsEmpty]: Start isEmpty. Operand 1597 states and 2026 transitions. [2022-11-03 02:19:04,336 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 56 [2022-11-03 02:19:04,336 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:19:04,337 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:19:04,376 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-03 02:19:04,550 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:19:04,550 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:19:04,550 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:19:04,551 INFO L85 PathProgramCache]: Analyzing trace with hash 53155662, now seen corresponding path program 1 times [2022-11-03 02:19:04,551 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:19:04,551 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1764308951] [2022-11-03 02:19:04,552 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:19:04,552 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:19:04,570 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:19:04,671 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 16 proven. 1 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-11-03 02:19:04,671 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:19:04,671 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1764308951] [2022-11-03 02:19:04,671 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1764308951] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:19:04,672 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [759080797] [2022-11-03 02:19:04,672 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:19:04,672 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:19:04,672 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:19:04,673 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:19:04,698 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-11-03 02:19:04,784 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:19:04,787 INFO L263 TraceCheckSpWp]: Trace formula consists of 426 conjuncts, 24 conjunts are in the unsatisfiable core [2022-11-03 02:19:04,789 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:19:05,003 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 4 proven. 11 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2022-11-03 02:19:05,003 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 02:19:05,351 INFO L134 CoverageAnalysis]: Checked inductivity of 21 backedges. 6 proven. 2 refuted. 0 times theorem prover too weak. 13 trivial. 0 not checked. [2022-11-03 02:19:05,352 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [759080797] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 02:19:05,352 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1993344363] [2022-11-03 02:19:05,354 INFO L159 IcfgInterpreter]: Started Sifa with 37 locations of interest [2022-11-03 02:19:05,354 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 02:19:05,355 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 02:19:05,355 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 02:19:05,355 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 02:19:11,212 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 294 for LOIs [2022-11-03 02:19:11,245 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 299 for LOIs [2022-11-03 02:19:13,072 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 299 for LOIs [2022-11-03 02:19:14,447 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 44 for LOIs [2022-11-03 02:19:14,453 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 02:19:38,934 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '20638#(and (= |timeShift_getWaterLevel_~retValue_acc~7#1| |timeShift_getWaterLevel_#res#1|) (= ~methaneLevelCritical~0 0) (= ~methaneLevelCritical~0 |timeShift___utac_acc__Specification3_spec__1_~tmp~4#1|) (= ~head~0.offset 0) (= |timeShift_getWaterLevel_#res#1| |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1|) (= 0 |timeShift___utac_acc__Specification3_spec__1_~tmp___1~0#1|) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~11#1|) (= 1 ~systemActive~0) (= |old(~pumpRunning~0)| 0) (<= 2 |old(~waterLevel~0)|) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~11#1|) (= |timeShift_getWaterLevel_~retValue_acc~7#1| ~waterLevel~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification3_spec__1_~tmp___1~0#1|) (<= 0 |#StackHeapBarrier|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0) (= 2 |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1|))' at error location [2022-11-03 02:19:38,934 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 02:19:38,934 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 02:19:38,935 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 9, 8] total 19 [2022-11-03 02:19:38,935 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [843025807] [2022-11-03 02:19:38,935 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 02:19:38,935 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 19 states [2022-11-03 02:19:38,935 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:19:38,936 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 19 interpolants. [2022-11-03 02:19:38,936 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=241, Invalid=1565, Unknown=0, NotChecked=0, Total=1806 [2022-11-03 02:19:38,937 INFO L87 Difference]: Start difference. First operand 1597 states and 2026 transitions. Second operand has 19 states, 17 states have (on average 5.705882352941177) internal successors, (97), 18 states have internal predecessors, (97), 9 states have call successors, (19), 7 states have call predecessors, (19), 7 states have return successors, (16), 10 states have call predecessors, (16), 9 states have call successors, (16) [2022-11-03 02:19:44,442 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:19:44,442 INFO L93 Difference]: Finished difference Result 4953 states and 6655 transitions. [2022-11-03 02:19:44,443 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 103 states. [2022-11-03 02:19:44,443 INFO L78 Accepts]: Start accepts. Automaton has has 19 states, 17 states have (on average 5.705882352941177) internal successors, (97), 18 states have internal predecessors, (97), 9 states have call successors, (19), 7 states have call predecessors, (19), 7 states have return successors, (16), 10 states have call predecessors, (16), 9 states have call successors, (16) Word has length 55 [2022-11-03 02:19:44,443 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:19:44,461 INFO L225 Difference]: With dead ends: 4953 [2022-11-03 02:19:44,462 INFO L226 Difference]: Without dead ends: 3358 [2022-11-03 02:19:44,472 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 296 GetRequests, 148 SyntacticMatches, 6 SemanticMatches, 142 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7930 ImplicationChecksByTransitivity, 27.6s TimeCoverageRelationStatistics Valid=1942, Invalid=18650, Unknown=0, NotChecked=0, Total=20592 [2022-11-03 02:19:44,473 INFO L413 NwaCegarLoop]: 166 mSDtfsCounter, 983 mSDsluCounter, 1080 mSDsCounter, 0 mSdLazyCounter, 2869 mSolverCounterSat, 862 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.7s Time, 0 mProtectedPredicate, 0 mProtectedAction, 983 SdHoareTripleChecker+Valid, 960 SdHoareTripleChecker+Invalid, 3731 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 862 IncrementalHoareTripleChecker+Valid, 2869 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.0s IncrementalHoareTripleChecker+Time [2022-11-03 02:19:44,473 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [983 Valid, 960 Invalid, 3731 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [862 Valid, 2869 Invalid, 0 Unknown, 0 Unchecked, 2.0s Time] [2022-11-03 02:19:44,477 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 3358 states. [2022-11-03 02:19:44,808 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 3358 to 3020. [2022-11-03 02:19:44,815 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 3020 states, 2085 states have (on average 1.1645083932853717) internal successors, (2428), 2196 states have internal predecessors, (2428), 495 states have call successors, (495), 403 states have call predecessors, (495), 439 states have return successors, (831), 481 states have call predecessors, (831), 495 states have call successors, (831) [2022-11-03 02:19:44,833 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 3020 states to 3020 states and 3754 transitions. [2022-11-03 02:19:44,834 INFO L78 Accepts]: Start accepts. Automaton has 3020 states and 3754 transitions. Word has length 55 [2022-11-03 02:19:44,834 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:19:44,834 INFO L495 AbstractCegarLoop]: Abstraction has 3020 states and 3754 transitions. [2022-11-03 02:19:44,835 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 19 states, 17 states have (on average 5.705882352941177) internal successors, (97), 18 states have internal predecessors, (97), 9 states have call successors, (19), 7 states have call predecessors, (19), 7 states have return successors, (16), 10 states have call predecessors, (16), 9 states have call successors, (16) [2022-11-03 02:19:44,835 INFO L276 IsEmpty]: Start isEmpty. Operand 3020 states and 3754 transitions. [2022-11-03 02:19:44,837 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 70 [2022-11-03 02:19:44,838 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:19:44,838 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:19:44,878 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2022-11-03 02:19:45,056 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-03 02:19:45,056 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:19:45,056 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:19:45,057 INFO L85 PathProgramCache]: Analyzing trace with hash -227513800, now seen corresponding path program 1 times [2022-11-03 02:19:45,057 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:19:45,057 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1226398039] [2022-11-03 02:19:45,057 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:19:45,057 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:19:45,073 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:19:45,867 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 5 proven. 14 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2022-11-03 02:19:45,867 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:19:45,867 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1226398039] [2022-11-03 02:19:45,867 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1226398039] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:19:45,867 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1972069365] [2022-11-03 02:19:45,867 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:19:45,868 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:19:45,868 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:19:45,869 INFO L229 MonitoredProcess]: Starting monitored process 5 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:19:45,886 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2022-11-03 02:19:45,969 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:19:45,971 INFO L263 TraceCheckSpWp]: Trace formula consists of 450 conjuncts, 23 conjunts are in the unsatisfiable core [2022-11-03 02:19:45,974 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:19:46,075 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 12 proven. 0 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2022-11-03 02:19:46,075 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-03 02:19:46,076 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1972069365] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:19:46,076 INFO L184 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2022-11-03 02:19:46,076 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [18] total 21 [2022-11-03 02:19:46,076 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1983999261] [2022-11-03 02:19:46,076 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:19:46,077 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-03 02:19:46,078 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:19:46,078 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-03 02:19:46,079 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=60, Invalid=360, Unknown=0, NotChecked=0, Total=420 [2022-11-03 02:19:46,079 INFO L87 Difference]: Start difference. First operand 3020 states and 3754 transitions. Second operand has 6 states, 6 states have (on average 6.166666666666667) internal successors, (37), 6 states have internal predecessors, (37), 2 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) [2022-11-03 02:19:46,524 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:19:46,525 INFO L93 Difference]: Finished difference Result 4876 states and 6077 transitions. [2022-11-03 02:19:46,525 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-11-03 02:19:46,526 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 6 states have (on average 6.166666666666667) internal successors, (37), 6 states have internal predecessors, (37), 2 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) Word has length 69 [2022-11-03 02:19:46,527 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:19:46,543 INFO L225 Difference]: With dead ends: 4876 [2022-11-03 02:19:46,543 INFO L226 Difference]: Without dead ends: 2225 [2022-11-03 02:19:46,552 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 96 GetRequests, 73 SyntacticMatches, 1 SemanticMatches, 22 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 142 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=75, Invalid=477, Unknown=0, NotChecked=0, Total=552 [2022-11-03 02:19:46,553 INFO L413 NwaCegarLoop]: 45 mSDtfsCounter, 48 mSDsluCounter, 173 mSDsCounter, 0 mSdLazyCounter, 109 mSolverCounterSat, 13 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 52 SdHoareTripleChecker+Valid, 184 SdHoareTripleChecker+Invalid, 122 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 13 IncrementalHoareTripleChecker+Valid, 109 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 02:19:46,553 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [52 Valid, 184 Invalid, 122 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [13 Valid, 109 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 02:19:46,556 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2225 states. [2022-11-03 02:19:46,897 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2225 to 2213. [2022-11-03 02:19:46,901 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 2213 states, 1527 states have (on average 1.1447282252783235) internal successors, (1748), 1606 states have internal predecessors, (1748), 366 states have call successors, (366), 312 states have call predecessors, (366), 319 states have return successors, (536), 348 states have call predecessors, (536), 366 states have call successors, (536) [2022-11-03 02:19:46,908 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 2213 states to 2213 states and 2650 transitions. [2022-11-03 02:19:46,909 INFO L78 Accepts]: Start accepts. Automaton has 2213 states and 2650 transitions. Word has length 69 [2022-11-03 02:19:46,910 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:19:46,910 INFO L495 AbstractCegarLoop]: Abstraction has 2213 states and 2650 transitions. [2022-11-03 02:19:46,910 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 6 states have (on average 6.166666666666667) internal successors, (37), 6 states have internal predecessors, (37), 2 states have call successors, (8), 2 states have call predecessors, (8), 2 states have return successors, (9), 2 states have call predecessors, (9), 2 states have call successors, (9) [2022-11-03 02:19:46,910 INFO L276 IsEmpty]: Start isEmpty. Operand 2213 states and 2650 transitions. [2022-11-03 02:19:46,912 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 70 [2022-11-03 02:19:46,912 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 02:19:46,912 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:19:46,948 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2022-11-03 02:19:47,134 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2022-11-03 02:19:47,134 INFO L420 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 02:19:47,134 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 02:19:47,134 INFO L85 PathProgramCache]: Analyzing trace with hash -958762916, now seen corresponding path program 2 times [2022-11-03 02:19:47,134 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 02:19:47,135 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1261269813] [2022-11-03 02:19:47,135 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 02:19:47,135 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 02:19:47,154 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 02:19:47,461 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 19 proven. 4 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2022-11-03 02:19:47,462 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 02:19:47,462 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1261269813] [2022-11-03 02:19:47,462 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1261269813] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 02:19:47,462 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [351842590] [2022-11-03 02:19:47,462 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2022-11-03 02:19:47,463 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 02:19:47,463 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 02:19:47,464 INFO L229 MonitoredProcess]: Starting monitored process 6 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 02:19:47,490 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2022-11-03 02:19:47,580 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) [2022-11-03 02:19:47,581 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2022-11-03 02:19:47,583 INFO L263 TraceCheckSpWp]: Trace formula consists of 450 conjuncts, 43 conjunts are in the unsatisfiable core [2022-11-03 02:19:47,586 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 02:19:47,687 INFO L134 CoverageAnalysis]: Checked inductivity of 30 backedges. 12 proven. 0 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2022-11-03 02:19:47,688 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-03 02:19:47,688 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [351842590] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 02:19:47,688 INFO L184 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2022-11-03 02:19:47,688 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [11] imperfect sequences [13] total 17 [2022-11-03 02:19:47,688 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [549391541] [2022-11-03 02:19:47,689 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 02:19:47,689 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 11 states [2022-11-03 02:19:47,689 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 02:19:47,690 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 11 interpolants. [2022-11-03 02:19:47,690 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=38, Invalid=234, Unknown=0, NotChecked=0, Total=272 [2022-11-03 02:19:47,690 INFO L87 Difference]: Start difference. First operand 2213 states and 2650 transitions. Second operand has 11 states, 9 states have (on average 4.111111111111111) internal successors, (37), 9 states have internal predecessors, (37), 2 states have call successors, (8), 2 states have call predecessors, (8), 4 states have return successors, (9), 4 states have call predecessors, (9), 2 states have call successors, (9) [2022-11-03 02:19:48,343 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 02:19:48,343 INFO L93 Difference]: Finished difference Result 3756 states and 4588 transitions. [2022-11-03 02:19:48,344 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 16 states. [2022-11-03 02:19:48,344 INFO L78 Accepts]: Start accepts. Automaton has has 11 states, 9 states have (on average 4.111111111111111) internal successors, (37), 9 states have internal predecessors, (37), 2 states have call successors, (8), 2 states have call predecessors, (8), 4 states have return successors, (9), 4 states have call predecessors, (9), 2 states have call successors, (9) Word has length 69 [2022-11-03 02:19:48,344 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 02:19:48,345 INFO L225 Difference]: With dead ends: 3756 [2022-11-03 02:19:48,345 INFO L226 Difference]: Without dead ends: 0 [2022-11-03 02:19:48,354 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 92 GetRequests, 70 SyntacticMatches, 0 SemanticMatches, 22 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 48 ImplicationChecksByTransitivity, 0.2s TimeCoverageRelationStatistics Valid=85, Invalid=467, Unknown=0, NotChecked=0, Total=552 [2022-11-03 02:19:48,354 INFO L413 NwaCegarLoop]: 84 mSDtfsCounter, 131 mSDsluCounter, 557 mSDsCounter, 0 mSdLazyCounter, 408 mSolverCounterSat, 43 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 137 SdHoareTripleChecker+Valid, 538 SdHoareTripleChecker+Invalid, 451 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 43 IncrementalHoareTripleChecker+Valid, 408 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.3s IncrementalHoareTripleChecker+Time [2022-11-03 02:19:48,355 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [137 Valid, 538 Invalid, 451 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [43 Valid, 408 Invalid, 0 Unknown, 0 Unchecked, 0.3s Time] [2022-11-03 02:19:48,355 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-03 02:19:48,355 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-03 02:19:48,356 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 02:19:48,356 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-03 02:19:48,356 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 69 [2022-11-03 02:19:48,356 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 02:19:48,357 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-03 02:19:48,357 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 11 states, 9 states have (on average 4.111111111111111) internal successors, (37), 9 states have internal predecessors, (37), 2 states have call successors, (8), 2 states have call predecessors, (8), 4 states have return successors, (9), 4 states have call predecessors, (9), 2 states have call successors, (9) [2022-11-03 02:19:48,357 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-03 02:19:48,357 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-03 02:19:48,360 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-03 02:19:48,407 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Forceful destruction successful, exit code 0 [2022-11-03 02:19:48,586 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 6 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable11 [2022-11-03 02:19:48,588 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-03 02:20:30,567 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 805 811) no Hoare annotation was computed. [2022-11-03 02:20:30,568 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 805 811) the Hoare annotation is: true [2022-11-03 02:20:30,568 INFO L895 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 596 607) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (< ~waterLevel~0 3)))) (and (or (not (= |old(~methaneLevelCritical~0)| 0)) .cse0 (= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0) .cse1) (or .cse0 (= ~methaneLevelCritical~0 1) (not (= |old(~methaneLevelCritical~0)| 1)) .cse1))) [2022-11-03 02:20:30,568 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 596 607) no Hoare annotation was computed. [2022-11-03 02:20:30,569 INFO L902 garLoopResultBuilder]: At program point isMethaneLevelCriticalENTRY(lines 608 616) the Hoare annotation is: true [2022-11-03 02:20:30,569 INFO L899 garLoopResultBuilder]: For program point isMethaneLevelCriticalEXIT(lines 608 616) no Hoare annotation was computed. [2022-11-03 02:20:30,569 INFO L895 garLoopResultBuilder]: At program point L853(line 853) the Hoare annotation is: (let ((.cse12 (= ~pumpRunning~0 0))) (let ((.cse8 (not .cse12))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse3 (not (< |old(~waterLevel~0)| 3))) (.cse10 (let ((.cse13 (= |old(~waterLevel~0)| ~waterLevel~0))) (or (and .cse12 .cse13) (and .cse8 (let ((.cse14 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse14) .cse13) (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) .cse14))))))) (.cse11 (or (not (<= 2 |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1|)) .cse8)) (.cse6 (not (< |old(~waterLevel~0)| 2))) (.cse1 (not (= 1 ~systemActive~0))) (.cse4 (not (= |old(~pumpRunning~0)| 1))) (.cse7 (not (= ~methaneLevelCritical~0 1))) (.cse9 (not (= |old(~waterLevel~0)| 2))) (.cse5 (= ~pumpRunning~0 1))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse1 .cse2 .cse4 .cse3 .cse5) (or .cse0 .cse1 .cse6 .cse7) (or (and .cse8 (= ~waterLevel~0 1)) .cse1 .cse7 .cse9) (or .cse0 .cse1 .cse7 .cse9) (or .cse1 .cse6 .cse4 .cse7 .cse5) (or .cse1 .cse2 (and .cse10 .cse11 (< ~waterLevel~0 2)) .cse3) (or (and .cse10 .cse11) .cse1 .cse6 .cse7) (or .cse1 .cse4 .cse7 .cse9 .cse5))))) [2022-11-03 02:20:30,570 INFO L895 garLoopResultBuilder]: At program point L858(line 858) the Hoare annotation is: (let ((.cse0 (and (= ~pumpRunning~0 0) (= |old(~waterLevel~0)| ~waterLevel~0))) (.cse2 (not (= ~methaneLevelCritical~0 1))) (.cse1 (not (= 1 ~systemActive~0))) (.cse3 (not (= ~methaneLevelCritical~0 0))) (.cse5 (not (= |old(~pumpRunning~0)| 1))) (.cse4 (not (< |old(~waterLevel~0)| 3)))) (and (or .cse0 .cse1 .cse2 (not (= |old(~waterLevel~0)| 2))) (or .cse0 .cse1 .cse3 .cse4) (or .cse0 .cse1 (not (< |old(~waterLevel~0)| 2)) .cse2) (or .cse1 .cse5 .cse2 .cse4) (or .cse1 .cse3 .cse5 .cse4))) [2022-11-03 02:20:30,570 INFO L895 garLoopResultBuilder]: At program point L858-1(lines 839 863) the Hoare annotation is: (let ((.cse15 (= ~methaneLevelCritical~0 0)) (.cse16 (= 1 ~systemActive~0)) (.cse11 (= ~pumpRunning~0 0)) (.cse6 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse7 (< ~waterLevel~0 2)) (.cse17 (= ~pumpRunning~0 1))) (let ((.cse9 (not (= |old(~pumpRunning~0)| 1))) (.cse10 (and .cse7 .cse17)) (.cse1 (and .cse11 .cse6)) (.cse3 (not (< |old(~waterLevel~0)| 2))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (not (= ~methaneLevelCritical~0 1))) (.cse8 (not (< |old(~waterLevel~0)| 3))) (.cse2 (not .cse16)) (.cse4 (not .cse15)) (.cse12 (not (= |old(~waterLevel~0)| 2))) (.cse14 (= ~waterLevel~0 1)) (.cse13 (and (= 2 ~waterLevel~0) .cse15 .cse16 .cse6 .cse17))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse2 .cse5 .cse6 .cse7 .cse8) (or .cse2 .cse9 .cse5 .cse8 .cse10 (and .cse11 .cse7)) (or .cse11 .cse2 .cse4 .cse9 .cse8 .cse10) (or .cse0 .cse2 .cse5 .cse12 .cse6) (or .cse0 .cse1 .cse2 .cse3 .cse5) (or .cse0 .cse2 .cse4 .cse12 .cse13) (or .cse2 .cse5 .cse12 .cse6 .cse14) (or .cse2 .cse4 .cse6 .cse7 .cse8) (or .cse2 .cse4 .cse12 .cse14 .cse13)))) [2022-11-03 02:20:30,570 INFO L899 garLoopResultBuilder]: For program point L792-1(lines 792 798) no Hoare annotation was computed. [2022-11-03 02:20:30,571 INFO L899 garLoopResultBuilder]: For program point L693(lines 693 699) no Hoare annotation was computed. [2022-11-03 02:20:30,571 INFO L895 garLoopResultBuilder]: At program point L689(lines 689 702) the Hoare annotation is: (let ((.cse4 (= ~methaneLevelCritical~0 |timeShift___utac_acc__Specification3_spec__1_~tmp~4#1|)) (.cse13 (= 1 ~systemActive~0)) (.cse9 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse10 (= ~pumpRunning~0 1))) (let ((.cse1 (not (< |old(~waterLevel~0)| 2))) (.cse8 (= ~pumpRunning~0 0)) (.cse6 (< ~waterLevel~0 2)) (.cse11 (and .cse4 .cse13 .cse9 .cse10)) (.cse5 (<= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1| 1)) (.cse7 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (not (= ~methaneLevelCritical~0 0))) (.cse0 (not .cse13)) (.cse2 (not (= ~methaneLevelCritical~0 1))) (.cse12 (not (= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2) (or .cse0 .cse1 .cse3 (and .cse4 .cse5 .cse6)) (or (not (<= |old(~waterLevel~0)| 1)) .cse7 (and .cse8 .cse9) .cse0 .cse3) (or .cse8 .cse0 .cse3 (not (= |old(~pumpRunning~0)| 1)) (not (< |old(~waterLevel~0)| 3)) (and .cse6 .cse10)) (or .cse7 .cse0 .cse11 .cse3 .cse12) (or .cse0 .cse11 .cse3 (and .cse4 .cse5 (= ~waterLevel~0 1)) .cse12) (or .cse7 (not (= |old(~waterLevel~0)| 1)) .cse0 .cse3 (= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1| 1)) (or .cse0 .cse2 .cse12)))) [2022-11-03 02:20:30,571 INFO L895 garLoopResultBuilder]: At program point L689-1(lines 674 706) the Hoare annotation is: (let ((.cse13 (= ~pumpRunning~0 0)) (.cse14 (= 1 ~systemActive~0)) (.cse18 (= |timeShift___utac_acc__Specification3_spec__1_~tmp~4#1| 1)) (.cse7 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse6 (= ~methaneLevelCritical~0 |timeShift___utac_acc__Specification3_spec__1_~tmp~4#1|)) (.cse8 (<= |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1| 1)) (.cse12 (< ~waterLevel~0 2)) (.cse4 (not (< |old(~waterLevel~0)| 3))) (.cse17 (and .cse14 .cse18 .cse7)) (.cse11 (not (< |old(~waterLevel~0)| 2))) (.cse3 (and .cse13 .cse14)) (.cse5 (= ~pumpRunning~0 1)) (.cse16 (not (= ~methaneLevelCritical~0 1))) (.cse2 (not (= |old(~pumpRunning~0)| 1))) (.cse9 (= ~waterLevel~0 1)) (.cse15 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not .cse14)) (.cse1 (not (= ~methaneLevelCritical~0 0))) (.cse10 (not (= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse0 .cse1 (and .cse6 .cse7 .cse5) (and .cse6 .cse8 .cse9) .cse10) (or .cse0 .cse11 .cse1 (and .cse6 .cse8 .cse12)) (or (not (<= |old(~waterLevel~0)| 1)) (and .cse13 .cse14 .cse7) .cse15 .cse0 .cse1) (or .cse15 .cse0 .cse16 .cse10 .cse17) (or .cse0 .cse16 (and .cse18 .cse12) (and .cse18 .cse7) .cse4) (or .cse15 (and .cse13 .cse7) .cse0 .cse11 .cse16) (or .cse0 .cse16 .cse10 .cse9 .cse17) (or .cse0 .cse11 .cse2 .cse16 .cse3 .cse5) (or (and .cse9 .cse5) (and .cse13 .cse14 .cse9) .cse0 .cse2 .cse16 .cse10) (or .cse0 .cse1 .cse2 .cse10 .cse9) (or .cse15 .cse0 .cse1 .cse10 .cse7)))) [2022-11-03 02:20:30,572 INFO L895 garLoopResultBuilder]: At program point L681(line 681) the Hoare annotation is: (let ((.cse15 (= ~methaneLevelCritical~0 0)) (.cse16 (= 1 ~systemActive~0)) (.cse11 (= ~pumpRunning~0 0)) (.cse6 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse7 (< ~waterLevel~0 2)) (.cse17 (= ~pumpRunning~0 1))) (let ((.cse9 (not (= |old(~pumpRunning~0)| 1))) (.cse10 (and .cse7 .cse17)) (.cse1 (and .cse11 .cse6)) (.cse3 (not (< |old(~waterLevel~0)| 2))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (not (= ~methaneLevelCritical~0 1))) (.cse8 (not (< |old(~waterLevel~0)| 3))) (.cse2 (not .cse16)) (.cse4 (not .cse15)) (.cse12 (not (= |old(~waterLevel~0)| 2))) (.cse14 (= ~waterLevel~0 1)) (.cse13 (and (= 2 ~waterLevel~0) .cse15 .cse16 .cse6 .cse17))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse2 .cse5 .cse6 .cse7 .cse8) (or .cse2 .cse9 .cse5 .cse8 .cse10 (and .cse11 .cse7)) (or .cse11 .cse2 .cse4 .cse9 .cse8 .cse10) (or .cse0 .cse2 .cse5 .cse12 .cse6) (or .cse0 .cse1 .cse2 .cse3 .cse5) (or .cse0 .cse2 .cse4 .cse12 .cse13) (or .cse2 .cse5 .cse12 .cse6 .cse14) (or .cse2 .cse4 .cse6 .cse7 .cse8) (or .cse2 .cse4 .cse12 .cse14 .cse13)))) [2022-11-03 02:20:30,572 INFO L899 garLoopResultBuilder]: For program point L681-1(line 681) no Hoare annotation was computed. [2022-11-03 02:20:30,572 INFO L899 garLoopResultBuilder]: For program point L785-1(lines 784 803) no Hoare annotation was computed. [2022-11-03 02:20:30,573 INFO L895 garLoopResultBuilder]: At program point L847(lines 847 855) the Hoare annotation is: (let ((.cse12 (= ~pumpRunning~0 0))) (let ((.cse8 (not .cse12))) (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse3 (not (< |old(~waterLevel~0)| 3))) (.cse10 (let ((.cse13 (= |old(~waterLevel~0)| ~waterLevel~0))) (or (and .cse12 .cse13) (and .cse8 (let ((.cse14 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse14) .cse13) (and (= |old(~waterLevel~0)| (+ ~waterLevel~0 1)) .cse14))))))) (.cse11 (or (not (<= 2 |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1|)) .cse8)) (.cse6 (not (< |old(~waterLevel~0)| 2))) (.cse1 (not (= 1 ~systemActive~0))) (.cse4 (not (= |old(~pumpRunning~0)| 1))) (.cse7 (not (= ~methaneLevelCritical~0 1))) (.cse9 (not (= |old(~waterLevel~0)| 2))) (.cse5 (= ~pumpRunning~0 1))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse1 .cse2 .cse4 .cse3 .cse5) (or .cse0 .cse1 .cse6 .cse7) (or (and .cse8 (= ~waterLevel~0 1)) .cse1 .cse7 .cse9) (or .cse0 .cse1 .cse7 .cse9) (or .cse1 .cse6 .cse4 .cse7 .cse5) (or .cse1 .cse2 (and .cse10 .cse11 (< ~waterLevel~0 2)) .cse3) (or (and .cse10 .cse11) .cse1 .cse6 .cse7) (or .cse1 .cse4 .cse7 .cse9 .cse5))))) [2022-11-03 02:20:30,573 INFO L895 garLoopResultBuilder]: At program point L843(lines 843 860) the Hoare annotation is: (let ((.cse12 (= ~pumpRunning~0 0))) (let ((.cse8 (not .cse12)) (.cse9 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse13 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse2 (not (= |old(~pumpRunning~0)| 1))) (.cse4 (= ~pumpRunning~0 1)) (.cse3 (not (< |old(~waterLevel~0)| 3))) (.cse7 (not (= |old(~waterLevel~0)| 2))) (.cse11 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= ~methaneLevelCritical~0 0))) (.cse5 (and .cse12 .cse13)) (.cse0 (not (= 1 ~systemActive~0))) (.cse14 (not (< |old(~waterLevel~0)| 2))) (.cse10 (and .cse8 (let ((.cse15 (< 0 |old(~waterLevel~0)|))) (or (and (not .cse15) .cse13) (and .cse9 .cse15))))) (.cse6 (not (= ~methaneLevelCritical~0 1)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse0 .cse6 .cse7 (and .cse8 .cse9)) (or .cse0 .cse2 .cse6 .cse3 .cse4) (or .cse5 .cse0 .cse1 .cse10 .cse3) (or .cse11 .cse12 .cse0 .cse6 .cse3) (or .cse11 .cse0 .cse1 .cse7 .cse13) (or .cse11 .cse12 .cse0 .cse14 .cse1) (or .cse5 .cse0 .cse14 .cse10 .cse6))))) [2022-11-03 02:20:30,574 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 781 804) the Hoare annotation is: (let ((.cse3 (not (< |old(~waterLevel~0)| 3))) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse5 (not (= ~methaneLevelCritical~0 1))) (.cse9 (not (= |old(~pumpRunning~0)| 0))) (.cse10 (= ~pumpRunning~0 0)) (.cse7 (not (< |old(~waterLevel~0)| 2))) (.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= ~methaneLevelCritical~0 0))) (.cse4 (not (= |old(~pumpRunning~0)| 1))) (.cse8 (not (= |old(~waterLevel~0)| 2))) (.cse6 (= ~pumpRunning~0 1))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse4 .cse5 .cse3 .cse6) (or .cse0 .cse7 .cse1 .cse4 .cse6) (or .cse0 .cse5 .cse8 .cse2) (or .cse0 .cse7 .cse5 .cse2) (or (not (<= |old(~waterLevel~0)| 1)) .cse9 .cse10 .cse0 .cse5) (or .cse9 .cse10 .cse0 .cse1 .cse8) (or .cse9 .cse10 .cse0 .cse5 .cse8) (or .cse9 .cse10 .cse0 .cse7 .cse1) (or .cse0 .cse1 .cse4 .cse8 .cse6))) [2022-11-03 02:20:30,574 INFO L895 garLoopResultBuilder]: At program point L559(line 559) the Hoare annotation is: (let ((.cse0 (not (= 1 ~systemActive~0))) (.cse1 (not (= ~methaneLevelCritical~0 1)))) (and (or .cse0 (not (< |old(~waterLevel~0)| 2)) .cse1) (or .cse0 (not (= ~methaneLevelCritical~0 0)) (not (< |old(~waterLevel~0)| 3))) (or .cse0 .cse1 (not (= |old(~waterLevel~0)| 2))))) [2022-11-03 02:20:30,574 INFO L895 garLoopResultBuilder]: At program point L683(lines 683 703) the Hoare annotation is: (let ((.cse16 (= |timeShift___utac_acc__Specification3_spec__1_~tmp~4#1| 1)) (.cse14 (= ~methaneLevelCritical~0 |timeShift___utac_acc__Specification3_spec__1_~tmp~4#1|)) (.cse17 (= 1 ~systemActive~0)) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse13 (< ~waterLevel~0 2)) (.cse18 (= ~pumpRunning~0 1))) (let ((.cse4 (not (< |old(~waterLevel~0)| 2))) (.cse1 (= ~pumpRunning~0 0)) (.cse10 (not (= |old(~pumpRunning~0)| 1))) (.cse12 (and .cse13 .cse18)) (.cse6 (and .cse14 .cse17 .cse2 .cse18)) (.cse5 (not (= ~methaneLevelCritical~0 0))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse15 (and .cse16 .cse2)) (.cse11 (not (< |old(~waterLevel~0)| 3))) (.cse3 (not .cse17)) (.cse9 (not (= ~methaneLevelCritical~0 1))) (.cse7 (not (= |old(~waterLevel~0)| 2))) (.cse8 (= ~waterLevel~0 1))) (and (or .cse0 (and .cse1 .cse2) .cse3 .cse4 .cse5) (or .cse3 .cse6 .cse5 .cse7 .cse8) (or .cse0 .cse1 .cse3 .cse4 .cse9) (or .cse3 .cse10 .cse9 .cse11 .cse12 (and .cse1 .cse13)) (or .cse3 .cse5 (and .cse14 .cse13) (and .cse14 .cse2) .cse11) (or .cse1 .cse3 .cse5 .cse10 .cse11 .cse12) (or .cse0 .cse3 .cse6 .cse5 .cse7) (or .cse0 .cse3 .cse9 .cse15 .cse11) (or .cse3 .cse9 (and .cse16 .cse13) .cse15 .cse11) (or .cse3 .cse9 .cse7 .cse2 .cse8)))) [2022-11-03 02:20:30,574 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 781 804) no Hoare annotation was computed. [2022-11-03 02:20:30,575 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 559) no Hoare annotation was computed. [2022-11-03 02:20:30,575 INFO L902 garLoopResultBuilder]: At program point L66-1(lines 66 70) the Hoare annotation is: true [2022-11-03 02:20:30,575 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 52 81) no Hoare annotation was computed. [2022-11-03 02:20:30,575 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 52 81) the Hoare annotation is: true [2022-11-03 02:20:30,575 INFO L902 garLoopResultBuilder]: At program point L62-2(lines 62 76) the Hoare annotation is: true [2022-11-03 02:20:30,575 INFO L902 garLoopResultBuilder]: At program point L58(line 58) the Hoare annotation is: true [2022-11-03 02:20:30,576 INFO L899 garLoopResultBuilder]: For program point L58-1(line 58) no Hoare annotation was computed. [2022-11-03 02:20:30,576 INFO L902 garLoopResultBuilder]: At program point L77(lines 52 81) the Hoare annotation is: true [2022-11-03 02:20:30,576 INFO L899 garLoopResultBuilder]: For program point L73(line 73) no Hoare annotation was computed. [2022-11-03 02:20:30,576 INFO L899 garLoopResultBuilder]: For program point L66(lines 66 70) no Hoare annotation was computed. [2022-11-03 02:20:30,576 INFO L899 garLoopResultBuilder]: For program point L729(lines 729 735) no Hoare annotation was computed. [2022-11-03 02:20:30,576 INFO L899 garLoopResultBuilder]: For program point L729-1(lines 729 735) no Hoare annotation was computed. [2022-11-03 02:20:30,577 INFO L895 garLoopResultBuilder]: At program point L767(lines 718 768) the Hoare annotation is: false [2022-11-03 02:20:30,577 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-03 02:20:30,578 INFO L895 garLoopResultBuilder]: At program point L140(lines 140 147) the Hoare annotation is: (let ((.cse2 (select |#memory_int| 22)) (.cse9 (select |#memory_int| 28)) (.cse7 (select |#memory_int| 24)) (.cse4 (select |#memory_int| 26)) (.cse5 (select |#memory_int| 18)) (.cse6 (select |#memory_int| 23)) (.cse3 (select |#memory_int| 27)) (.cse0 (select |#memory_int| 19)) (.cse10 (select |#memory_int| 20)) (.cse11 (select |#memory_int| 1)) (.cse1 (select |#memory_int| 17)) (.cse8 (select |#memory_int| 25))) (and (= (select |#length| 15) 25) (= (select .cse0 0) 79) (= (select .cse1 6) 0) (= 9 (select |#length| 5)) (= (select |#length| 9) 21) (= 30 (select |#length| 7)) (= 1 (select |#valid| 5)) (= (select |#length| 3) 12) (= 2 (select |#length| 20)) (= (select |#valid| 15) 1) (= (select .cse2 0) 79) (= 5 (select |#length| 18)) (= ~pumpRunning~0 0) (= (select |#valid| 26) 1) (= (select .cse3 2) 0) (= (select .cse4 3) 0) (= (select |#valid| 9) 1) (= 13 (select |#length| 16)) (= (select |#length| 12) 25) (= (select .cse5 2) 73) (= (select |#length| 28) 2) (= (select |#valid| 11) 1) (= |ULTIMATE.start_valid_product_~retValue_acc~2#1| |ULTIMATE.start_valid_product_#res#1|) (= (select |#valid| 27) 1) (= ~methaneLevelCritical~0 0) (= 30 (select |#length| 4)) (= (select |#length| 22) 3) (= 4 (select |#length| 26)) (= 102 (select .cse6 1)) (= 31 (select |#length| 2)) (= ~head~0.offset 0) (= |ULTIMATE.start_main_~tmp~0#1| 1) (= (select |#length| 21) 13) (= (select |#length| 27) 3) (= 2 (select |#length| 1)) (= (select |#length| 8) 9) (= 84 (select .cse5 3)) (= 41 (select .cse3 0)) (= (select |#valid| 3) 1) (= (select |#length| 19) 3) (= (select |#valid| 7) 1) (= (select |#valid| 18) 1) (= (select |#valid| 22) 1) (= 30 (select |#length| 13)) (= 117 (select .cse7 2)) (= 1 ~systemActive~0) (= (select |#valid| 24) 1) (= 30 (select |#length| 10)) (= (select .cse0 2) 0) (= 3 (select |#length| 25)) (= (select |#valid| 12) 1) (= 82 (select .cse5 1)) (= |ULTIMATE.start_valid_product_~retValue_acc~2#1| 1) (= (select .cse8 1) 110) (= (select |#valid| 28) 1) (= (select .cse8 2) 0) (= 102 (select .cse6 2)) (= (select .cse9 1) 0) (= (select |#valid| 4) 1) (= (select .cse2 2) 0) (= (select |#valid| 1) 1) (= (select |#valid| 20) 1) (= (select |#length| 6) 21) (= (select |#valid| 21) 1) (= 7 (select |#length| 24)) (= 58 (select .cse7 5)) (= (select .cse7 1) 80) (= (select .cse4 2) 102) (= (select .cse7 6) 0) (= (select .cse5 4) 0) (= (select |#valid| 14) 1) (= 109 (select .cse7 3)) (= 77 (select .cse1 1)) (= 110 (select .cse2 1)) (= 9 (select |#length| 14)) (= (select .cse1 4) 104) (= (select |#valid| 0) 0) (= 79 (select .cse4 0)) (= (select .cse9 0) 10) (= (select |#valid| 25) 1) (= ~head~0.base 0) (= 112 (select .cse7 4)) (= (select .cse6 3) 0) (= 116 (select .cse1 3)) (= (select |#valid| 2) 1) (= (select .cse10 0) 41) (= |#NULL.offset| 0) (= 9 (select |#length| 11)) (= 44 (select .cse7 0)) (= ~waterLevel~0 1) (= (select .cse4 1) 102) (= (select .cse11 0) 48) (= 67 (select .cse5 0)) (= (select |#valid| 23) 1) (= 4 (select |#length| 23)) (= (select .cse6 0) 79) (= (select .cse3 1) 32) (= 101 (select .cse1 2)) (= (select |#valid| 19) 1) (= (select .cse0 1) 75) (= (select .cse10 1) 0) (= 44 (select .cse1 0)) (= (select |#valid| 16) 1) (= (select |#valid| 6) 1) (= (select .cse11 1) 0) (= (select |#length| 17) 7) (= (select |#valid| 17) 1) (= (select |#valid| 10) 1) (= (select |#valid| 8) 1) (= (select .cse1 5) 58) (= (select |#valid| 13) 1) (< 0 |#StackHeapBarrier|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0) (= (select .cse8 0) 79))) [2022-11-03 02:20:30,578 INFO L902 garLoopResultBuilder]: At program point L140-2(lines 140 147) the Hoare annotation is: true [2022-11-03 02:20:30,578 INFO L899 garLoopResultBuilder]: For program point L739(lines 739 745) no Hoare annotation was computed. [2022-11-03 02:20:30,579 INFO L895 garLoopResultBuilder]: At program point L739-1(lines 739 745) the Hoare annotation is: (let ((.cse0 (= ~methaneLevelCritical~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 (< ~waterLevel~0 2)) (and .cse1 .cse2 (= ~methaneLevelCritical~0 1) .cse3 (< ~waterLevel~0 3)) (and (= 2 ~waterLevel~0) .cse0 .cse1 .cse2 .cse3))) [2022-11-03 02:20:30,579 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-03 02:20:30,579 INFO L895 garLoopResultBuilder]: At program point L764(lines 719 766) the Hoare annotation is: (let ((.cse0 (= ~methaneLevelCritical~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (< ~waterLevel~0 3))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 (= ~pumpRunning~0 1)) (and .cse0 .cse1 .cse2 .cse3 (< ~waterLevel~0 2)) (and .cse1 .cse2 (= ~methaneLevelCritical~0 1) .cse3 .cse4))) [2022-11-03 02:20:30,579 INFO L895 garLoopResultBuilder]: At program point L731(line 731) the Hoare annotation is: (let ((.cse0 (= ~methaneLevelCritical~0 0))) (let ((.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse4 (or (not .cse0) (= ~pumpRunning~0 1))) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse5 (< ~waterLevel~0 3))) (or (and (= ~pumpRunning~0 0) (= 2 ~waterLevel~0) .cse0 .cse1 .cse2 .cse3) (and .cse0 .cse1 .cse4 .cse2 .cse3 .cse5) (and .cse0 .cse1 .cse2 .cse3 (< ~waterLevel~0 2)) (and .cse1 .cse4 .cse2 (= ~methaneLevelCritical~0 1) .cse3 .cse5)))) [2022-11-03 02:20:30,579 INFO L895 garLoopResultBuilder]: At program point L757-2(lines 749 762) the Hoare annotation is: (let ((.cse0 (= ~methaneLevelCritical~0 0)) (.cse1 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0))) (or (and .cse0 .cse1 .cse2 .cse3 (< ~waterLevel~0 2)) (and .cse1 .cse2 (= ~methaneLevelCritical~0 1) .cse3 (< ~waterLevel~0 3)) (and (= 2 ~waterLevel~0) .cse0 .cse1 .cse2 .cse3))) [2022-11-03 02:20:30,580 INFO L899 garLoopResultBuilder]: For program point L720(lines 719 766) no Hoare annotation was computed. [2022-11-03 02:20:30,580 INFO L895 garLoopResultBuilder]: At program point L741(line 741) the Hoare annotation is: (let ((.cse0 (= |ULTIMATE.start_main_~tmp~0#1| 1)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (< ~waterLevel~0 3))) (or (and (= ~methaneLevelCritical~0 0) .cse0 .cse1 .cse2 .cse3) (and .cse0 .cse1 (= ~methaneLevelCritical~0 1) .cse2 .cse3))) [2022-11-03 02:20:30,580 INFO L902 garLoopResultBuilder]: At program point L770(lines 709 774) the Hoare annotation is: true [2022-11-03 02:20:30,580 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 813 837) the Hoare annotation is: (let ((.cse9 (= |old(~pumpRunning~0)| 0)) (.cse1 (= ~pumpRunning~0 0))) (let ((.cse6 (not (<= ~waterLevel~0 1))) (.cse7 (not (= ~waterLevel~0 1))) (.cse8 (not .cse1)) (.cse0 (not .cse9)) (.cse3 (not (= 2 ~waterLevel~0))) (.cse5 (not (= ~methaneLevelCritical~0 1))) (.cse2 (not (= 1 ~systemActive~0))) (.cse10 (not (< ~waterLevel~0 2))) (.cse4 (not (= ~methaneLevelCritical~0 0))) (.cse11 (not (= |old(~pumpRunning~0)| 1))) (.cse12 (= ~pumpRunning~0 1))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse0 .cse1 .cse2 .cse5 .cse6) (or .cse0 .cse1 .cse2 .cse4 .cse6) (or .cse7 .cse8 .cse2 .cse9 .cse4) (or .cse7 .cse8 .cse2 .cse9 .cse5) (or .cse2 .cse10 .cse11 .cse5 .cse12) (or .cse0 .cse1 .cse2 .cse3 .cse5) (or .cse2 .cse10 .cse4 .cse11 .cse12)))) [2022-11-03 02:20:30,581 INFO L895 garLoopResultBuilder]: At program point L832(line 832) the Hoare annotation is: (let ((.cse5 (not (<= 2 |timeShift___utac_acc__Specification3_spec__1_~tmp___0~0#1|))) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (not (= ~methaneLevelCritical~0 1))) (.cse0 (not (= ~waterLevel~0 1))) (.cse1 (not (= ~pumpRunning~0 0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse6 (not (< ~waterLevel~0 2))) (.cse7 (not (= ~methaneLevelCritical~0 0))) (.cse8 (not (= |old(~pumpRunning~0)| 1))) (.cse9 (= ~pumpRunning~0 1))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse2 .cse3 (not (< ~waterLevel~0 3))) (or .cse5 .cse1 .cse2 .cse6 .cse7) (or .cse4 .cse2 .cse7 (not (<= ~waterLevel~0 1))) (or .cse5 .cse1 .cse2 .cse6 .cse3) (or .cse4 .cse2 (not (= 2 ~waterLevel~0)) .cse7) (or .cse2 .cse6 .cse8 .cse3 .cse9) (or .cse0 .cse1 .cse2 .cse7) (or .cse2 .cse6 .cse7 .cse8 .cse9))) [2022-11-03 02:20:30,581 INFO L899 garLoopResultBuilder]: For program point L832-1(lines 813 837) no Hoare annotation was computed. [2022-11-03 02:20:30,581 INFO L895 garLoopResultBuilder]: At program point L903(line 903) the Hoare annotation is: (let ((.cse14 (< ~waterLevel~0 2))) (let ((.cse3 (not .cse14))) (let ((.cse13 (= 1 ~systemActive~0)) (.cse11 (or (and (= |processEnvironment__wrappee__highWaterSensor_~tmp~6#1| 0) .cse14) (and .cse3 (= |processEnvironment__wrappee__highWaterSensor_~tmp~6#1| 1)))) (.cse12 (= ~pumpRunning~0 0))) (let ((.cse0 (not (= ~waterLevel~0 1))) (.cse7 (not (<= ~waterLevel~0 1))) (.cse6 (not (= |old(~pumpRunning~0)| 0))) (.cse9 (and .cse11 .cse12)) (.cse10 (not (= 2 ~waterLevel~0))) (.cse2 (not (= ~methaneLevelCritical~0 1))) (.cse4 (not (= |old(~pumpRunning~0)| 1))) (.cse1 (not .cse13)) (.cse8 (and .cse11 .cse12 .cse13)) (.cse5 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2) (or .cse1 .cse3 .cse4 .cse2) (or .cse0 .cse1 .cse5) (or .cse6 .cse1 .cse2 .cse7) (or .cse6 .cse1 .cse5 .cse7) (or .cse1 .cse3 .cse8 .cse2) (or .cse6 .cse9 .cse1 .cse10 .cse5) (or .cse6 .cse9 .cse1 .cse10 .cse2) (or .cse1 .cse3 .cse5 .cse4) (or .cse1 .cse3 .cse8 .cse5)))))) [2022-11-03 02:20:30,581 INFO L895 garLoopResultBuilder]: At program point L903-1(line 903) the Hoare annotation is: (let ((.cse13 (< ~waterLevel~0 2))) (let ((.cse5 (not .cse13))) (let ((.cse9 (or (and (= |processEnvironment__wrappee__highWaterSensor_~tmp~6#1| 0) .cse13) (and .cse5 (= |processEnvironment__wrappee__highWaterSensor_~tmp~6#1| 1)))) (.cse10 (= ~pumpRunning~0 0)) (.cse12 (= 1 ~systemActive~0)) (.cse11 (= |processEnvironment__wrappee__highWaterSensor_isMethaneAlarm_#t~ret44#1| ~methaneLevelCritical~0))) (let ((.cse4 (not (= ~waterLevel~0 1))) (.cse8 (not (<= ~waterLevel~0 1))) (.cse2 (and .cse9 .cse10 .cse12 .cse11)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse3 (not (= ~methaneLevelCritical~0 1))) (.cse1 (not .cse12)) (.cse7 (not (= ~methaneLevelCritical~0 0))) (.cse6 (not (= |old(~pumpRunning~0)| 1)))) (and (or .cse0 .cse1 .cse2 (not (= 2 ~waterLevel~0)) .cse3) (or .cse4 .cse1 .cse3) (or .cse1 .cse5 .cse6 .cse3) (or .cse4 .cse1 .cse7) (or .cse0 .cse1 .cse3 .cse8) (or .cse0 .cse1 .cse7 .cse8) (or .cse1 .cse2 .cse7 (and .cse0 (< 0 ~waterLevel~0)) (not (< ~waterLevel~0 3))) (or .cse1 .cse5 (and .cse9 .cse10 .cse11) .cse3) (or .cse1 .cse5 .cse7 .cse6)))))) [2022-11-03 02:20:30,582 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 813 837) no Hoare annotation was computed. [2022-11-03 02:20:30,584 INFO L895 garLoopResultBuilder]: At program point L827(line 827) the Hoare annotation is: (let ((.cse2 (= |old(~pumpRunning~0)| 0))) (let ((.cse0 (not (= ~waterLevel~0 1))) (.cse19 (= ~pumpRunning~0 0)) (.cse20 (= |processEnvironment__wrappee__highWaterSensor_~tmp~6#1| 0)) (.cse3 (not (= ~methaneLevelCritical~0 1))) (.cse21 (not .cse2)) (.cse1 (not (= 1 ~systemActive~0))) (.cse5 (not (< ~waterLevel~0 2))) (.cse4 (not (= ~methaneLevelCritical~0 0))) (.cse6 (not (= |old(~pumpRunning~0)| 1)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse1 .cse2 .cse4) (or .cse1 .cse5 .cse6 .cse3) (let ((.cse12 (select |#memory_int| 1)) (.cse11 (select |#memory_int| 27)) (.cse9 (select |#memory_int| 19)) (.cse14 (select |#memory_int| 18)) (.cse18 (select |#memory_int| 23)) (.cse17 (select |#memory_int| 25)) (.cse15 (select |#memory_int| 20)) (.cse7 (select |#memory_int| 26)) (.cse13 (select |#memory_int| 22)) (.cse16 (select |#memory_int| 17)) (.cse8 (select |#memory_int| 24)) (.cse10 (select |#memory_int| 28))) (or (not (= (select .cse7 2) 102)) .cse0 (not (= (select |#valid| 23) 1)) (not (= (select .cse8 1) 80)) (not (= (select .cse9 1) 75)) (not (= (select .cse10 0) 10)) (not (= (select |#length| 12) 25)) (not (= (select .cse11 1) 32)) (not (= (select .cse12 0) 48)) (not (= (select .cse13 0) 79)) (not (= |#NULL.offset| 0)) (not (= 9 (select |#length| 11))) (not (= 2 (select |#length| 20))) (not (= (select |#valid| 26) 1)) (not (= (select |#length| 27) 3)) (not (= 67 (select .cse14 0))) (not (= 9 (select |#length| 5))) (not (= 30 (select |#length| 7))) (not (= 3 (select |#length| 25))) (not (= 31 (select |#length| 2))) (not (= (select |#valid| 12) 1)) (not (= (select .cse14 2) 73)) (not (= (select |#length| 17) 7)) (not (= 2 (select |#length| 1))) (not (= 4 (select |#length| 26))) (not (= (select .cse15 0) 41)) (not (= (select .cse14 4) 0)) (not (= (select |#length| 21) 13)) (not (= 9 (select |#length| 14))) .cse1 (not (= (select |#length| 15) 25)) (not (= 84 (select .cse14 3))) (not (= 77 (select .cse16 1))) (not (= (select |#valid| 6) 1)) (not (< 0 |#StackHeapBarrier|)) (not (= (select .cse17 1) 110)) (not (= (select .cse16 6) 0)) (not (= (select .cse7 1) 102)) (not (= (select |#valid| 3) 1)) (not (= 110 (select .cse13 1))) (not (= (select |#valid| 25) 1)) (not (= ~head~0.offset 0)) (not (= (select |#valid| 20) 1)) (not (= (select |#valid| 21) 1)) (not (= (select |#valid| 11) 1)) (not (= (select |#valid| 16) 1)) (not (= 7 (select |#length| 24))) (not (= (select .cse16 5) 58)) (not (= (select |#valid| 28) 1)) (not (= (select |#length| 19) 3)) (not (= (select |#length| 9) 21)) (not (= 30 (select |#length| 10))) (not (= (select |#valid| 15) 1)) (not (= (select |#length| 6) 21)) (not (= 1 (select |#valid| 5))) (not (= (select |#length| 8) 9)) (not (= (select |#length| 3) 12)) (not (= (select |#valid| 0) 0)) .cse4 (not (= (select |#valid| 27) 1)) (not (= (select .cse12 1) 0)) (not (= (select |#valid| 24) 1)) (not (= (select .cse8 6) 0)) (not (= (select |#valid| 19) 1)) (not (= (select |#length| 28) 2)) (not (= (select .cse18 3) 0)) (not (= (select |#valid| 1) 1)) (not (= (select .cse16 4) 104)) (not (= (select |#valid| 22) 1)) (not (= 102 (select .cse18 2))) (not (= (select .cse9 0) 79)) (not (= 13 (select |#length| 16))) (not (= (select |#valid| 8) 1)) (not (= 44 (select .cse8 0))) (not (= 41 (select .cse11 0))) (not (= 58 (select .cse8 5))) (not (= 30 (select |#length| 13))) (not (= (select |#valid| 4) 1)) (not (= (select .cse11 2) 0)) (not (= |#NULL.base| 0)) (not (= 5 (select |#length| 18))) (not (= (select |#length| 22) 3)) (not (= (select .cse7 3) 0)) (not (= (select |#valid| 7) 1)) (not (= (select |#valid| 10) 1)) (not (= 4 (select |#length| 23))) (not (= (select .cse17 0) 79)) (not (= (select |#valid| 14) 1)) (not (= 101 (select .cse16 2))) (not (= (select .cse9 2) 0)) (not (= 82 (select .cse14 1))) (not (= (select .cse18 0) 79)) (not (= (select |#valid| 13) 1)) (not (= 102 (select .cse18 1))) (not (= 117 (select .cse8 2))) (not (= (select .cse17 2) 0)) (not (= 116 (select .cse16 3))) (not (= 30 (select |#length| 4))) (not (= (select |#valid| 2) 1)) (not (= (select .cse15 1) 0)) (not (= 79 (select .cse7 0))) (and (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~retValue_acc~12#1| |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp___0~2#1|) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_~retValue_acc~8#1| |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1|) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~retValue_acc~12#1| |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1|) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_~retValue_acc~8#1| 1) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1| |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp~9#1|) (= |processEnvironment__wrappee__highWaterSensor_~tmp~6#1| |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1|)) (not (= (select |#valid| 17) 1)) (not (= (select |#valid| 9) 1)) (not (= (select .cse13 2) 0)) (not (= 44 (select .cse16 0))) (not (= 112 (select .cse8 4))) (not (= ~head~0.base 0)) (not (= 109 (select .cse8 3))) (not (= (select .cse10 1) 0)) (not (= ~cleanupTimeShifts~0 4)) (not (= (select |#valid| 18) 1)))) (or (and .cse19 .cse20) .cse1 .cse5 .cse4) (or .cse21 .cse1 (not (= 2 ~waterLevel~0)) .cse4) (or .cse1 (and .cse19 (<= ~waterLevel~0 1) .cse20) .cse3 (and .cse21 (< 0 ~waterLevel~0)) (not (< ~waterLevel~0 3))) (or .cse1 .cse5 .cse4 .cse6)))) [2022-11-03 02:20:30,584 INFO L899 garLoopResultBuilder]: For program point L821(lines 821 829) no Hoare annotation was computed. [2022-11-03 02:20:30,584 INFO L895 garLoopResultBuilder]: At program point L817(lines 817 834) the Hoare annotation is: (let ((.cse9 (= |old(~pumpRunning~0)| 0)) (.cse1 (= ~pumpRunning~0 0))) (let ((.cse6 (not (<= ~waterLevel~0 1))) (.cse7 (not (= ~waterLevel~0 1))) (.cse8 (not .cse1)) (.cse0 (not .cse9)) (.cse3 (not (= 2 ~waterLevel~0))) (.cse5 (not (= ~methaneLevelCritical~0 1))) (.cse2 (not (= 1 ~systemActive~0))) (.cse10 (not (< ~waterLevel~0 2))) (.cse4 (not (= ~methaneLevelCritical~0 0))) (.cse11 (not (= |old(~pumpRunning~0)| 1))) (.cse12 (= ~pumpRunning~0 1))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse0 .cse1 .cse2 .cse5 .cse6) (or .cse0 .cse1 .cse2 .cse4 .cse6) (or .cse7 .cse8 .cse2 .cse9 .cse4) (or .cse7 .cse8 .cse2 .cse9 .cse5) (or .cse2 .cse10 .cse11 .cse5 .cse12) (or .cse0 .cse1 .cse2 .cse3 .cse5) (or .cse2 .cse10 .cse4 .cse11 .cse12)))) [2022-11-03 02:20:30,584 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 584 595) no Hoare annotation was computed. [2022-11-03 02:20:30,585 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 584 595) the Hoare annotation is: (let ((.cse5 (= ~methaneLevelCritical~0 0))) (let ((.cse1 (and .cse5 (not (= ~pumpRunning~0 1)))) (.cse0 (not (= 1 ~systemActive~0))) (.cse2 (not .cse5)) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (not (< |old(~waterLevel~0)| 3)))) (and (or .cse0 .cse1 .cse2 (not (= |old(~waterLevel~0)| 2)) .cse3) (or .cse0 (not (< |old(~waterLevel~0)| 2)) .cse2 .cse3) (or .cse0 .cse1 (not (= ~methaneLevelCritical~0 1)) .cse3 .cse4) (or (not (= ~pumpRunning~0 0)) .cse0 .cse2 .cse3 .cse4)))) [2022-11-03 02:20:30,588 INFO L444 BasicCegarLoop]: Path program histogram: [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 02:20:30,590 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-03 02:20:30,642 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 03.11 02:20:30 BoogieIcfgContainer [2022-11-03 02:20:30,642 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-03 02:20:30,643 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-03 02:20:30,643 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-03 02:20:30,643 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-03 02:20:30,644 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 02:17:39" (3/4) ... [2022-11-03 02:20:30,647 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-03 02:20:30,652 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-03 02:20:30,652 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-03 02:20:30,652 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2022-11-03 02:20:30,653 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-03 02:20:30,653 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-03 02:20:30,653 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 02:20:30,653 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-03 02:20:30,660 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 82 nodes and edges [2022-11-03 02:20:30,661 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 25 nodes and edges [2022-11-03 02:20:30,662 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 13 nodes and edges [2022-11-03 02:20:30,662 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-03 02:20:30,663 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-11-03 02:20:30,663 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 02:20:30,663 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 02:20:30,691 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((unknown-#length-unknown[15] == 25 && unknown-#memory_int-unknown[19][0] == 79) && unknown-#memory_int-unknown[17][6] == 0) && 9 == unknown-#length-unknown[5]) && unknown-#length-unknown[9] == 21) && 30 == unknown-#length-unknown[7]) && 1 == \valid[5]) && unknown-#length-unknown[3] == 12) && 2 == unknown-#length-unknown[20]) && \valid[15] == 1) && unknown-#memory_int-unknown[22][0] == 79) && 5 == unknown-#length-unknown[18]) && pumpRunning == 0) && \valid[26] == 1) && unknown-#memory_int-unknown[27][2] == 0) && unknown-#memory_int-unknown[26][3] == 0) && \valid[9] == 1) && 13 == unknown-#length-unknown[16]) && unknown-#length-unknown[12] == 25) && unknown-#memory_int-unknown[18][2] == 73) && unknown-#length-unknown[28] == 2) && \valid[11] == 1) && retValue_acc == \result) && \valid[27] == 1) && methaneLevelCritical == 0) && 30 == unknown-#length-unknown[4]) && unknown-#length-unknown[22] == 3) && 4 == unknown-#length-unknown[26]) && 102 == unknown-#memory_int-unknown[23][1]) && 31 == unknown-#length-unknown[2]) && head == 0) && tmp == 1) && unknown-#length-unknown[21] == 13) && unknown-#length-unknown[27] == 3) && 2 == unknown-#length-unknown[1]) && unknown-#length-unknown[8] == 9) && 84 == unknown-#memory_int-unknown[18][3]) && 41 == unknown-#memory_int-unknown[27][0]) && \valid[3] == 1) && unknown-#length-unknown[19] == 3) && \valid[7] == 1) && \valid[18] == 1) && \valid[22] == 1) && 30 == unknown-#length-unknown[13]) && 117 == unknown-#memory_int-unknown[24][2]) && 1 == systemActive) && \valid[24] == 1) && 30 == unknown-#length-unknown[10]) && unknown-#memory_int-unknown[19][2] == 0) && 3 == unknown-#length-unknown[25]) && \valid[12] == 1) && 82 == unknown-#memory_int-unknown[18][1]) && retValue_acc == 1) && unknown-#memory_int-unknown[25][1] == 110) && \valid[28] == 1) && unknown-#memory_int-unknown[25][2] == 0) && 102 == unknown-#memory_int-unknown[23][2]) && unknown-#memory_int-unknown[28][1] == 0) && \valid[4] == 1) && unknown-#memory_int-unknown[22][2] == 0) && \valid[1] == 1) && \valid[20] == 1) && unknown-#length-unknown[6] == 21) && \valid[21] == 1) && 7 == unknown-#length-unknown[24]) && 58 == unknown-#memory_int-unknown[24][5]) && unknown-#memory_int-unknown[24][1] == 80) && unknown-#memory_int-unknown[26][2] == 102) && unknown-#memory_int-unknown[24][6] == 0) && unknown-#memory_int-unknown[18][4] == 0) && \valid[14] == 1) && 109 == unknown-#memory_int-unknown[24][3]) && 77 == unknown-#memory_int-unknown[17][1]) && 110 == unknown-#memory_int-unknown[22][1]) && 9 == unknown-#length-unknown[14]) && unknown-#memory_int-unknown[17][4] == 104) && \valid[0] == 0) && 79 == unknown-#memory_int-unknown[26][0]) && unknown-#memory_int-unknown[28][0] == 10) && \valid[25] == 1) && head == 0) && 112 == unknown-#memory_int-unknown[24][4]) && unknown-#memory_int-unknown[23][3] == 0) && 116 == unknown-#memory_int-unknown[17][3]) && \valid[2] == 1) && unknown-#memory_int-unknown[20][0] == 41) && #NULL == 0) && 9 == unknown-#length-unknown[11]) && 44 == unknown-#memory_int-unknown[24][0]) && waterLevel == 1) && unknown-#memory_int-unknown[26][1] == 102) && unknown-#memory_int-unknown[1][0] == 48) && 67 == unknown-#memory_int-unknown[18][0]) && \valid[23] == 1) && 4 == unknown-#length-unknown[23]) && unknown-#memory_int-unknown[23][0] == 79) && unknown-#memory_int-unknown[27][1] == 32) && 101 == unknown-#memory_int-unknown[17][2]) && \valid[19] == 1) && unknown-#memory_int-unknown[19][1] == 75) && unknown-#memory_int-unknown[20][1] == 0) && 44 == unknown-#memory_int-unknown[17][0]) && \valid[16] == 1) && \valid[6] == 1) && unknown-#memory_int-unknown[1][1] == 0) && unknown-#length-unknown[17] == 7) && \valid[17] == 1) && \valid[10] == 1) && \valid[8] == 1) && unknown-#memory_int-unknown[17][5] == 58) && \valid[13] == 1) && 0 < unknown-#StackHeapBarrier-unknown) && cleanupTimeShifts == 4) && #NULL == 0) && unknown-#memory_int-unknown[25][0] == 79 [2022-11-03 02:20:30,693 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || \old(waterLevel) == waterLevel) || !(\old(waterLevel) < 3)) && ((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) < 3)) || pumpRunning == 1)) && ((((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || pumpRunning == 1)) && (((!(1 == systemActive) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel)) && (((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 1)) || \old(waterLevel) == waterLevel)) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1))) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2))) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || pumpRunning == 1) [2022-11-03 02:20:30,695 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) < 3)) || pumpRunning == 1) && (((((pumpRunning == 0 && \old(waterLevel) == waterLevel) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || (!(pumpRunning == 0) && \old(waterLevel) == waterLevel + 1))) && ((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) < 3)) || pumpRunning == 1)) && (((((pumpRunning == 0 && \old(waterLevel) == waterLevel) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || (!(pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))))) || !(\old(waterLevel) < 3))) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) < 3))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0))) && (((((pumpRunning == 0 && \old(waterLevel) == waterLevel) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || (!(pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))))) || !(methaneLevelCritical == 1)) [2022-11-03 02:20:30,695 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0)) && ((((!(1 == systemActive) || !(methaneLevelCritical == 1)) || \old(waterLevel) == waterLevel) || waterLevel < 2) || !(\old(waterLevel) < 3))) && (((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) < 3)) || (waterLevel < 2 && pumpRunning == 1)) || (pumpRunning == 0 && waterLevel < 2))) && (((((pumpRunning == 0 || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) < 3)) || (waterLevel < 2 && pumpRunning == 1))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel)) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 1))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || ((((2 == waterLevel && methaneLevelCritical == 0) && 1 == systemActive) && \old(waterLevel) == waterLevel) && pumpRunning == 1))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel) || waterLevel == 1)) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || \old(waterLevel) == waterLevel) || waterLevel < 2) || !(\old(waterLevel) < 3))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || waterLevel == 1) || ((((2 == waterLevel && methaneLevelCritical == 0) && 1 == systemActive) && \old(waterLevel) == waterLevel) && pumpRunning == 1)) [2022-11-03 02:20:30,696 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(2 == waterLevel)) || !(methaneLevelCritical == 0)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(waterLevel <= 1))) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(waterLevel <= 1))) && ((((!(waterLevel == 1) || !(pumpRunning == 0)) || !(1 == systemActive)) || \old(pumpRunning) == 0) || !(methaneLevelCritical == 0))) && ((((!(waterLevel == 1) || !(pumpRunning == 0)) || !(1 == systemActive)) || \old(pumpRunning) == 0) || !(methaneLevelCritical == 1))) && ((((!(1 == systemActive) || !(waterLevel < 2)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || pumpRunning == 1)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(2 == waterLevel)) || !(methaneLevelCritical == 1))) && ((((!(1 == systemActive) || !(waterLevel < 2)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || pumpRunning == 1) [2022-11-03 02:20:30,697 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0)) && ((((!(1 == systemActive) || (((methaneLevelCritical == tmp && 1 == systemActive) && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || waterLevel == 1)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 1))) && (((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) < 3)) || (waterLevel < 2 && pumpRunning == 1)) || (pumpRunning == 0 && waterLevel < 2))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || (methaneLevelCritical == tmp && waterLevel < 2)) || (methaneLevelCritical == tmp && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) < 3))) && (((((pumpRunning == 0 || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) < 3)) || (waterLevel < 2 && pumpRunning == 1))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((methaneLevelCritical == tmp && 1 == systemActive) && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || (tmp == 1 && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) < 3))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 1)) || (tmp == 1 && waterLevel < 2)) || (tmp == 1 && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) < 3))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel) || waterLevel == 1) [2022-11-03 02:20:30,697 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (pumpRunning == 0 && 1 == systemActive)) || !(\old(waterLevel) < 3)) || pumpRunning == 1) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || ((methaneLevelCritical == tmp && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || ((methaneLevelCritical == tmp && tmp___0 <= 1) && waterLevel == 1)) || !(\old(waterLevel) == 2))) && (((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0)) || ((methaneLevelCritical == tmp && tmp___0 <= 1) && waterLevel < 2))) && ((((!(\old(waterLevel) <= 1) || ((pumpRunning == 0 && 1 == systemActive) && \old(waterLevel) == waterLevel)) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || ((1 == systemActive && tmp == 1) && \old(waterLevel) == waterLevel))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 1)) || (tmp == 1 && waterLevel < 2)) || (tmp == 1 && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) < 3))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 1))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || waterLevel == 1) || ((1 == systemActive && tmp == 1) && \old(waterLevel) == waterLevel))) && (((((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || (pumpRunning == 0 && 1 == systemActive)) || pumpRunning == 1)) && ((((((waterLevel == 1 && pumpRunning == 1) || ((pumpRunning == 0 && 1 == systemActive) && waterLevel == 1)) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || waterLevel == 1)) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel) [2022-11-03 02:20:30,698 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((((tmp == 0 && waterLevel < 2) || (!(waterLevel < 2) && tmp == 1)) && pumpRunning == 0) && 1 == systemActive) && aux-isMethaneLevelCritical()-aux == methaneLevelCritical)) || !(2 == waterLevel)) || !(methaneLevelCritical == 1)) && ((!(waterLevel == 1) || !(1 == systemActive)) || !(methaneLevelCritical == 1))) && (((!(1 == systemActive) || !(waterLevel < 2)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1))) && ((!(waterLevel == 1) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(waterLevel <= 1))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(waterLevel <= 1))) && ((((!(1 == systemActive) || (((((tmp == 0 && waterLevel < 2) || (!(waterLevel < 2) && tmp == 1)) && pumpRunning == 0) && 1 == systemActive) && aux-isMethaneLevelCritical()-aux == methaneLevelCritical)) || !(methaneLevelCritical == 0)) || (!(\old(pumpRunning) == 0) && 0 < waterLevel)) || !(waterLevel < 3))) && (((!(1 == systemActive) || !(waterLevel < 2)) || ((((tmp == 0 && waterLevel < 2) || (!(waterLevel < 2) && tmp == 1)) && pumpRunning == 0) && aux-isMethaneLevelCritical()-aux == methaneLevelCritical)) || !(methaneLevelCritical == 1))) && (((!(1 == systemActive) || !(waterLevel < 2)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) [2022-11-03 02:20:30,699 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 1)) && (((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0)) || ((methaneLevelCritical == tmp && tmp___0 <= 1) && waterLevel < 2))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((((pumpRunning == 0 || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) < 3)) || (waterLevel < 2 && pumpRunning == 1))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((methaneLevelCritical == tmp && 1 == systemActive) && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2))) && ((((!(1 == systemActive) || (((methaneLevelCritical == tmp && 1 == systemActive) && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(methaneLevelCritical == 0)) || ((methaneLevelCritical == tmp && tmp___0 <= 1) && waterLevel == 1)) || !(\old(waterLevel) == 2))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || tmp___0 == 1)) && ((!(1 == systemActive) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) [2022-11-03 02:20:30,701 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) < 3)) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) < 3)) || pumpRunning == 1)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 1))) && ((((!(pumpRunning == 0) && waterLevel == 1) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && ((((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || pumpRunning == 1)) && (((!(1 == systemActive) || !(methaneLevelCritical == 0)) || ((((pumpRunning == 0 && \old(waterLevel) == waterLevel) || (!(pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))))) && (!(2 <= tmp___0) || !(pumpRunning == 0))) && waterLevel < 2)) || !(\old(waterLevel) < 3))) && ((((((pumpRunning == 0 && \old(waterLevel) == waterLevel) || (!(pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))))) && (!(2 <= tmp___0) || !(pumpRunning == 0))) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 1))) && ((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || pumpRunning == 1) [2022-11-03 02:20:30,701 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 1)) && ((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) < 3))) && ((!(1 == systemActive) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) [2022-11-03 02:20:30,749 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/witness.graphml [2022-11-03 02:20:30,749 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-03 02:20:30,749 INFO L158 Benchmark]: Toolchain (without parser) took 172798.88ms. Allocated memory was 90.2MB in the beginning and 847.2MB in the end (delta: 757.1MB). Free memory was 55.2MB in the beginning and 374.1MB in the end (delta: -318.9MB). Peak memory consumption was 436.8MB. Max. memory is 16.1GB. [2022-11-03 02:20:30,750 INFO L158 Benchmark]: CDTParser took 0.28ms. Allocated memory is still 90.2MB. Free memory is still 72.5MB. There was no memory consumed. Max. memory is 16.1GB. [2022-11-03 02:20:30,751 INFO L158 Benchmark]: CACSL2BoogieTranslator took 550.68ms. Allocated memory is still 90.2MB. Free memory was 54.8MB in the beginning and 59.0MB in the end (delta: -4.2MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. [2022-11-03 02:20:30,751 INFO L158 Benchmark]: Boogie Procedure Inliner took 52.25ms. Allocated memory is still 90.2MB. Free memory was 59.0MB in the beginning and 56.4MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-03 02:20:30,752 INFO L158 Benchmark]: Boogie Preprocessor took 46.28ms. Allocated memory is still 90.2MB. Free memory was 56.4MB in the beginning and 54.5MB in the end (delta: 1.9MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-03 02:20:30,752 INFO L158 Benchmark]: RCFGBuilder took 794.04ms. Allocated memory was 90.2MB in the beginning and 109.1MB in the end (delta: 18.9MB). Free memory was 54.5MB in the beginning and 68.3MB in the end (delta: -13.7MB). Peak memory consumption was 21.5MB. Max. memory is 16.1GB. [2022-11-03 02:20:30,752 INFO L158 Benchmark]: TraceAbstraction took 171239.44ms. Allocated memory was 109.1MB in the beginning and 847.2MB in the end (delta: 738.2MB). Free memory was 67.6MB in the beginning and 380.4MB in the end (delta: -312.8MB). Peak memory consumption was 524.7MB. Max. memory is 16.1GB. [2022-11-03 02:20:30,753 INFO L158 Benchmark]: Witness Printer took 106.12ms. Allocated memory is still 847.2MB. Free memory was 380.4MB in the beginning and 374.1MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-03 02:20:30,760 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.28ms. Allocated memory is still 90.2MB. Free memory is still 72.5MB. There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 550.68ms. Allocated memory is still 90.2MB. Free memory was 54.8MB in the beginning and 59.0MB in the end (delta: -4.2MB). Peak memory consumption was 10.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 52.25ms. Allocated memory is still 90.2MB. Free memory was 59.0MB in the beginning and 56.4MB in the end (delta: 2.6MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 46.28ms. Allocated memory is still 90.2MB. Free memory was 56.4MB in the beginning and 54.5MB in the end (delta: 1.9MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 794.04ms. Allocated memory was 90.2MB in the beginning and 109.1MB in the end (delta: 18.9MB). Free memory was 54.5MB in the beginning and 68.3MB in the end (delta: -13.7MB). Peak memory consumption was 21.5MB. Max. memory is 16.1GB. * TraceAbstraction took 171239.44ms. Allocated memory was 109.1MB in the beginning and 847.2MB in the end (delta: 738.2MB). Free memory was 67.6MB in the beginning and 380.4MB in the end (delta: -312.8MB). Peak memory consumption was 524.7MB. Max. memory is 16.1GB. * Witness Printer took 106.12ms. Allocated memory is still 847.2MB. Free memory was 380.4MB in the beginning and 374.1MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 559]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 8 procedures, 58 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 171.1s, OverallIterations: 12, TraceHistogramMax: 3, PathProgramHistogramMax: 2, EmptinessCheckTime: 0.0s, AutomataDifference: 13.2s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 42.0s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 2601 SdHoareTripleChecker+Valid, 5.2s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 2564 mSDsluCounter, 3328 SdHoareTripleChecker+Invalid, 4.3s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3127 mSDsCounter, 1606 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 5534 IncrementalHoareTripleChecker+Invalid, 7140 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 1606 mSolverCounterUnsat, 845 mSDtfsCounter, 5534 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 866 GetRequests, 514 SyntacticMatches, 17 SemanticMatches, 335 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 11224 ImplicationChecksByTransitivity, 93.1s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=3020occurred in iteration=10, InterpolantAutomatonStates: 238, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 1.4s AutomataMinimizationTime, 12 MinimizatonAttempts, 629 StatesRemovedByMinimization, 7 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 36 LocationsWithAnnotation, 6954 PreInvPairs, 8220 NumberOfFragments, 5170 HoareAnnotationTreeSize, 6954 FomulaSimplifications, 52781 FormulaSimplificationTreeSizeReduction, 4.1s HoareSimplificationTime, 36 FomulaSimplificationsInter, 119837 FormulaSimplificationTreeSizeReductionInter, 37.6s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.5s SatisfiabilityAnalysisTime, 4.8s InterpolantComputationTime, 736 NumberOfCodeBlocks, 736 NumberOfCodeBlocksAsserted, 18 NumberOfCheckSat, 858 ConstructedInterpolants, 0 QuantifiedInterpolants, 2590 SizeOfPredicates, 67 NumberOfNonLiveVariables, 2103 ConjunctsInSsa, 144 ConjunctsInUnsatCore, 20 InterpolantComputations, 9 PerfectInterpolantSequences, 207/254 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: OVERALL_TIME: 2.3s, ICFG_INTERPRETER_ENTERED_PROCEDURES: 3, DAG_INTERPRETER_EARLY_EXIT_QUERIES_NONTRIVIAL: 27, DAG_INTERPRETER_EARLY_EXITS: 6, TOOLS_POST_APPLICATIONS: 41, TOOLS_POST_TIME: 0.9s, TOOLS_POST_CALL_APPLICATIONS: 14, TOOLS_POST_CALL_TIME: 0.8s, TOOLS_POST_RETURN_APPLICATIONS: 12, TOOLS_POST_RETURN_TIME: 0.4s, TOOLS_QUANTIFIERELIM_APPLICATIONS: 61, TOOLS_QUANTIFIERELIM_TIME: 2.1s, TOOLS_QUANTIFIERELIM_MAX_TIME: 0.2s, FLUID_QUERY_TIME: 0.0s, FLUID_QUERIES: 84, FLUID_YES_ANSWERS: 0, DOMAIN_JOIN_APPLICATIONS: 7, DOMAIN_JOIN_TIME: 0.1s, DOMAIN_ALPHA_APPLICATIONS: 0, DOMAIN_ALPHA_TIME: 0.0s, DOMAIN_WIDEN_APPLICATIONS: 0, DOMAIN_WIDEN_TIME: 0.0s, DOMAIN_ISSUBSETEQ_APPLICATIONS: 1, DOMAIN_ISSUBSETEQ_TIME: 0.0s, DOMAIN_ISBOTTOM_APPLICATIONS: 27, DOMAIN_ISBOTTOM_TIME: 0.1s, LOOP_SUMMARIZER_APPLICATIONS: 1, LOOP_SUMMARIZER_CACHE_MISSES: 1, LOOP_SUMMARIZER_OVERALL_TIME: 0.5s, LOOP_SUMMARIZER_NEW_COMPUTATION_TIME: 0.5s, LOOP_SUMMARIZER_FIXPOINT_ITERATIONS: 1, CALL_SUMMARIZER_APPLICATIONS: 12, CALL_SUMMARIZER_CACHE_MISSES: 3, CALL_SUMMARIZER_OVERALL_TIME: 0.1s, CALL_SUMMARIZER_NEW_COMPUTATION_TIME: 0.1s, PROCEDURE_GRAPH_BUILDER_TIME: 0.0s, PATH_EXPR_TIME: 0.0s, REGEX_TO_DAG_TIME: 0.0s, DAG_COMPRESSION_TIME: 0.0s, DAG_COMPRESSION_PROCESSED_NODES: 493, DAG_COMPRESSION_RETAINED_NODES: 107, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: 683]: Loop Invariant Derived loop invariant: ((((((((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0)) && ((((!(1 == systemActive) || (((methaneLevelCritical == tmp && 1 == systemActive) && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || waterLevel == 1)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 1))) && (((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) < 3)) || (waterLevel < 2 && pumpRunning == 1)) || (pumpRunning == 0 && waterLevel < 2))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || (methaneLevelCritical == tmp && waterLevel < 2)) || (methaneLevelCritical == tmp && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) < 3))) && (((((pumpRunning == 0 || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) < 3)) || (waterLevel < 2 && pumpRunning == 1))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((methaneLevelCritical == tmp && 1 == systemActive) && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || (tmp == 1 && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) < 3))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 1)) || (tmp == 1 && waterLevel < 2)) || (tmp == 1 && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) < 3))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel) || waterLevel == 1) - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 52]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 140]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 839]: Loop Invariant Derived loop invariant: ((((((((((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0)) && ((((!(1 == systemActive) || !(methaneLevelCritical == 1)) || \old(waterLevel) == waterLevel) || waterLevel < 2) || !(\old(waterLevel) < 3))) && (((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) < 3)) || (waterLevel < 2 && pumpRunning == 1)) || (pumpRunning == 0 && waterLevel < 2))) && (((((pumpRunning == 0 || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) < 3)) || (waterLevel < 2 && pumpRunning == 1))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel)) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 1))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || ((((2 == waterLevel && methaneLevelCritical == 0) && 1 == systemActive) && \old(waterLevel) == waterLevel) && pumpRunning == 1))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel) || waterLevel == 1)) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || \old(waterLevel) == waterLevel) || waterLevel < 2) || !(\old(waterLevel) < 3))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || waterLevel == 1) || ((((2 == waterLevel && methaneLevelCritical == 0) && 1 == systemActive) && \old(waterLevel) == waterLevel) && pumpRunning == 1)) - InvariantResult [Line: 140]: Loop Invariant Derived loop invariant: (((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((unknown-#length-unknown[15] == 25 && unknown-#memory_int-unknown[19][0] == 79) && unknown-#memory_int-unknown[17][6] == 0) && 9 == unknown-#length-unknown[5]) && unknown-#length-unknown[9] == 21) && 30 == unknown-#length-unknown[7]) && 1 == \valid[5]) && unknown-#length-unknown[3] == 12) && 2 == unknown-#length-unknown[20]) && \valid[15] == 1) && unknown-#memory_int-unknown[22][0] == 79) && 5 == unknown-#length-unknown[18]) && pumpRunning == 0) && \valid[26] == 1) && unknown-#memory_int-unknown[27][2] == 0) && unknown-#memory_int-unknown[26][3] == 0) && \valid[9] == 1) && 13 == unknown-#length-unknown[16]) && unknown-#length-unknown[12] == 25) && unknown-#memory_int-unknown[18][2] == 73) && unknown-#length-unknown[28] == 2) && \valid[11] == 1) && retValue_acc == \result) && \valid[27] == 1) && methaneLevelCritical == 0) && 30 == unknown-#length-unknown[4]) && unknown-#length-unknown[22] == 3) && 4 == unknown-#length-unknown[26]) && 102 == unknown-#memory_int-unknown[23][1]) && 31 == unknown-#length-unknown[2]) && head == 0) && tmp == 1) && unknown-#length-unknown[21] == 13) && unknown-#length-unknown[27] == 3) && 2 == unknown-#length-unknown[1]) && unknown-#length-unknown[8] == 9) && 84 == unknown-#memory_int-unknown[18][3]) && 41 == unknown-#memory_int-unknown[27][0]) && \valid[3] == 1) && unknown-#length-unknown[19] == 3) && \valid[7] == 1) && \valid[18] == 1) && \valid[22] == 1) && 30 == unknown-#length-unknown[13]) && 117 == unknown-#memory_int-unknown[24][2]) && 1 == systemActive) && \valid[24] == 1) && 30 == unknown-#length-unknown[10]) && unknown-#memory_int-unknown[19][2] == 0) && 3 == unknown-#length-unknown[25]) && \valid[12] == 1) && 82 == unknown-#memory_int-unknown[18][1]) && retValue_acc == 1) && unknown-#memory_int-unknown[25][1] == 110) && \valid[28] == 1) && unknown-#memory_int-unknown[25][2] == 0) && 102 == unknown-#memory_int-unknown[23][2]) && unknown-#memory_int-unknown[28][1] == 0) && \valid[4] == 1) && unknown-#memory_int-unknown[22][2] == 0) && \valid[1] == 1) && \valid[20] == 1) && unknown-#length-unknown[6] == 21) && \valid[21] == 1) && 7 == unknown-#length-unknown[24]) && 58 == unknown-#memory_int-unknown[24][5]) && unknown-#memory_int-unknown[24][1] == 80) && unknown-#memory_int-unknown[26][2] == 102) && unknown-#memory_int-unknown[24][6] == 0) && unknown-#memory_int-unknown[18][4] == 0) && \valid[14] == 1) && 109 == unknown-#memory_int-unknown[24][3]) && 77 == unknown-#memory_int-unknown[17][1]) && 110 == unknown-#memory_int-unknown[22][1]) && 9 == unknown-#length-unknown[14]) && unknown-#memory_int-unknown[17][4] == 104) && \valid[0] == 0) && 79 == unknown-#memory_int-unknown[26][0]) && unknown-#memory_int-unknown[28][0] == 10) && \valid[25] == 1) && head == 0) && 112 == unknown-#memory_int-unknown[24][4]) && unknown-#memory_int-unknown[23][3] == 0) && 116 == unknown-#memory_int-unknown[17][3]) && \valid[2] == 1) && unknown-#memory_int-unknown[20][0] == 41) && #NULL == 0) && 9 == unknown-#length-unknown[11]) && 44 == unknown-#memory_int-unknown[24][0]) && waterLevel == 1) && unknown-#memory_int-unknown[26][1] == 102) && unknown-#memory_int-unknown[1][0] == 48) && 67 == unknown-#memory_int-unknown[18][0]) && \valid[23] == 1) && 4 == unknown-#length-unknown[23]) && unknown-#memory_int-unknown[23][0] == 79) && unknown-#memory_int-unknown[27][1] == 32) && 101 == unknown-#memory_int-unknown[17][2]) && \valid[19] == 1) && unknown-#memory_int-unknown[19][1] == 75) && unknown-#memory_int-unknown[20][1] == 0) && 44 == unknown-#memory_int-unknown[17][0]) && \valid[16] == 1) && \valid[6] == 1) && unknown-#memory_int-unknown[1][1] == 0) && unknown-#length-unknown[17] == 7) && \valid[17] == 1) && \valid[10] == 1) && \valid[8] == 1) && unknown-#memory_int-unknown[17][5] == 58) && \valid[13] == 1) && 0 < unknown-#StackHeapBarrier-unknown) && cleanupTimeShifts == 4) && #NULL == 0) && unknown-#memory_int-unknown[25][0] == 79 - InvariantResult [Line: 781]: Loop Invariant Derived loop invariant: (((((((((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || \old(waterLevel) == waterLevel) || !(\old(waterLevel) < 3)) && ((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) < 3)) || pumpRunning == 1)) && ((((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || pumpRunning == 1)) && (((!(1 == systemActive) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel)) && (((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 1)) || \old(waterLevel) == waterLevel)) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1))) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2))) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || pumpRunning == 1) - InvariantResult [Line: 718]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 847]: Loop Invariant Derived loop invariant: ((((((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) < 3)) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) < 3)) || pumpRunning == 1)) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 1))) && ((((!(pumpRunning == 0) && waterLevel == 1) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && ((((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || pumpRunning == 1)) && (((!(1 == systemActive) || !(methaneLevelCritical == 0)) || ((((pumpRunning == 0 && \old(waterLevel) == waterLevel) || (!(pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))))) && (!(2 <= tmp___0) || !(pumpRunning == 0))) && waterLevel < 2)) || !(\old(waterLevel) < 3))) && ((((((pumpRunning == 0 && \old(waterLevel) == waterLevel) || (!(pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))))) && (!(2 <= tmp___0) || !(pumpRunning == 0))) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 1))) && ((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || pumpRunning == 1) - InvariantResult [Line: 843]: Loop Invariant Derived loop invariant: ((((((((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) < 3)) || pumpRunning == 1) && (((((pumpRunning == 0 && \old(waterLevel) == waterLevel) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || (!(pumpRunning == 0) && \old(waterLevel) == waterLevel + 1))) && ((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) < 3)) || pumpRunning == 1)) && (((((pumpRunning == 0 && \old(waterLevel) == waterLevel) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || (!(pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))))) || !(\old(waterLevel) < 3))) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) < 3))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0))) && (((((pumpRunning == 0 && \old(waterLevel) == waterLevel) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || (!(pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))))) || !(methaneLevelCritical == 1)) - InvariantResult [Line: 674]: Loop Invariant Derived loop invariant: (((((((((((((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (pumpRunning == 0 && 1 == systemActive)) || !(\old(waterLevel) < 3)) || pumpRunning == 1) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || ((methaneLevelCritical == tmp && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || ((methaneLevelCritical == tmp && tmp___0 <= 1) && waterLevel == 1)) || !(\old(waterLevel) == 2))) && (((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0)) || ((methaneLevelCritical == tmp && tmp___0 <= 1) && waterLevel < 2))) && ((((!(\old(waterLevel) <= 1) || ((pumpRunning == 0 && 1 == systemActive) && \old(waterLevel) == waterLevel)) || !(\old(pumpRunning) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || ((1 == systemActive && tmp == 1) && \old(waterLevel) == waterLevel))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 1)) || (tmp == 1 && waterLevel < 2)) || (tmp == 1 && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) < 3))) && ((((!(\old(pumpRunning) == 0) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 1))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || waterLevel == 1) || ((1 == systemActive && tmp == 1) && \old(waterLevel) == waterLevel))) && (((((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || (pumpRunning == 0 && 1 == systemActive)) || pumpRunning == 1)) && ((((((waterLevel == 1 && pumpRunning == 1) || ((pumpRunning == 0 && 1 == systemActive) && waterLevel == 1)) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || waterLevel == 1)) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel) - InvariantResult [Line: 719]: Loop Invariant Derived loop invariant: ((((((methaneLevelCritical == 0 && tmp == 1) && 1 == systemActive) && splverifierCounter == 0) && waterLevel < 3) && pumpRunning == 1) || ((((methaneLevelCritical == 0 && tmp == 1) && 1 == systemActive) && splverifierCounter == 0) && waterLevel < 2)) || ((((tmp == 1 && 1 == systemActive) && methaneLevelCritical == 1) && splverifierCounter == 0) && waterLevel < 3) - InvariantResult [Line: 817]: Loop Invariant Derived loop invariant: ((((((((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(2 == waterLevel)) || !(methaneLevelCritical == 0)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(waterLevel <= 1))) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(waterLevel <= 1))) && ((((!(waterLevel == 1) || !(pumpRunning == 0)) || !(1 == systemActive)) || \old(pumpRunning) == 0) || !(methaneLevelCritical == 0))) && ((((!(waterLevel == 1) || !(pumpRunning == 0)) || !(1 == systemActive)) || \old(pumpRunning) == 0) || !(methaneLevelCritical == 1))) && ((((!(1 == systemActive) || !(waterLevel < 2)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || pumpRunning == 1)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(2 == waterLevel)) || !(methaneLevelCritical == 1))) && ((((!(1 == systemActive) || !(waterLevel < 2)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || pumpRunning == 1) - InvariantResult [Line: 62]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 739]: Loop Invariant Derived loop invariant: (((((methaneLevelCritical == 0 && tmp == 1) && 1 == systemActive) && splverifierCounter == 0) && waterLevel < 2) || ((((tmp == 1 && 1 == systemActive) && methaneLevelCritical == 1) && splverifierCounter == 0) && waterLevel < 3)) || ((((2 == waterLevel && methaneLevelCritical == 0) && tmp == 1) && 1 == systemActive) && splverifierCounter == 0) - InvariantResult [Line: 689]: Loop Invariant Derived loop invariant: ((((((((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 1)) && (((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 0)) || ((methaneLevelCritical == tmp && tmp___0 <= 1) && waterLevel < 2))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (pumpRunning == 0 && \old(waterLevel) == waterLevel)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((((pumpRunning == 0 || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) < 3)) || (waterLevel < 2 && pumpRunning == 1))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((methaneLevelCritical == tmp && 1 == systemActive) && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2))) && ((((!(1 == systemActive) || (((methaneLevelCritical == tmp && 1 == systemActive) && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(methaneLevelCritical == 0)) || ((methaneLevelCritical == tmp && tmp___0 <= 1) && waterLevel == 1)) || !(\old(waterLevel) == 2))) && ((((!(\old(pumpRunning) == 0) || !(\old(waterLevel) == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || tmp___0 == 1)) && ((!(1 == systemActive) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) - InvariantResult [Line: 559]: Loop Invariant Derived loop invariant: (((!(1 == systemActive) || !(\old(waterLevel) < 2)) || !(methaneLevelCritical == 1)) && ((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) < 3))) && ((!(1 == systemActive) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) - InvariantResult [Line: 903]: Loop Invariant Derived loop invariant: (((((((((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (((((tmp == 0 && waterLevel < 2) || (!(waterLevel < 2) && tmp == 1)) && pumpRunning == 0) && 1 == systemActive) && aux-isMethaneLevelCritical()-aux == methaneLevelCritical)) || !(2 == waterLevel)) || !(methaneLevelCritical == 1)) && ((!(waterLevel == 1) || !(1 == systemActive)) || !(methaneLevelCritical == 1))) && (((!(1 == systemActive) || !(waterLevel < 2)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1))) && ((!(waterLevel == 1) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(waterLevel <= 1))) && (((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(waterLevel <= 1))) && ((((!(1 == systemActive) || (((((tmp == 0 && waterLevel < 2) || (!(waterLevel < 2) && tmp == 1)) && pumpRunning == 0) && 1 == systemActive) && aux-isMethaneLevelCritical()-aux == methaneLevelCritical)) || !(methaneLevelCritical == 0)) || (!(\old(pumpRunning) == 0) && 0 < waterLevel)) || !(waterLevel < 3))) && (((!(1 == systemActive) || !(waterLevel < 2)) || ((((tmp == 0 && waterLevel < 2) || (!(waterLevel < 2) && tmp == 1)) && pumpRunning == 0) && aux-isMethaneLevelCritical()-aux == methaneLevelCritical)) || !(methaneLevelCritical == 1))) && (((!(1 == systemActive) || !(waterLevel < 2)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) - InvariantResult [Line: 709]: Loop Invariant Derived loop invariant: 1 RESULT: Ultimate proved your program to be correct! [2022-11-03 02:20:30,843 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_dd7a4809-5441-48f6-8892-ef69e6592315/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE