./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec5_product60.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version 5e519f3a Calling Ultimate with: /usr/lib/jvm/java-11-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec5_product60.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash b57a794fa6b429f14911ed2b6a28ecb30bf580e5cb37ae05e7120c2d485c2d18 --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-5e519f3 [2022-11-03 04:10:55,248 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-03 04:10:55,251 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-03 04:10:55,290 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-03 04:10:55,291 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-03 04:10:55,292 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-03 04:10:55,294 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-03 04:10:55,296 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-03 04:10:55,298 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-03 04:10:55,299 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-03 04:10:55,300 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-03 04:10:55,302 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-03 04:10:55,302 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-03 04:10:55,304 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-03 04:10:55,305 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-03 04:10:55,307 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-03 04:10:55,308 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-03 04:10:55,309 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-03 04:10:55,311 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-03 04:10:55,314 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-03 04:10:55,316 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-03 04:10:55,317 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-03 04:10:55,319 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-03 04:10:55,320 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-03 04:10:55,325 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-03 04:10:55,325 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-03 04:10:55,326 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-03 04:10:55,327 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-03 04:10:55,328 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-03 04:10:55,329 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-03 04:10:55,329 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-03 04:10:55,330 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-03 04:10:55,331 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-03 04:10:55,332 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-03 04:10:55,334 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-03 04:10:55,334 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-03 04:10:55,335 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-03 04:10:55,336 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-03 04:10:55,336 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-03 04:10:55,337 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-03 04:10:55,338 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-03 04:10:55,347 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-03 04:10:55,397 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-03 04:10:55,398 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-03 04:10:55,399 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-03 04:10:55,399 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-03 04:10:55,400 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-03 04:10:55,401 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-03 04:10:55,401 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-03 04:10:55,401 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-03 04:10:55,402 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-03 04:10:55,402 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-03 04:10:55,403 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-03 04:10:55,403 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-03 04:10:55,404 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-03 04:10:55,414 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-03 04:10:55,414 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-03 04:10:55,415 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-03 04:10:55,415 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-03 04:10:55,415 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-03 04:10:55,416 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-03 04:10:55,417 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-03 04:10:55,417 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-03 04:10:55,417 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-03 04:10:55,418 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-03 04:10:55,418 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-03 04:10:55,418 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-03 04:10:55,419 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-03 04:10:55,420 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-03 04:10:55,420 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-03 04:10:55,420 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-03 04:10:55,421 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-03 04:10:55,421 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-03 04:10:55,422 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-03 04:10:55,422 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 04:10:55,422 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-03 04:10:55,423 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-03 04:10:55,423 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-03 04:10:55,423 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-03 04:10:55,424 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-03 04:10:55,424 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-03 04:10:55,425 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-03 04:10:55,425 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-03 04:10:55,425 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> b57a794fa6b429f14911ed2b6a28ecb30bf580e5cb37ae05e7120c2d485c2d18 [2022-11-03 04:10:55,788 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-03 04:10:55,834 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-03 04:10:55,839 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-03 04:10:55,840 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-03 04:10:55,841 INFO L275 PluginConnector]: CDTParser initialized [2022-11-03 04:10:55,843 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/../../sv-benchmarks/c/product-lines/minepump_spec5_product60.cil.c [2022-11-03 04:10:55,922 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/data/f6bf00a43/1697d701e3da469e9d9be4b7d3c736db/FLAG6e583b043 [2022-11-03 04:10:56,646 INFO L306 CDTParser]: Found 1 translation units. [2022-11-03 04:10:56,647 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/sv-benchmarks/c/product-lines/minepump_spec5_product60.cil.c [2022-11-03 04:10:56,668 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/data/f6bf00a43/1697d701e3da469e9d9be4b7d3c736db/FLAG6e583b043 [2022-11-03 04:10:56,850 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/data/f6bf00a43/1697d701e3da469e9d9be4b7d3c736db [2022-11-03 04:10:56,853 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-03 04:10:56,855 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-03 04:10:56,860 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-03 04:10:56,861 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-03 04:10:56,865 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-03 04:10:56,866 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 04:10:56" (1/1) ... [2022-11-03 04:10:56,869 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@254bda5d and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 04:10:56, skipping insertion in model container [2022-11-03 04:10:56,869 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 03.11 04:10:56" (1/1) ... [2022-11-03 04:10:56,878 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-03 04:10:56,964 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-03 04:10:57,528 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/sv-benchmarks/c/product-lines/minepump_spec5_product60.cil.c[18075,18088] [2022-11-03 04:10:57,544 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 04:10:57,565 INFO L203 MainTranslator]: Completed pre-run [2022-11-03 04:10:57,673 WARN L230 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/sv-benchmarks/c/product-lines/minepump_spec5_product60.cil.c[18075,18088] [2022-11-03 04:10:57,679 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-03 04:10:57,712 INFO L208 MainTranslator]: Completed translation [2022-11-03 04:10:57,712 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 04:10:57 WrapperNode [2022-11-03 04:10:57,712 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-03 04:10:57,714 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-03 04:10:57,714 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-03 04:10:57,714 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-03 04:10:57,724 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 04:10:57" (1/1) ... [2022-11-03 04:10:57,760 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 04:10:57" (1/1) ... [2022-11-03 04:10:57,822 INFO L138 Inliner]: procedures = 60, calls = 162, calls flagged for inlining = 28, calls inlined = 25, statements flattened = 291 [2022-11-03 04:10:57,826 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-03 04:10:57,828 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-03 04:10:57,829 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-03 04:10:57,829 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-03 04:10:57,841 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 04:10:57" (1/1) ... [2022-11-03 04:10:57,841 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 04:10:57" (1/1) ... [2022-11-03 04:10:57,854 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 04:10:57" (1/1) ... [2022-11-03 04:10:57,855 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 04:10:57" (1/1) ... [2022-11-03 04:10:57,868 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 04:10:57" (1/1) ... [2022-11-03 04:10:57,879 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 04:10:57" (1/1) ... [2022-11-03 04:10:57,891 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 04:10:57" (1/1) ... [2022-11-03 04:10:57,893 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 04:10:57" (1/1) ... [2022-11-03 04:10:57,896 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-03 04:10:57,897 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-03 04:10:57,897 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-03 04:10:57,897 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-03 04:10:57,898 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 04:10:57" (1/1) ... [2022-11-03 04:10:57,914 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-03 04:10:57,930 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 04:10:57,950 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-03 04:10:57,974 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-03 04:10:58,010 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-03 04:10:58,010 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-03 04:10:58,010 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-03 04:10:58,010 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-03 04:10:58,011 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-03 04:10:58,011 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-03 04:10:58,011 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-03 04:10:58,011 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 04:10:58,012 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 04:10:58,012 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-03 04:10:58,012 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-03 04:10:58,013 INFO L130 BoogieDeclarations]: Found specification of procedure isPumpRunning [2022-11-03 04:10:58,013 INFO L138 BoogieDeclarations]: Found implementation of procedure isPumpRunning [2022-11-03 04:10:58,013 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-11-03 04:10:58,013 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-11-03 04:10:58,013 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-03 04:10:58,014 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-03 04:10:58,014 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-03 04:10:58,014 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-03 04:10:58,014 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-03 04:10:58,123 INFO L235 CfgBuilder]: Building ICFG [2022-11-03 04:10:58,126 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-03 04:10:58,657 INFO L276 CfgBuilder]: Performing block encoding [2022-11-03 04:10:58,904 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-03 04:10:58,905 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-03 04:10:58,908 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 04:10:58 BoogieIcfgContainer [2022-11-03 04:10:58,909 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-03 04:10:58,912 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-03 04:10:58,912 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-03 04:10:58,922 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-03 04:10:58,923 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 03.11 04:10:56" (1/3) ... [2022-11-03 04:10:58,925 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@787309e6 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 04:10:58, skipping insertion in model container [2022-11-03 04:10:58,925 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 03.11 04:10:57" (2/3) ... [2022-11-03 04:10:58,925 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@787309e6 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 03.11 04:10:58, skipping insertion in model container [2022-11-03 04:10:58,926 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 04:10:58" (3/3) ... [2022-11-03 04:10:58,928 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec5_product60.cil.c [2022-11-03 04:10:58,953 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-03 04:10:58,954 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-03 04:10:59,045 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-03 04:10:59,064 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@6ac3ea4a, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-03 04:10:59,064 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-03 04:10:59,079 INFO L276 IsEmpty]: Start isEmpty. Operand has 66 states, 42 states have (on average 1.4523809523809523) internal successors, (61), 51 states have internal predecessors, (61), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) [2022-11-03 04:10:59,092 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2022-11-03 04:10:59,092 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 04:10:59,098 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 04:10:59,099 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 04:10:59,110 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 04:10:59,111 INFO L85 PathProgramCache]: Analyzing trace with hash -420238116, now seen corresponding path program 1 times [2022-11-03 04:10:59,127 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 04:10:59,129 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1694068692] [2022-11-03 04:10:59,130 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 04:10:59,130 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 04:10:59,301 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 04:10:59,422 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 04:10:59,422 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 04:10:59,424 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1694068692] [2022-11-03 04:10:59,425 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1694068692] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 04:10:59,425 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 04:10:59,426 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-03 04:10:59,428 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [872058169] [2022-11-03 04:10:59,429 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 04:10:59,436 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-03 04:10:59,438 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 04:10:59,479 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-03 04:10:59,481 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 04:10:59,485 INFO L87 Difference]: Start difference. First operand has 66 states, 42 states have (on average 1.4523809523809523) internal successors, (61), 51 states have internal predecessors, (61), 14 states have call successors, (14), 8 states have call predecessors, (14), 8 states have return successors, (14), 11 states have call predecessors, (14), 14 states have call successors, (14) Second operand has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 04:10:59,639 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 04:10:59,639 INFO L93 Difference]: Finished difference Result 130 states and 179 transitions. [2022-11-03 04:10:59,640 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-03 04:10:59,642 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 21 [2022-11-03 04:10:59,643 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 04:10:59,663 INFO L225 Difference]: With dead ends: 130 [2022-11-03 04:10:59,663 INFO L226 Difference]: Without dead ends: 61 [2022-11-03 04:10:59,670 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-03 04:10:59,675 INFO L413 NwaCegarLoop]: 68 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 68 SdHoareTripleChecker+Invalid, 19 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 04:10:59,684 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 68 Invalid, 19 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 04:10:59,707 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 61 states. [2022-11-03 04:10:59,747 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 61 to 61. [2022-11-03 04:10:59,749 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 61 states, 39 states have (on average 1.358974358974359) internal successors, (53), 47 states have internal predecessors, (53), 14 states have call successors, (14), 8 states have call predecessors, (14), 7 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2022-11-03 04:10:59,759 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 61 states to 61 states and 80 transitions. [2022-11-03 04:10:59,762 INFO L78 Accepts]: Start accepts. Automaton has 61 states and 80 transitions. Word has length 21 [2022-11-03 04:10:59,763 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 04:10:59,763 INFO L495 AbstractCegarLoop]: Abstraction has 61 states and 80 transitions. [2022-11-03 04:10:59,764 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 7.0) internal successors, (14), 2 states have internal predecessors, (14), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 04:10:59,764 INFO L276 IsEmpty]: Start isEmpty. Operand 61 states and 80 transitions. [2022-11-03 04:10:59,772 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 23 [2022-11-03 04:10:59,773 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 04:10:59,773 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 04:10:59,773 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-03 04:10:59,774 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 04:10:59,775 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 04:10:59,776 INFO L85 PathProgramCache]: Analyzing trace with hash -1532168176, now seen corresponding path program 1 times [2022-11-03 04:10:59,776 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 04:10:59,776 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1748222921] [2022-11-03 04:10:59,777 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 04:10:59,777 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 04:10:59,827 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 04:11:00,002 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 04:11:00,002 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 04:11:00,002 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1748222921] [2022-11-03 04:11:00,003 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1748222921] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 04:11:00,003 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 04:11:00,003 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 04:11:00,003 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1558072530] [2022-11-03 04:11:00,004 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 04:11:00,005 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 04:11:00,006 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 04:11:00,006 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 04:11:00,007 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 04:11:00,007 INFO L87 Difference]: Start difference. First operand 61 states and 80 transitions. Second operand has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 04:11:00,065 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 04:11:00,065 INFO L93 Difference]: Finished difference Result 94 states and 122 transitions. [2022-11-03 04:11:00,066 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 04:11:00,066 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 22 [2022-11-03 04:11:00,066 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 04:11:00,067 INFO L225 Difference]: With dead ends: 94 [2022-11-03 04:11:00,068 INFO L226 Difference]: Without dead ends: 53 [2022-11-03 04:11:00,069 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 04:11:00,070 INFO L413 NwaCegarLoop]: 54 mSDtfsCounter, 14 mSDsluCounter, 49 mSDsCounter, 0 mSdLazyCounter, 26 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 18 SdHoareTripleChecker+Valid, 92 SdHoareTripleChecker+Invalid, 26 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 26 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-03 04:11:00,071 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [18 Valid, 92 Invalid, 26 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 26 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-03 04:11:00,072 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 53 states. [2022-11-03 04:11:00,079 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 53 to 53. [2022-11-03 04:11:00,080 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 53 states, 34 states have (on average 1.3823529411764706) internal successors, (47), 42 states have internal predecessors, (47), 11 states have call successors, (11), 7 states have call predecessors, (11), 7 states have return successors, (11), 8 states have call predecessors, (11), 11 states have call successors, (11) [2022-11-03 04:11:00,081 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 53 states to 53 states and 69 transitions. [2022-11-03 04:11:00,081 INFO L78 Accepts]: Start accepts. Automaton has 53 states and 69 transitions. Word has length 22 [2022-11-03 04:11:00,081 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 04:11:00,081 INFO L495 AbstractCegarLoop]: Abstraction has 53 states and 69 transitions. [2022-11-03 04:11:00,082 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 5.0) internal successors, (15), 3 states have internal predecessors, (15), 1 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 04:11:00,082 INFO L276 IsEmpty]: Start isEmpty. Operand 53 states and 69 transitions. [2022-11-03 04:11:00,083 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 26 [2022-11-03 04:11:00,083 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 04:11:00,084 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 04:11:00,084 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-03 04:11:00,084 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 04:11:00,085 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 04:11:00,085 INFO L85 PathProgramCache]: Analyzing trace with hash -1247703669, now seen corresponding path program 1 times [2022-11-03 04:11:00,085 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 04:11:00,086 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1276205653] [2022-11-03 04:11:00,086 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 04:11:00,086 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 04:11:00,113 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 04:11:00,257 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 04:11:00,257 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 04:11:00,258 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1276205653] [2022-11-03 04:11:00,258 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1276205653] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 04:11:00,258 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 04:11:00,258 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-03 04:11:00,259 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [122634848] [2022-11-03 04:11:00,259 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 04:11:00,259 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-03 04:11:00,260 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 04:11:00,260 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-03 04:11:00,261 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-03 04:11:00,261 INFO L87 Difference]: Start difference. First operand 53 states and 69 transitions. Second operand has 4 states, 4 states have (on average 4.75) internal successors, (19), 4 states have internal predecessors, (19), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-03 04:11:00,387 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 04:11:00,388 INFO L93 Difference]: Finished difference Result 140 states and 183 transitions. [2022-11-03 04:11:00,388 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-03 04:11:00,388 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 4.75) internal successors, (19), 4 states have internal predecessors, (19), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) Word has length 25 [2022-11-03 04:11:00,389 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 04:11:00,391 INFO L225 Difference]: With dead ends: 140 [2022-11-03 04:11:00,391 INFO L226 Difference]: Without dead ends: 89 [2022-11-03 04:11:00,392 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-03 04:11:00,393 INFO L413 NwaCegarLoop]: 65 mSDtfsCounter, 90 mSDsluCounter, 101 mSDsCounter, 0 mSdLazyCounter, 45 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 94 SdHoareTripleChecker+Valid, 146 SdHoareTripleChecker+Invalid, 54 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 45 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-03 04:11:00,394 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [94 Valid, 146 Invalid, 54 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 45 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-03 04:11:00,396 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 89 states. [2022-11-03 04:11:00,414 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 89 to 86. [2022-11-03 04:11:00,415 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 86 states, 56 states have (on average 1.375) internal successors, (77), 67 states have internal predecessors, (77), 17 states have call successors, (17), 12 states have call predecessors, (17), 12 states have return successors, (18), 13 states have call predecessors, (18), 17 states have call successors, (18) [2022-11-03 04:11:00,416 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 86 states to 86 states and 112 transitions. [2022-11-03 04:11:00,417 INFO L78 Accepts]: Start accepts. Automaton has 86 states and 112 transitions. Word has length 25 [2022-11-03 04:11:00,417 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 04:11:00,417 INFO L495 AbstractCegarLoop]: Abstraction has 86 states and 112 transitions. [2022-11-03 04:11:00,418 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 4.75) internal successors, (19), 4 states have internal predecessors, (19), 2 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 2 states have call predecessors, (2), 2 states have call successors, (2) [2022-11-03 04:11:00,418 INFO L276 IsEmpty]: Start isEmpty. Operand 86 states and 112 transitions. [2022-11-03 04:11:00,419 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 29 [2022-11-03 04:11:00,420 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 04:11:00,420 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 04:11:00,420 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-03 04:11:00,421 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 04:11:00,421 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 04:11:00,422 INFO L85 PathProgramCache]: Analyzing trace with hash -355442781, now seen corresponding path program 1 times [2022-11-03 04:11:00,422 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 04:11:00,422 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1271129101] [2022-11-03 04:11:00,423 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 04:11:00,423 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 04:11:00,449 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 04:11:00,703 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 1 proven. 0 refuted. 0 times theorem prover too weak. 1 trivial. 0 not checked. [2022-11-03 04:11:00,703 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 04:11:00,704 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1271129101] [2022-11-03 04:11:00,704 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1271129101] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 04:11:00,704 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 04:11:00,704 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [6] imperfect sequences [] total 6 [2022-11-03 04:11:00,705 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1362392605] [2022-11-03 04:11:00,705 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 04:11:00,705 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 6 states [2022-11-03 04:11:00,706 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 04:11:00,706 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 6 interpolants. [2022-11-03 04:11:00,707 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=9, Invalid=21, Unknown=0, NotChecked=0, Total=30 [2022-11-03 04:11:00,707 INFO L87 Difference]: Start difference. First operand 86 states and 112 transitions. Second operand has 6 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 04:11:00,931 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 04:11:00,931 INFO L93 Difference]: Finished difference Result 209 states and 282 transitions. [2022-11-03 04:11:00,932 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 8 states. [2022-11-03 04:11:00,932 INFO L78 Accepts]: Start accepts. Automaton has has 6 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) Word has length 28 [2022-11-03 04:11:00,933 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 04:11:00,940 INFO L225 Difference]: With dead ends: 209 [2022-11-03 04:11:00,941 INFO L226 Difference]: Without dead ends: 125 [2022-11-03 04:11:00,946 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 7 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=21, Invalid=51, Unknown=0, NotChecked=0, Total=72 [2022-11-03 04:11:00,949 INFO L413 NwaCegarLoop]: 64 mSDtfsCounter, 34 mSDsluCounter, 245 mSDsCounter, 0 mSdLazyCounter, 122 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 35 SdHoareTripleChecker+Valid, 270 SdHoareTripleChecker+Invalid, 131 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 122 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-03 04:11:00,950 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [35 Valid, 270 Invalid, 131 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 122 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-03 04:11:00,951 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 125 states. [2022-11-03 04:11:00,983 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 125 to 118. [2022-11-03 04:11:00,984 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 118 states, 79 states have (on average 1.2911392405063291) internal successors, (102), 89 states have internal predecessors, (102), 21 states have call successors, (21), 17 states have call predecessors, (21), 17 states have return successors, (27), 20 states have call predecessors, (27), 21 states have call successors, (27) [2022-11-03 04:11:00,986 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 118 states to 118 states and 150 transitions. [2022-11-03 04:11:00,986 INFO L78 Accepts]: Start accepts. Automaton has 118 states and 150 transitions. Word has length 28 [2022-11-03 04:11:00,986 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 04:11:00,987 INFO L495 AbstractCegarLoop]: Abstraction has 118 states and 150 transitions. [2022-11-03 04:11:00,987 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 6 states, 5 states have (on average 4.6) internal successors, (23), 5 states have internal predecessors, (23), 1 states have call successors, (3), 2 states have call predecessors, (3), 2 states have return successors, (2), 2 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-03 04:11:00,987 INFO L276 IsEmpty]: Start isEmpty. Operand 118 states and 150 transitions. [2022-11-03 04:11:00,989 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 37 [2022-11-03 04:11:00,989 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 04:11:00,989 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 04:11:00,990 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-03 04:11:00,990 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 04:11:00,990 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 04:11:00,991 INFO L85 PathProgramCache]: Analyzing trace with hash 1651985796, now seen corresponding path program 1 times [2022-11-03 04:11:00,991 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 04:11:00,991 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [37808627] [2022-11-03 04:11:00,992 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 04:11:00,992 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 04:11:01,014 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 04:11:01,053 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 04:11:01,053 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 04:11:01,054 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [37808627] [2022-11-03 04:11:01,054 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [37808627] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 04:11:01,054 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 04:11:01,055 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-03 04:11:01,055 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [39527705] [2022-11-03 04:11:01,055 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 04:11:01,056 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-03 04:11:01,056 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 04:11:01,057 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-03 04:11:01,057 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 04:11:01,057 INFO L87 Difference]: Start difference. First operand 118 states and 150 transitions. Second operand has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-03 04:11:01,130 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 04:11:01,130 INFO L93 Difference]: Finished difference Result 236 states and 300 transitions. [2022-11-03 04:11:01,131 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-03 04:11:01,131 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) Word has length 36 [2022-11-03 04:11:01,132 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 04:11:01,133 INFO L225 Difference]: With dead ends: 236 [2022-11-03 04:11:01,133 INFO L226 Difference]: Without dead ends: 120 [2022-11-03 04:11:01,134 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-03 04:11:01,136 INFO L413 NwaCegarLoop]: 76 mSDtfsCounter, 30 mSDsluCounter, 64 mSDsCounter, 0 mSdLazyCounter, 39 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 30 SdHoareTripleChecker+Valid, 128 SdHoareTripleChecker+Invalid, 39 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 39 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-03 04:11:01,137 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [30 Valid, 128 Invalid, 39 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 39 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-03 04:11:01,138 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 120 states. [2022-11-03 04:11:01,158 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 120 to 118. [2022-11-03 04:11:01,159 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 118 states, 79 states have (on average 1.2784810126582278) internal successors, (101), 89 states have internal predecessors, (101), 21 states have call successors, (21), 17 states have call predecessors, (21), 17 states have return successors, (25), 20 states have call predecessors, (25), 21 states have call successors, (25) [2022-11-03 04:11:01,161 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 118 states to 118 states and 147 transitions. [2022-11-03 04:11:01,161 INFO L78 Accepts]: Start accepts. Automaton has 118 states and 147 transitions. Word has length 36 [2022-11-03 04:11:01,161 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 04:11:01,162 INFO L495 AbstractCegarLoop]: Abstraction has 118 states and 147 transitions. [2022-11-03 04:11:01,162 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 9.333333333333334) internal successors, (28), 3 states have internal predecessors, (28), 2 states have call successors, (4), 2 states have call predecessors, (4), 1 states have return successors, (3), 2 states have call predecessors, (3), 2 states have call successors, (3) [2022-11-03 04:11:01,163 INFO L276 IsEmpty]: Start isEmpty. Operand 118 states and 147 transitions. [2022-11-03 04:11:01,164 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 34 [2022-11-03 04:11:01,164 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 04:11:01,164 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 04:11:01,164 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-03 04:11:01,165 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 04:11:01,165 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 04:11:01,166 INFO L85 PathProgramCache]: Analyzing trace with hash 835720044, now seen corresponding path program 1 times [2022-11-03 04:11:01,166 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 04:11:01,166 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1960551588] [2022-11-03 04:11:01,166 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 04:11:01,167 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 04:11:01,188 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 04:11:01,591 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 04:11:01,592 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 04:11:01,592 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1960551588] [2022-11-03 04:11:01,592 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1960551588] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 04:11:01,592 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 04:11:01,593 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [7] imperfect sequences [] total 7 [2022-11-03 04:11:01,593 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1946454706] [2022-11-03 04:11:01,593 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 04:11:01,594 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 7 states [2022-11-03 04:11:01,595 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 04:11:01,596 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 7 interpolants. [2022-11-03 04:11:01,596 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=15, Invalid=27, Unknown=0, NotChecked=0, Total=42 [2022-11-03 04:11:01,597 INFO L87 Difference]: Start difference. First operand 118 states and 147 transitions. Second operand has 7 states, 7 states have (on average 3.5714285714285716) internal successors, (25), 7 states have internal predecessors, (25), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-03 04:11:01,911 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 04:11:01,911 INFO L93 Difference]: Finished difference Result 369 states and 463 transitions. [2022-11-03 04:11:01,912 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 7 states. [2022-11-03 04:11:01,912 INFO L78 Accepts]: Start accepts. Automaton has has 7 states, 7 states have (on average 3.5714285714285716) internal successors, (25), 7 states have internal predecessors, (25), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) Word has length 33 [2022-11-03 04:11:01,913 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 04:11:01,922 INFO L225 Difference]: With dead ends: 369 [2022-11-03 04:11:01,922 INFO L226 Difference]: Without dead ends: 253 [2022-11-03 04:11:01,947 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 10 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 6 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4 ImplicationChecksByTransitivity, 0.1s TimeCoverageRelationStatistics Valid=20, Invalid=36, Unknown=0, NotChecked=0, Total=56 [2022-11-03 04:11:01,953 INFO L413 NwaCegarLoop]: 90 mSDtfsCounter, 119 mSDsluCounter, 180 mSDsCounter, 0 mSdLazyCounter, 150 mSolverCounterSat, 24 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 121 SdHoareTripleChecker+Valid, 247 SdHoareTripleChecker+Invalid, 174 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 24 IncrementalHoareTripleChecker+Valid, 150 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-03 04:11:01,957 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [121 Valid, 247 Invalid, 174 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [24 Valid, 150 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-03 04:11:01,959 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 253 states. [2022-11-03 04:11:02,038 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 253 to 246. [2022-11-03 04:11:02,041 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 246 states, 165 states have (on average 1.2787878787878788) internal successors, (211), 183 states have internal predecessors, (211), 44 states have call successors, (44), 37 states have call predecessors, (44), 36 states have return successors, (53), 39 states have call predecessors, (53), 44 states have call successors, (53) [2022-11-03 04:11:02,043 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 246 states to 246 states and 308 transitions. [2022-11-03 04:11:02,043 INFO L78 Accepts]: Start accepts. Automaton has 246 states and 308 transitions. Word has length 33 [2022-11-03 04:11:02,044 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 04:11:02,044 INFO L495 AbstractCegarLoop]: Abstraction has 246 states and 308 transitions. [2022-11-03 04:11:02,045 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 7 states, 7 states have (on average 3.5714285714285716) internal successors, (25), 7 states have internal predecessors, (25), 3 states have call successors, (4), 2 states have call predecessors, (4), 2 states have return successors, (3), 2 states have call predecessors, (3), 3 states have call successors, (3) [2022-11-03 04:11:02,045 INFO L276 IsEmpty]: Start isEmpty. Operand 246 states and 308 transitions. [2022-11-03 04:11:02,047 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 37 [2022-11-03 04:11:02,048 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 04:11:02,048 INFO L195 NwaCegarLoop]: trace histogram [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 04:11:02,049 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-03 04:11:02,049 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 04:11:02,050 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 04:11:02,050 INFO L85 PathProgramCache]: Analyzing trace with hash 650926145, now seen corresponding path program 1 times [2022-11-03 04:11:02,052 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 04:11:02,052 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1743310520] [2022-11-03 04:11:02,052 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 04:11:02,053 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 04:11:02,085 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 04:11:02,566 INFO L134 CoverageAnalysis]: Checked inductivity of 2 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 2 trivial. 0 not checked. [2022-11-03 04:11:02,566 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 04:11:02,567 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1743310520] [2022-11-03 04:11:02,567 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1743310520] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-03 04:11:02,567 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-03 04:11:02,567 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [] total 8 [2022-11-03 04:11:02,568 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1071576593] [2022-11-03 04:11:02,568 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-03 04:11:02,568 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-03 04:11:02,569 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 04:11:02,569 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-03 04:11:02,569 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=17, Invalid=39, Unknown=0, NotChecked=0, Total=56 [2022-11-03 04:11:02,570 INFO L87 Difference]: Start difference. First operand 246 states and 308 transitions. Second operand has 8 states, 7 states have (on average 3.7142857142857144) internal successors, (26), 7 states have internal predecessors, (26), 4 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-03 04:11:03,465 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 04:11:03,466 INFO L93 Difference]: Finished difference Result 568 states and 729 transitions. [2022-11-03 04:11:03,467 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2022-11-03 04:11:03,467 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 7 states have (on average 3.7142857142857144) internal successors, (26), 7 states have internal predecessors, (26), 4 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) Word has length 36 [2022-11-03 04:11:03,469 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 04:11:03,475 INFO L225 Difference]: With dead ends: 568 [2022-11-03 04:11:03,475 INFO L226 Difference]: Without dead ends: 415 [2022-11-03 04:11:03,476 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 18 GetRequests, 5 SyntacticMatches, 0 SemanticMatches, 13 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 30 ImplicationChecksByTransitivity, 0.3s TimeCoverageRelationStatistics Valid=67, Invalid=143, Unknown=0, NotChecked=0, Total=210 [2022-11-03 04:11:03,479 INFO L413 NwaCegarLoop]: 85 mSDtfsCounter, 202 mSDsluCounter, 237 mSDsCounter, 0 mSdLazyCounter, 333 mSolverCounterSat, 86 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 207 SdHoareTripleChecker+Valid, 288 SdHoareTripleChecker+Invalid, 419 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 86 IncrementalHoareTripleChecker+Valid, 333 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2022-11-03 04:11:03,480 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [207 Valid, 288 Invalid, 419 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [86 Valid, 333 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2022-11-03 04:11:03,482 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 415 states. [2022-11-03 04:11:03,567 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 415 to 344. [2022-11-03 04:11:03,569 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 344 states, 234 states have (on average 1.2692307692307692) internal successors, (297), 259 states have internal predecessors, (297), 59 states have call successors, (59), 46 states have call predecessors, (59), 50 states have return successors, (74), 57 states have call predecessors, (74), 59 states have call successors, (74) [2022-11-03 04:11:03,573 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 344 states to 344 states and 430 transitions. [2022-11-03 04:11:03,573 INFO L78 Accepts]: Start accepts. Automaton has 344 states and 430 transitions. Word has length 36 [2022-11-03 04:11:03,573 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 04:11:03,574 INFO L495 AbstractCegarLoop]: Abstraction has 344 states and 430 transitions. [2022-11-03 04:11:03,574 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 7 states have (on average 3.7142857142857144) internal successors, (26), 7 states have internal predecessors, (26), 4 states have call successors, (5), 3 states have call predecessors, (5), 2 states have return successors, (4), 3 states have call predecessors, (4), 4 states have call successors, (4) [2022-11-03 04:11:03,574 INFO L276 IsEmpty]: Start isEmpty. Operand 344 states and 430 transitions. [2022-11-03 04:11:03,579 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 63 [2022-11-03 04:11:03,580 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 04:11:03,580 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 04:11:03,580 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6 [2022-11-03 04:11:03,581 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 04:11:03,581 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 04:11:03,581 INFO L85 PathProgramCache]: Analyzing trace with hash -1127725577, now seen corresponding path program 1 times [2022-11-03 04:11:03,582 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 04:11:03,582 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1414895725] [2022-11-03 04:11:03,582 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 04:11:03,583 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 04:11:03,631 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 04:11:04,218 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 19 proven. 5 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-11-03 04:11:04,219 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 04:11:04,219 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1414895725] [2022-11-03 04:11:04,222 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1414895725] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 04:11:04,222 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1007605565] [2022-11-03 04:11:04,223 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 04:11:04,223 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 04:11:04,224 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 04:11:04,230 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 04:11:04,250 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-03 04:11:04,392 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 04:11:04,421 INFO L263 TraceCheckSpWp]: Trace formula consists of 470 conjuncts, 22 conjunts are in the unsatisfiable core [2022-11-03 04:11:04,428 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 04:11:04,669 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 27 proven. 1 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-03 04:11:04,669 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 04:11:04,894 INFO L134 CoverageAnalysis]: Checked inductivity of 28 backedges. 16 proven. 1 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2022-11-03 04:11:04,895 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1007605565] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 04:11:04,895 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1390091385] [2022-11-03 04:11:04,927 INFO L159 IcfgInterpreter]: Started Sifa with 37 locations of interest [2022-11-03 04:11:04,927 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 04:11:04,932 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 04:11:04,940 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 04:11:04,940 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 04:11:12,617 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 52 for LOIs [2022-11-03 04:11:12,631 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 51 for LOIs [2022-11-03 04:11:13,079 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 45 for LOIs [2022-11-03 04:11:13,093 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 26 for LOIs [2022-11-03 04:11:13,136 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 04:11:20,742 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '4789#(and (= |timeShift_getWaterLevel_~retValue_acc~11#1| ~waterLevel~0) (= ~methaneLevelCritical~0 0) (= ~head~0.offset 0) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~6#1| 2)) (= |timeShift_getWaterLevel_~retValue_acc~11#1| |timeShift_getWaterLevel_#res#1|) (= 1 ~systemActive~0) (= |old(~pumpRunning~0)| 0) (= |old(~waterLevel~0)| ~waterLevel~0) (<= |timeShift_getWaterLevel_#res#1| 2147483647) (<= 2 |timeShift_getWaterLevel_#res#1|) (= ~head~0.base 0) (= |#NULL.offset| 0) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (= |timeShift___utac_acc__Specification5_spec__3_~tmp~6#1| |timeShift_getWaterLevel_#res#1|) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1|) (= ~pumpRunning~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0) (= |old(~switchedOnBeforeTS~0)| 0))' at error location [2022-11-03 04:11:20,742 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 04:11:20,742 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 04:11:20,742 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [12, 6, 6] total 18 [2022-11-03 04:11:20,743 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1360360776] [2022-11-03 04:11:20,743 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 04:11:20,744 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 18 states [2022-11-03 04:11:20,744 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 04:11:20,744 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 18 interpolants. [2022-11-03 04:11:20,745 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=240, Invalid=1740, Unknown=0, NotChecked=0, Total=1980 [2022-11-03 04:11:20,746 INFO L87 Difference]: Start difference. First operand 344 states and 430 transitions. Second operand has 18 states, 16 states have (on average 5.0625) internal successors, (81), 17 states have internal predecessors, (81), 6 states have call successors, (15), 5 states have call predecessors, (15), 6 states have return successors, (15), 7 states have call predecessors, (15), 6 states have call successors, (15) [2022-11-03 04:11:26,368 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 04:11:26,368 INFO L93 Difference]: Finished difference Result 1918 states and 2822 transitions. [2022-11-03 04:11:26,369 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 83 states. [2022-11-03 04:11:26,369 INFO L78 Accepts]: Start accepts. Automaton has has 18 states, 16 states have (on average 5.0625) internal successors, (81), 17 states have internal predecessors, (81), 6 states have call successors, (15), 5 states have call predecessors, (15), 6 states have return successors, (15), 7 states have call predecessors, (15), 6 states have call successors, (15) Word has length 62 [2022-11-03 04:11:26,370 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 04:11:26,381 INFO L225 Difference]: With dead ends: 1918 [2022-11-03 04:11:26,382 INFO L226 Difference]: Without dead ends: 1576 [2022-11-03 04:11:26,391 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 311 GetRequests, 189 SyntacticMatches, 1 SemanticMatches, 121 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 5371 ImplicationChecksByTransitivity, 10.0s TimeCoverageRelationStatistics Valid=1356, Invalid=13650, Unknown=0, NotChecked=0, Total=15006 [2022-11-03 04:11:26,392 INFO L413 NwaCegarLoop]: 142 mSDtfsCounter, 1084 mSDsluCounter, 1445 mSDsCounter, 0 mSdLazyCounter, 2920 mSolverCounterSat, 1035 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 2.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1096 SdHoareTripleChecker+Valid, 1349 SdHoareTripleChecker+Invalid, 3955 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.1s SdHoareTripleChecker+Time, 1035 IncrementalHoareTripleChecker+Valid, 2920 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 3.0s IncrementalHoareTripleChecker+Time [2022-11-03 04:11:26,392 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1096 Valid, 1349 Invalid, 3955 Unknown, 0 Unchecked, 0.1s Time], IncrementalHoareTripleChecker [1035 Valid, 2920 Invalid, 0 Unknown, 0 Unchecked, 3.0s Time] [2022-11-03 04:11:26,395 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1576 states. [2022-11-03 04:11:26,532 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1576 to 1003. [2022-11-03 04:11:26,535 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1003 states, 697 states have (on average 1.2754662840746054) internal successors, (889), 750 states have internal predecessors, (889), 160 states have call successors, (160), 138 states have call predecessors, (160), 145 states have return successors, (260), 148 states have call predecessors, (260), 160 states have call successors, (260) [2022-11-03 04:11:26,542 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1003 states to 1003 states and 1309 transitions. [2022-11-03 04:11:26,543 INFO L78 Accepts]: Start accepts. Automaton has 1003 states and 1309 transitions. Word has length 62 [2022-11-03 04:11:26,543 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 04:11:26,544 INFO L495 AbstractCegarLoop]: Abstraction has 1003 states and 1309 transitions. [2022-11-03 04:11:26,544 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 18 states, 16 states have (on average 5.0625) internal successors, (81), 17 states have internal predecessors, (81), 6 states have call successors, (15), 5 states have call predecessors, (15), 6 states have return successors, (15), 7 states have call predecessors, (15), 6 states have call successors, (15) [2022-11-03 04:11:26,544 INFO L276 IsEmpty]: Start isEmpty. Operand 1003 states and 1309 transitions. [2022-11-03 04:11:26,546 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 66 [2022-11-03 04:11:26,546 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 04:11:26,547 INFO L195 NwaCegarLoop]: trace histogram [3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 04:11:26,598 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-03 04:11:26,762 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable7 [2022-11-03 04:11:26,763 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 04:11:26,763 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 04:11:26,763 INFO L85 PathProgramCache]: Analyzing trace with hash -1303465807, now seen corresponding path program 1 times [2022-11-03 04:11:26,764 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 04:11:26,764 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1943214332] [2022-11-03 04:11:26,764 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 04:11:26,764 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 04:11:26,788 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 04:11:27,144 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 1 proven. 21 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-11-03 04:11:27,144 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 04:11:27,145 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1943214332] [2022-11-03 04:11:27,145 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1943214332] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 04:11:27,150 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1506250095] [2022-11-03 04:11:27,150 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 04:11:27,150 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 04:11:27,151 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 04:11:27,152 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 04:11:27,182 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-03 04:11:27,299 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 04:11:27,302 INFO L263 TraceCheckSpWp]: Trace formula consists of 462 conjuncts, 13 conjunts are in the unsatisfiable core [2022-11-03 04:11:27,305 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 04:11:27,367 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 14 proven. 1 refuted. 0 times theorem prover too weak. 11 trivial. 0 not checked. [2022-11-03 04:11:27,367 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 04:11:27,462 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 7 proven. 1 refuted. 0 times theorem prover too weak. 18 trivial. 0 not checked. [2022-11-03 04:11:27,462 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1506250095] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 04:11:27,462 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1949680783] [2022-11-03 04:11:27,466 INFO L159 IcfgInterpreter]: Started Sifa with 42 locations of interest [2022-11-03 04:11:27,466 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 04:11:27,467 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 04:11:27,467 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 04:11:27,468 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 04:11:31,970 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 48 for LOIs [2022-11-03 04:11:31,980 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 29 for LOIs [2022-11-03 04:11:32,329 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 39 for LOIs [2022-11-03 04:11:32,335 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 73 for LOIs [2022-11-03 04:11:32,709 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 50 for LOIs [2022-11-03 04:11:32,714 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 04:11:39,746 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '9880#(and (= |timeShift_getWaterLevel_~retValue_acc~11#1| ~waterLevel~0) (= ~methaneLevelCritical~0 0) (<= 0 (+ 2147483648 |old(~pumpRunning~0)|)) (= ~head~0.offset 0) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 2147483647) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 0)) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~6#1| 2)) (<= |old(~pumpRunning~0)| 2147483647) (= |timeShift_getWaterLevel_~retValue_acc~11#1| |timeShift_getWaterLevel_#res#1|) (= 1 ~systemActive~0) (<= 0 (+ |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 2147483648)) (<= 0 (+ 2147483648 |timeShift_getWaterLevel_#res#1|)) (<= |timeShift_getWaterLevel_#res#1| 2147483647) (= ~head~0.base 0) (= |#NULL.offset| 0) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (= |timeShift___utac_acc__Specification5_spec__3_~tmp~6#1| |timeShift_getWaterLevel_#res#1|) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 04:11:39,746 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 04:11:39,746 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 04:11:39,746 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [10, 6, 6] total 13 [2022-11-03 04:11:39,747 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1294678918] [2022-11-03 04:11:39,747 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 04:11:39,747 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 13 states [2022-11-03 04:11:39,747 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 04:11:39,748 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 13 interpolants. [2022-11-03 04:11:39,748 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=252, Invalid=1818, Unknown=0, NotChecked=0, Total=2070 [2022-11-03 04:11:39,749 INFO L87 Difference]: Start difference. First operand 1003 states and 1309 transitions. Second operand has 13 states, 11 states have (on average 6.181818181818182) internal successors, (68), 11 states have internal predecessors, (68), 4 states have call successors, (14), 3 states have call predecessors, (14), 5 states have return successors, (17), 7 states have call predecessors, (17), 4 states have call successors, (17) [2022-11-03 04:11:41,047 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 04:11:41,047 INFO L93 Difference]: Finished difference Result 1962 states and 2636 transitions. [2022-11-03 04:11:41,047 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 29 states. [2022-11-03 04:11:41,048 INFO L78 Accepts]: Start accepts. Automaton has has 13 states, 11 states have (on average 6.181818181818182) internal successors, (68), 11 states have internal predecessors, (68), 4 states have call successors, (14), 3 states have call predecessors, (14), 5 states have return successors, (17), 7 states have call predecessors, (17), 4 states have call successors, (17) Word has length 65 [2022-11-03 04:11:41,051 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 04:11:41,069 INFO L225 Difference]: With dead ends: 1962 [2022-11-03 04:11:41,069 INFO L226 Difference]: Without dead ends: 1294 [2022-11-03 04:11:41,074 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 239 GetRequests, 172 SyntacticMatches, 0 SemanticMatches, 67 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1507 ImplicationChecksByTransitivity, 7.5s TimeCoverageRelationStatistics Valid=527, Invalid=4165, Unknown=0, NotChecked=0, Total=4692 [2022-11-03 04:11:41,078 INFO L413 NwaCegarLoop]: 103 mSDtfsCounter, 501 mSDsluCounter, 464 mSDsCounter, 0 mSdLazyCounter, 666 mSolverCounterSat, 333 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.5s Time, 0 mProtectedPredicate, 0 mProtectedAction, 505 SdHoareTripleChecker+Valid, 478 SdHoareTripleChecker+Invalid, 999 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 333 IncrementalHoareTripleChecker+Valid, 666 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.6s IncrementalHoareTripleChecker+Time [2022-11-03 04:11:41,078 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [505 Valid, 478 Invalid, 999 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [333 Valid, 666 Invalid, 0 Unknown, 0 Unchecked, 0.6s Time] [2022-11-03 04:11:41,081 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1294 states. [2022-11-03 04:11:41,216 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1294 to 1044. [2022-11-03 04:11:41,219 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1044 states, 725 states have (on average 1.2510344827586206) internal successors, (907), 781 states have internal predecessors, (907), 168 states have call successors, (168), 146 states have call predecessors, (168), 150 states have return successors, (255), 154 states have call predecessors, (255), 168 states have call successors, (255) [2022-11-03 04:11:41,225 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1044 states to 1044 states and 1330 transitions. [2022-11-03 04:11:41,225 INFO L78 Accepts]: Start accepts. Automaton has 1044 states and 1330 transitions. Word has length 65 [2022-11-03 04:11:41,226 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 04:11:41,226 INFO L495 AbstractCegarLoop]: Abstraction has 1044 states and 1330 transitions. [2022-11-03 04:11:41,226 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 13 states, 11 states have (on average 6.181818181818182) internal successors, (68), 11 states have internal predecessors, (68), 4 states have call successors, (14), 3 states have call predecessors, (14), 5 states have return successors, (17), 7 states have call predecessors, (17), 4 states have call successors, (17) [2022-11-03 04:11:41,227 INFO L276 IsEmpty]: Start isEmpty. Operand 1044 states and 1330 transitions. [2022-11-03 04:11:41,234 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 95 [2022-11-03 04:11:41,234 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 04:11:41,235 INFO L195 NwaCegarLoop]: trace histogram [5, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 04:11:41,283 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-03 04:11:41,462 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable8,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 04:11:41,462 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 04:11:41,463 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 04:11:41,463 INFO L85 PathProgramCache]: Analyzing trace with hash 1123651971, now seen corresponding path program 1 times [2022-11-03 04:11:41,463 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 04:11:41,463 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1124466955] [2022-11-03 04:11:41,463 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 04:11:41,463 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 04:11:41,490 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 04:11:42,335 INFO L134 CoverageAnalysis]: Checked inductivity of 79 backedges. 20 proven. 33 refuted. 0 times theorem prover too weak. 26 trivial. 0 not checked. [2022-11-03 04:11:42,336 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 04:11:42,336 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1124466955] [2022-11-03 04:11:42,336 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1124466955] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 04:11:42,337 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [2111757066] [2022-11-03 04:11:42,337 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 04:11:42,337 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 04:11:42,337 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 04:11:42,339 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 04:11:42,370 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-11-03 04:11:42,531 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 04:11:42,534 INFO L263 TraceCheckSpWp]: Trace formula consists of 580 conjuncts, 29 conjunts are in the unsatisfiable core [2022-11-03 04:11:42,538 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 04:11:42,809 INFO L134 CoverageAnalysis]: Checked inductivity of 79 backedges. 0 proven. 60 refuted. 0 times theorem prover too weak. 19 trivial. 0 not checked. [2022-11-03 04:11:42,810 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 04:11:43,271 INFO L134 CoverageAnalysis]: Checked inductivity of 79 backedges. 27 proven. 16 refuted. 0 times theorem prover too weak. 36 trivial. 0 not checked. [2022-11-03 04:11:43,272 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [2111757066] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 04:11:43,272 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1781988701] [2022-11-03 04:11:43,278 INFO L159 IcfgInterpreter]: Started Sifa with 44 locations of interest [2022-11-03 04:11:43,278 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 04:11:43,279 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 04:11:43,279 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 04:11:43,279 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 04:11:54,851 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 324 for LOIs [2022-11-03 04:11:54,920 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 37 for LOIs [2022-11-03 04:11:55,401 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 30 for LOIs [2022-11-03 04:11:55,404 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 27 for LOIs [2022-11-03 04:11:55,430 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 50 for LOIs [2022-11-03 04:11:55,438 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 36 for LOIs [2022-11-03 04:11:55,441 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 04:12:12,270 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '15177#(and (= |timeShift_getWaterLevel_~retValue_acc~11#1| ~waterLevel~0) (<= ~methaneLevelCritical~0 1) (= ~head~0.offset 0) (<= 1 ~systemActive~0) (<= |old(~switchedOnBeforeTS~0)| 2147483647) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 1) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 0)) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~6#1| 2)) (<= |#NULL.offset| 0) (= |timeShift_getWaterLevel_~retValue_acc~11#1| |timeShift_getWaterLevel_#res#1|) (= |old(~pumpRunning~0)| 0) (<= 0 ~head~0.base) (<= 0 (+ |old(~switchedOnBeforeTS~0)| 2147483648)) (<= 0 (+ 2147483648 |timeShift_getWaterLevel_#res#1|)) (<= 0 ~methaneLevelCritical~0) (<= |timeShift_getWaterLevel_#res#1| 2147483647) (<= 0 ~pumpRunning~0) (<= ~head~0.base 0) (<= 0 |#NULL.offset|) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (= |timeShift___utac_acc__Specification5_spec__3_~tmp~6#1| |timeShift_getWaterLevel_#res#1|) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1|) (<= ~systemActive~0 1) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 04:12:12,270 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 04:12:12,270 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 04:12:12,270 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [16, 10, 11] total 25 [2022-11-03 04:12:12,270 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1285932052] [2022-11-03 04:12:12,270 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 04:12:12,271 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 25 states [2022-11-03 04:12:12,271 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 04:12:12,272 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 25 interpolants. [2022-11-03 04:12:12,273 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=292, Invalid=3248, Unknown=0, NotChecked=0, Total=3540 [2022-11-03 04:12:12,274 INFO L87 Difference]: Start difference. First operand 1044 states and 1330 transitions. Second operand has 25 states, 19 states have (on average 7.631578947368421) internal successors, (145), 22 states have internal predecessors, (145), 11 states have call successors, (34), 9 states have call predecessors, (34), 14 states have return successors, (33), 12 states have call predecessors, (33), 11 states have call successors, (33) [2022-11-03 04:12:15,063 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 04:12:15,063 INFO L93 Difference]: Finished difference Result 3150 states and 4100 transitions. [2022-11-03 04:12:15,064 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 43 states. [2022-11-03 04:12:15,064 INFO L78 Accepts]: Start accepts. Automaton has has 25 states, 19 states have (on average 7.631578947368421) internal successors, (145), 22 states have internal predecessors, (145), 11 states have call successors, (34), 9 states have call predecessors, (34), 14 states have return successors, (33), 12 states have call predecessors, (33), 11 states have call successors, (33) Word has length 94 [2022-11-03 04:12:15,066 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 04:12:15,081 INFO L225 Difference]: With dead ends: 3150 [2022-11-03 04:12:15,082 INFO L226 Difference]: Without dead ends: 2228 [2022-11-03 04:12:15,092 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 349 GetRequests, 250 SyntacticMatches, 3 SemanticMatches, 96 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3248 ImplicationChecksByTransitivity, 18.0s TimeCoverageRelationStatistics Valid=830, Invalid=8676, Unknown=0, NotChecked=0, Total=9506 [2022-11-03 04:12:15,093 INFO L413 NwaCegarLoop]: 128 mSDtfsCounter, 798 mSDsluCounter, 642 mSDsCounter, 0 mSdLazyCounter, 2052 mSolverCounterSat, 528 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 799 SdHoareTripleChecker+Valid, 649 SdHoareTripleChecker+Invalid, 2580 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 528 IncrementalHoareTripleChecker+Valid, 2052 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.5s IncrementalHoareTripleChecker+Time [2022-11-03 04:12:15,094 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [799 Valid, 649 Invalid, 2580 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [528 Valid, 2052 Invalid, 0 Unknown, 0 Unchecked, 1.5s Time] [2022-11-03 04:12:15,097 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 2228 states. [2022-11-03 04:12:15,337 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 2228 to 1733. [2022-11-03 04:12:15,341 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1733 states, 1196 states have (on average 1.229933110367893) internal successors, (1471), 1293 states have internal predecessors, (1471), 276 states have call successors, (276), 246 states have call predecessors, (276), 260 states have return successors, (389), 263 states have call predecessors, (389), 276 states have call successors, (389) [2022-11-03 04:12:15,353 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1733 states to 1733 states and 2136 transitions. [2022-11-03 04:12:15,354 INFO L78 Accepts]: Start accepts. Automaton has 1733 states and 2136 transitions. Word has length 94 [2022-11-03 04:12:15,356 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 04:12:15,356 INFO L495 AbstractCegarLoop]: Abstraction has 1733 states and 2136 transitions. [2022-11-03 04:12:15,357 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 25 states, 19 states have (on average 7.631578947368421) internal successors, (145), 22 states have internal predecessors, (145), 11 states have call successors, (34), 9 states have call predecessors, (34), 14 states have return successors, (33), 12 states have call predecessors, (33), 11 states have call successors, (33) [2022-11-03 04:12:15,357 INFO L276 IsEmpty]: Start isEmpty. Operand 1733 states and 2136 transitions. [2022-11-03 04:12:15,362 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 92 [2022-11-03 04:12:15,363 INFO L187 NwaCegarLoop]: Found error trace [2022-11-03 04:12:15,363 INFO L195 NwaCegarLoop]: trace histogram [5, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 04:12:15,412 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2022-11-03 04:12:15,578 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable9,4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 04:12:15,578 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-03 04:12:15,579 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-03 04:12:15,579 INFO L85 PathProgramCache]: Analyzing trace with hash -303165454, now seen corresponding path program 1 times [2022-11-03 04:12:15,579 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-03 04:12:15,579 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [846882508] [2022-11-03 04:12:15,579 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 04:12:15,580 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-03 04:12:15,616 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 04:12:16,809 INFO L134 CoverageAnalysis]: Checked inductivity of 79 backedges. 12 proven. 45 refuted. 0 times theorem prover too weak. 22 trivial. 0 not checked. [2022-11-03 04:12:16,809 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-03 04:12:16,809 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [846882508] [2022-11-03 04:12:16,809 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [846882508] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-03 04:12:16,809 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [157291119] [2022-11-03 04:12:16,809 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-03 04:12:16,810 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-03 04:12:16,810 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/z3 [2022-11-03 04:12:16,811 INFO L229 MonitoredProcess]: Starting monitored process 5 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-03 04:12:16,830 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2022-11-03 04:12:16,943 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-03 04:12:16,947 INFO L263 TraceCheckSpWp]: Trace formula consists of 574 conjuncts, 30 conjunts are in the unsatisfiable core [2022-11-03 04:12:16,950 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-03 04:12:17,359 INFO L134 CoverageAnalysis]: Checked inductivity of 79 backedges. 57 proven. 16 refuted. 0 times theorem prover too weak. 6 trivial. 0 not checked. [2022-11-03 04:12:17,359 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-03 04:12:17,914 INFO L134 CoverageAnalysis]: Checked inductivity of 79 backedges. 52 proven. 5 refuted. 0 times theorem prover too weak. 22 trivial. 0 not checked. [2022-11-03 04:12:17,914 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [157291119] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-03 04:12:17,915 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1413768913] [2022-11-03 04:12:17,917 INFO L159 IcfgInterpreter]: Started Sifa with 41 locations of interest [2022-11-03 04:12:17,918 INFO L166 IcfgInterpreter]: Building call graph [2022-11-03 04:12:17,918 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-03 04:12:17,918 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-03 04:12:17,919 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-03 04:12:26,750 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 324 for LOIs [2022-11-03 04:12:26,815 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 36 for LOIs [2022-11-03 04:12:27,135 INFO L197 IcfgInterpreter]: Interpreting procedure isPumpRunning with input of size 58 for LOIs [2022-11-03 04:12:27,151 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 26 for LOIs [2022-11-03 04:12:27,182 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 35 for LOIs [2022-11-03 04:12:27,185 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-03 04:12:39,998 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '23337#(and (= |timeShift_getWaterLevel_~retValue_acc~11#1| ~waterLevel~0) (<= 0 |old(~pumpRunning~0)|) (= ~methaneLevelCritical~0 0) (<= |old(~pumpRunning~0)| 1) (= ~head~0.offset 0) (<= |old(~switchedOnBeforeTS~0)| 2147483647) (<= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 1) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 0)) (not (= |timeShift___utac_acc__Specification5_spec__3_~tmp~6#1| 2)) (= |timeShift_getWaterLevel_~retValue_acc~11#1| |timeShift_getWaterLevel_#res#1|) (= 1 ~systemActive~0) (<= 0 (+ |old(~switchedOnBeforeTS~0)| 2147483648)) (<= 0 (+ 2147483648 |timeShift_getWaterLevel_#res#1|)) (<= |timeShift_getWaterLevel_#res#1| 2147483647) (<= 0 ~pumpRunning~0) (= ~head~0.base 0) (= |#NULL.offset| 0) (= ~switchedOnBeforeTS~0 0) (<= 0 |#StackHeapBarrier|) (= |timeShift___utac_acc__Specification5_spec__3_~tmp~6#1| |timeShift_getWaterLevel_#res#1|) (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-03 04:12:39,998 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-03 04:12:39,998 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-03 04:12:39,998 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [19, 11, 11] total 31 [2022-11-03 04:12:39,998 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1514230187] [2022-11-03 04:12:39,999 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-03 04:12:40,000 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 31 states [2022-11-03 04:12:40,000 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-03 04:12:40,001 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 31 interpolants. [2022-11-03 04:12:40,002 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=413, Invalid=3619, Unknown=0, NotChecked=0, Total=4032 [2022-11-03 04:12:40,003 INFO L87 Difference]: Start difference. First operand 1733 states and 2136 transitions. Second operand has 31 states, 29 states have (on average 4.827586206896552) internal successors, (140), 30 states have internal predecessors, (140), 17 states have call successors, (28), 8 states have call predecessors, (28), 12 states have return successors, (27), 15 states have call predecessors, (27), 16 states have call successors, (27) [2022-11-03 04:12:46,818 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-03 04:12:46,819 INFO L93 Difference]: Finished difference Result 4485 states and 5950 transitions. [2022-11-03 04:12:46,819 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 85 states. [2022-11-03 04:12:46,820 INFO L78 Accepts]: Start accepts. Automaton has has 31 states, 29 states have (on average 4.827586206896552) internal successors, (140), 30 states have internal predecessors, (140), 17 states have call successors, (28), 8 states have call predecessors, (28), 12 states have return successors, (27), 15 states have call predecessors, (27), 16 states have call successors, (27) Word has length 91 [2022-11-03 04:12:46,820 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-03 04:12:46,822 INFO L225 Difference]: With dead ends: 4485 [2022-11-03 04:12:46,822 INFO L226 Difference]: Without dead ends: 0 [2022-11-03 04:12:46,842 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 404 GetRequests, 263 SyntacticMatches, 4 SemanticMatches, 137 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 7545 ImplicationChecksByTransitivity, 16.8s TimeCoverageRelationStatistics Valid=2256, Invalid=16926, Unknown=0, NotChecked=0, Total=19182 [2022-11-03 04:12:46,843 INFO L413 NwaCegarLoop]: 159 mSDtfsCounter, 1742 mSDsluCounter, 1214 mSDsCounter, 0 mSdLazyCounter, 2514 mSolverCounterSat, 1261 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 2.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1750 SdHoareTripleChecker+Valid, 1136 SdHoareTripleChecker+Invalid, 3775 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1261 IncrementalHoareTripleChecker+Valid, 2514 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.6s IncrementalHoareTripleChecker+Time [2022-11-03 04:12:46,843 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1750 Valid, 1136 Invalid, 3775 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1261 Valid, 2514 Invalid, 0 Unknown, 0 Unchecked, 2.6s Time] [2022-11-03 04:12:46,844 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-03 04:12:46,844 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-03 04:12:46,844 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-03 04:12:46,845 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-03 04:12:46,846 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 91 [2022-11-03 04:12:46,846 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-03 04:12:46,846 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-03 04:12:46,847 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 31 states, 29 states have (on average 4.827586206896552) internal successors, (140), 30 states have internal predecessors, (140), 17 states have call successors, (28), 8 states have call predecessors, (28), 12 states have return successors, (27), 15 states have call predecessors, (27), 16 states have call successors, (27) [2022-11-03 04:12:46,847 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-03 04:12:46,847 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-03 04:12:46,850 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-03 04:12:46,899 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2022-11-03 04:12:47,065 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable10 [2022-11-03 04:12:47,067 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-03 04:13:44,912 INFO L895 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 179 186) the Hoare annotation is: (let ((.cse9 (= ~methaneLevelCritical~0 0)) (.cse11 (= 2 ~waterLevel~0))) (let ((.cse7 (not .cse11)) (.cse8 (= |old(~pumpRunning~0)| 0)) (.cse6 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse5 (not .cse9)) (.cse4 (= 0 ~systemActive~0))) (let ((.cse0 (let ((.cse10 (not (= ~pumpRunning~0 0)))) (and .cse6 (or .cse10 .cse5) (or .cse10 .cse11) (not .cse4)))) (.cse1 (and .cse9 .cse8)) (.cse2 (and .cse7 .cse8)) (.cse3 (not (= ~methaneLevelCritical~0 1)))) (and (or .cse0 .cse1 .cse2 .cse3 (not (<= ~waterLevel~0 1)) .cse4) (or .cse0 .cse1 .cse5 .cse2 (not (<= ~waterLevel~0 2)) .cse4) (or .cse6 .cse7 .cse8 .cse3 .cse4))))) [2022-11-03 04:13:44,913 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 179 186) no Hoare annotation was computed. [2022-11-03 04:13:44,913 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 94 100) no Hoare annotation was computed. [2022-11-03 04:13:44,913 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 94 100) the Hoare annotation is: true [2022-11-03 04:13:44,915 INFO L895 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 964 975) the Hoare annotation is: (let ((.cse3 (= 0 ~systemActive~0))) (let ((.cse0 (not (= |old(~methaneLevelCritical~0)| 0))) (.cse1 (= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)) (.cse6 (not (<= ~waterLevel~0 1))) (.cse4 (not (= ~pumpRunning~0 0))) (.cse8 (= ~methaneLevelCritical~0 1)) (.cse2 (not (<= ~waterLevel~0 2))) (.cse9 (not (= |old(~methaneLevelCritical~0)| 1))) (.cse5 (not (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (.cse7 (not .cse3))) (and (or .cse0 .cse1 (not (<= 2 ~waterLevel~0)) .cse2 .cse3) (or .cse0 .cse4 .cse1 .cse2 .cse3) (or .cse0 .cse4 .cse1 .cse5 .cse6 .cse7) (or .cse0 .cse4 (not (= 2 ~waterLevel~0)) .cse1 .cse5) (or .cse8 .cse2 .cse9 .cse5 .cse3) (or .cse0 .cse1 .cse5 .cse6 .cse3) (or .cse4 .cse8 .cse2 .cse9 .cse3) (or .cse4 .cse8 .cse2 .cse9 .cse5 .cse7)))) [2022-11-03 04:13:44,915 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 964 975) no Hoare annotation was computed. [2022-11-03 04:13:44,915 INFO L902 garLoopResultBuilder]: At program point L801(line 801) the Hoare annotation is: true [2022-11-03 04:13:44,916 INFO L899 garLoopResultBuilder]: For program point L801-1(line 801) no Hoare annotation was computed. [2022-11-03 04:13:44,916 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 795 824) no Hoare annotation was computed. [2022-11-03 04:13:44,916 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 795 824) the Hoare annotation is: true [2022-11-03 04:13:44,916 INFO L902 garLoopResultBuilder]: At program point L820(lines 795 824) the Hoare annotation is: true [2022-11-03 04:13:44,916 INFO L899 garLoopResultBuilder]: For program point L816(line 816) no Hoare annotation was computed. [2022-11-03 04:13:44,917 INFO L899 garLoopResultBuilder]: For program point L809(lines 809 813) no Hoare annotation was computed. [2022-11-03 04:13:44,917 INFO L902 garLoopResultBuilder]: At program point L809-1(lines 809 813) the Hoare annotation is: true [2022-11-03 04:13:44,917 INFO L902 garLoopResultBuilder]: At program point L805-2(lines 805 819) the Hoare annotation is: true [2022-11-03 04:13:44,917 INFO L899 garLoopResultBuilder]: For program point L411(lines 411 417) no Hoare annotation was computed. [2022-11-03 04:13:44,918 INFO L895 garLoopResultBuilder]: At program point L147(line 147) the Hoare annotation is: (let ((.cse3 (= 0 ~systemActive~0)) (.cse13 (= |old(~pumpRunning~0)| 0)) (.cse12 (not (= |old(~waterLevel~0)| 2)))) (let ((.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse10 (not (<= |old(~waterLevel~0)| 1))) (.cse1 (and .cse13 .cse12)) (.cse5 (not .cse13)) (.cse4 (not (<= |old(~waterLevel~0)| 2))) (.cse9 (not .cse3)) (.cse6 (= ~pumpRunning~0 0)) (.cse7 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse8 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse11 (not (= ~methaneLevelCritical~0 1)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 (= |old(~switchedOnBeforeTS~0)| 0)) (or .cse5 .cse2 .cse4 (and .cse6 .cse7 .cse8 .cse9)) (or .cse2 (not (= |old(~pumpRunning~0)| 1)) .cse3 .cse4 (not (<= 2 |old(~waterLevel~0)|))) (or .cse10 .cse5 (and .cse6 .cse7 .cse8) .cse11) (or .cse0 .cse10 .cse1 .cse11 .cse3) (or .cse5 .cse11 .cse4 .cse9) (or (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse6 .cse7 .cse8) .cse11 .cse12 .cse3)))) [2022-11-03 04:13:44,918 INFO L895 garLoopResultBuilder]: At program point L147-1(lines 128 152) the Hoare annotation is: (let ((.cse17 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse25 (< 0 |old(~waterLevel~0)|)) (.cse12 (= 0 ~systemActive~0))) (let ((.cse3 (not .cse12)) (.cse23 (= ~methaneLevelCritical~0 0)) (.cse15 (not (= ~switchedOnBeforeTS~0 0))) (.cse16 (= ~pumpRunning~0 0)) (.cse24 (= |old(~pumpRunning~0)| 0)) (.cse13 (not (= |old(~waterLevel~0)| 2))) (.cse19 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse26 (and .cse17 .cse25)) (.cse6 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse22 (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (let ((.cse9 (and .cse19 (<= ~waterLevel~0 0) (or .cse26 .cse6) .cse22)) (.cse10 (and .cse24 .cse13)) (.cse11 (and .cse15 .cse16 (or (and (not .cse25) .cse6) .cse26))) (.cse8 (not (<= |old(~waterLevel~0)| 1))) (.cse4 (and .cse16 .cse6 .cse22)) (.cse7 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse18 (and .cse19 .cse17 .cse22)) (.cse20 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not .cse24)) (.cse5 (not (= ~methaneLevelCritical~0 1))) (.cse2 (not (<= |old(~waterLevel~0)| 2))) (.cse1 (not .cse23)) (.cse21 (and .cse15 .cse16 .cse17 .cse23 .cse3)) (.cse14 (= ~pumpRunning~0 1))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse0 .cse4 .cse5 (and (<= 2 ~waterLevel~0) .cse6) .cse2) (or .cse7 .cse8 .cse9 .cse10 .cse11 .cse5 .cse12) (or .cse0 .cse4 .cse1 .cse13 (and .cse6 .cse14)) (or (and .cse15 .cse16 .cse17) .cse18 (and .cse19 .cse16) .cse5 .cse12 .cse2 .cse20) (or .cse7 .cse8 .cse9 .cse10 .cse1 .cse11 .cse12) (or .cse8 .cse0 .cse4 .cse1) (or .cse7 .cse18 .cse1 .cse12 .cse2 .cse21 .cse20 (= |old(~switchedOnBeforeTS~0)| 0)) (or .cse0 .cse5 .cse2 .cse3) (or .cse1 (not (= |old(~pumpRunning~0)| 1)) .cse13 .cse12 .cse21 (and .cse17 .cse22 .cse14)))))) [2022-11-03 04:13:44,919 INFO L895 garLoopResultBuilder]: At program point L81-1(lines 81 87) the Hoare annotation is: (let ((.cse16 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse26 (< 0 |old(~waterLevel~0)|)) (.cse10 (= 0 ~systemActive~0))) (let ((.cse21 (not .cse10)) (.cse24 (= ~methaneLevelCritical~0 0)) (.cse14 (not (= ~switchedOnBeforeTS~0 0))) (.cse15 (= ~pumpRunning~0 0)) (.cse25 (= |old(~pumpRunning~0)| 0)) (.cse12 (not (= |old(~waterLevel~0)| 2))) (.cse18 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse27 (and .cse16 .cse26)) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse23 (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (let ((.cse7 (and .cse18 (<= ~waterLevel~0 0) (or .cse27 .cse3) .cse23)) (.cse8 (and .cse25 .cse12)) (.cse9 (and .cse14 .cse15 (or (and (not .cse26) .cse3) .cse27))) (.cse6 (not (<= |old(~waterLevel~0)| 1))) (.cse1 (and .cse15 .cse3 .cse23)) (.cse20 (and .cse18 .cse15 .cse3 .cse10 .cse23)) (.cse0 (not .cse25)) (.cse2 (not (= ~methaneLevelCritical~0 1))) (.cse5 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse17 (and .cse18 .cse16 .cse23)) (.cse4 (not (<= |old(~waterLevel~0)| 2))) (.cse19 (not (<= 2 |old(~waterLevel~0)|))) (.cse11 (not .cse24)) (.cse22 (and .cse14 .cse15 .cse16 .cse24 .cse21)) (.cse13 (= ~pumpRunning~0 1))) (and (or .cse0 .cse1 .cse2 (and (<= 2 ~waterLevel~0) .cse3) .cse4) (or .cse5 .cse6 .cse7 .cse8 .cse9 .cse2 .cse10) (or .cse0 .cse1 .cse11 .cse12 (and .cse3 .cse13)) (or (and .cse14 .cse15 .cse16) .cse17 (and .cse18 .cse15) .cse2 .cse10 .cse4 .cse19) (or .cse5 .cse6 .cse7 .cse8 .cse11 .cse9 .cse10) (or .cse20 .cse0 .cse11 .cse4 .cse21) (or .cse6 .cse0 .cse1 .cse11) (or .cse20 .cse0 .cse2 .cse4 .cse21) (or .cse5 .cse17 .cse11 .cse10 .cse4 .cse22 .cse19 (= |old(~switchedOnBeforeTS~0)| 0)) (or .cse11 (not (= |old(~pumpRunning~0)| 1)) .cse12 .cse10 .cse22 (and .cse16 .cse23 .cse13)))))) [2022-11-03 04:13:44,920 INFO L895 garLoopResultBuilder]: At program point L408(line 408) the Hoare annotation is: (let ((.cse15 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse24 (< 0 |old(~waterLevel~0)|))) (let ((.cse20 (= |old(~pumpRunning~0)| 0)) (.cse14 (not (= |old(~waterLevel~0)| 2))) (.cse18 (not (= ~switchedOnBeforeTS~0 0))) (.cse22 (and .cse15 .cse24)) (.cse21 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse19 (= ~pumpRunning~0 0)) (.cse23 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse16 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~6#1| ~waterLevel~0)) (.cse17 (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (let ((.cse2 (and .cse21 .cse19 (<= ~waterLevel~0 1) .cse23 .cse16 .cse17)) (.cse0 (not (<= |old(~waterLevel~0)| 1))) (.cse5 (and .cse18 .cse19 (or (and (not .cse24) .cse23) .cse22) .cse16)) (.cse6 (and .cse20 .cse14)) (.cse7 (and .cse21 (<= ~waterLevel~0 0) (or .cse22 .cse23) .cse16 .cse17)) (.cse11 (not (= ~methaneLevelCritical~0 1))) (.cse4 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse10 (and .cse21 .cse15 .cse16 .cse17)) (.cse1 (not .cse20)) (.cse9 (and .cse18 .cse19 .cse15 .cse16)) (.cse3 (not (= ~methaneLevelCritical~0 0))) (.cse8 (= 0 ~systemActive~0)) (.cse12 (not (<= |old(~waterLevel~0)| 2))) (.cse13 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse0 .cse5 .cse6 .cse3 .cse7 .cse8) (or .cse9 .cse10 .cse11 .cse8 .cse12 .cse13) (or .cse1 .cse2 .cse11 .cse12) (or .cse4 .cse0 .cse5 .cse6 .cse7 .cse11 .cse8) (or .cse4 .cse9 .cse10 .cse3 .cse8 .cse12 .cse13) (or .cse1 .cse3 .cse14) (or .cse9 .cse3 (not (= |old(~pumpRunning~0)| 1)) (and .cse15 .cse16 .cse17 (= ~pumpRunning~0 1)) .cse8 .cse12 .cse13))))) [2022-11-03 04:13:44,921 INFO L899 garLoopResultBuilder]: For program point L408-1(line 408) no Hoare annotation was computed. [2022-11-03 04:13:44,921 INFO L899 garLoopResultBuilder]: For program point L74-2(lines 70 92) no Hoare annotation was computed. [2022-11-03 04:13:44,922 INFO L899 garLoopResultBuilder]: For program point L136(lines 136 144) no Hoare annotation was computed. [2022-11-03 04:13:44,923 INFO L895 garLoopResultBuilder]: At program point L933(line 933) the Hoare annotation is: (let ((.cse9 (not (= |old(~waterLevel~0)| 2))) (.cse10 (= |old(~pumpRunning~0)| 0))) (let ((.cse5 (not (<= 2 |old(~waterLevel~0)|))) (.cse4 (not (<= |old(~waterLevel~0)| 2))) (.cse1 (not .cse10)) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse6 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse0 (not (<= |old(~waterLevel~0)| 1))) (.cse7 (and .cse10 .cse9)) (.cse8 (not (= ~methaneLevelCritical~0 1))) (.cse3 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2) (or .cse2 (not (= |old(~pumpRunning~0)| 1)) .cse3 .cse4 .cse5) (or .cse6 .cse7 .cse2 .cse3 .cse4) (or .cse8 .cse3 .cse4 .cse5) (or .cse1 .cse8 .cse4) (or .cse1 .cse2 .cse9) (or .cse6 .cse0 .cse7 .cse8 .cse3)))) [2022-11-03 04:13:44,924 INFO L895 garLoopResultBuilder]: At program point L132(lines 132 149) the Hoare annotation is: (let ((.cse8 (= 0 ~systemActive~0))) (let ((.cse3 (= ~pumpRunning~0 0)) (.cse9 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse17 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse4 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse5 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse6 (not .cse8)) (.cse18 (= |old(~pumpRunning~0)| 0)) (.cse16 (not (= |old(~waterLevel~0)| 2)))) (let ((.cse10 (not (<= 2 |old(~waterLevel~0)|))) (.cse7 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse14 (and .cse18 .cse16)) (.cse15 (and (not (= ~switchedOnBeforeTS~0 0)) .cse9 (<= ~waterLevel~0 0) (or (and .cse17 (< 0 |old(~waterLevel~0)|)) .cse4) .cse5 .cse6)) (.cse13 (not (<= |old(~waterLevel~0)| 1))) (.cse0 (not .cse18)) (.cse12 (not (= ~methaneLevelCritical~0 1))) (.cse2 (not (<= |old(~waterLevel~0)| 2))) (.cse1 (not (= ~methaneLevelCritical~0 0))) (.cse11 (or (and .cse3 .cse4) (and (not .cse3) .cse17)))) (and (or .cse0 .cse1 .cse2 (and .cse3 .cse4 .cse5 .cse6)) (or .cse7 .cse1 .cse8 .cse2 (and .cse9 (= ~waterLevel~0 1) .cse5) .cse10 (= |old(~switchedOnBeforeTS~0)| 0)) (or (and .cse9 .cse11 .cse5) .cse12 .cse8 .cse2 .cse10) (or .cse7 .cse13 .cse14 .cse1 .cse15 .cse8) (or .cse7 .cse13 .cse14 .cse12 .cse15 .cse8) (or .cse13 .cse0 (and .cse3 .cse4 .cse5) .cse12) (or .cse0 .cse12 .cse2 .cse6) (or .cse1 (not (= |old(~pumpRunning~0)| 1)) (and .cse11 .cse5 (= ~pumpRunning~0 1)) .cse16 .cse8))))) [2022-11-03 04:13:44,925 INFO L895 garLoopResultBuilder]: At program point L393(line 393) the Hoare annotation is: (let ((.cse14 (not (= |old(~waterLevel~0)| 2))) (.cse13 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse15 (= |old(~pumpRunning~0)| 0))) (let ((.cse8 (not (= ~switchedOnBeforeTS~0 0))) (.cse10 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse1 (not .cse15)) (.cse6 (and (= ~pumpRunning~0 0) .cse13)) (.cse7 (not (= ~methaneLevelCritical~0 0))) (.cse12 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse5 (not (<= |old(~waterLevel~0)| 1))) (.cse11 (and .cse15 .cse14)) (.cse2 (not (= ~methaneLevelCritical~0 1))) (.cse9 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse1 .cse6 .cse7) (or .cse0 .cse1 .cse7 .cse3 .cse4) (or .cse8 .cse1 .cse7 .cse9 .cse3 .cse10) (or .cse0 .cse11 .cse7 (and .cse12 .cse13 .cse4) .cse9 .cse3) (or .cse8 .cse1 .cse2 .cse9 .cse3 .cse10) (or (and .cse12 .cse13) .cse2 .cse14 .cse9) (or .cse1 .cse6 .cse2 .cse3) (or .cse1 .cse6 .cse7 .cse14) (or .cse7 (not (= |old(~pumpRunning~0)| 1)) .cse14 .cse9 (and .cse13 (= ~pumpRunning~0 1))) (or .cse0 (and .cse12 .cse4) .cse2 .cse9 .cse3) (or .cse0 .cse5 .cse11 .cse2 .cse13 .cse9)))) [2022-11-03 04:13:44,925 INFO L895 garLoopResultBuilder]: At program point L393-1(line 393) the Hoare annotation is: (let ((.cse7 (= 0 ~systemActive~0)) (.cse9 (= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse22 (= |old(~pumpRunning~0)| 0)) (.cse6 (not (= |old(~waterLevel~0)| 2))) (.cse18 (or .cse9 (= ~waterLevel~0 1))) (.cse4 (not .cse7)) (.cse17 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse20 (= ~pumpRunning~0 0)) (.cse8 (= ~pumpRunning~0 |timeShift___utac_acc__Specification5_spec__2_#t~ret22#1|))) (let ((.cse1 (and .cse17 .cse20 .cse8 .cse9 .cse7)) (.cse16 (not (= ~switchedOnBeforeTS~0 0))) (.cse13 (not (<= |old(~waterLevel~0)| 1))) (.cse14 (and .cse17 .cse20 .cse8 .cse9 .cse18 .cse4)) (.cse21 (not (= |old(~waterLevel~0)| 1))) (.cse5 (not (= ~methaneLevelCritical~0 0))) (.cse15 (and .cse22 .cse6)) (.cse19 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse10 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse0 (not .cse22)) (.cse2 (not (= ~methaneLevelCritical~0 1))) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse11 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse12 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 (not (= |old(~pumpRunning~0)| 1)) .cse6 .cse7 (and .cse8 .cse9 (= ~pumpRunning~0 1))) (or .cse10 .cse0 .cse5 .cse7 .cse3 .cse11 .cse12) (or .cse13 .cse0 .cse5 .cse14 .cse7) (or .cse10 .cse15 .cse2 .cse7 .cse3 (and .cse16 .cse17 .cse8 .cse18 .cse11 .cse4) .cse19) (or .cse0 .cse1 .cse5 .cse3 .cse4) (or .cse10 (and .cse16 .cse17 .cse8 .cse9 .cse18 .cse11 .cse4) .cse15 .cse5 .cse7 .cse3 .cse19) (or (and .cse17 .cse8 .cse9) .cse2 .cse6 .cse7) (or .cse13 .cse0 .cse14 .cse2 .cse7) (or .cse0 .cse5 (and .cse20 .cse8 .cse9) .cse6) (or .cse10 .cse0 .cse21 .cse2 .cse11) (or .cse10 .cse0 .cse21 .cse5 .cse11) (or .cse10 .cse15 (<= ~waterLevel~0 0) .cse2 .cse7 (not (<= |old(~waterLevel~0)| 0)) .cse19) (or .cse10 .cse0 .cse2 .cse7 .cse3 .cse11 .cse12))))) [2022-11-03 04:13:44,927 INFO L899 garLoopResultBuilder]: For program point L410(lines 410 420) no Hoare annotation was computed. [2022-11-03 04:13:44,927 INFO L899 garLoopResultBuilder]: For program point L406(lines 406 423) no Hoare annotation was computed. [2022-11-03 04:13:44,928 INFO L895 garLoopResultBuilder]: At program point L406-1(lines 398 426) the Hoare annotation is: (let ((.cse10 (= 0 ~systemActive~0)) (.cse34 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse33 (< 0 |old(~waterLevel~0)|)) (.cse35 (= ~methaneLevelCritical~0 0))) (let ((.cse27 (= ~methaneLevelCritical~0 1)) (.cse8 (not .cse35)) (.cse32 (and .cse34 .cse33)) (.cse29 (= |old(~pumpRunning~0)| 0)) (.cse12 (not (= |old(~waterLevel~0)| 2))) (.cse15 (not (= ~switchedOnBeforeTS~0 0))) (.cse30 (<= ~waterLevel~0 1)) (.cse17 (= |timeShift___utac_acc__Specification5_spec__3_~tmp___0~3#1| 0)) (.cse24 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse16 (= ~pumpRunning~0 0)) (.cse23 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~6#1| 2)) (.cse28 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse19 (= |timeShift___utac_acc__Specification5_spec__3_~tmp~6#1| ~waterLevel~0)) (.cse26 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse4 (not .cse10))) (let ((.cse9 (and .cse28 .cse34 .cse19 .cse26 .cse4)) (.cse3 (and .cse16 .cse23 .cse10 .cse19 .cse26)) (.cse21 (and .cse28 .cse16 .cse35 .cse30 .cse17 .cse24 .cse10 .cse19 .cse26)) (.cse7 (and .cse15 .cse16 .cse34 .cse17 .cse19 .cse4)) (.cse25 (= ~pumpRunning~0 1)) (.cse2 (not (<= |old(~waterLevel~0)| 2))) (.cse5 (not (<= 2 |old(~waterLevel~0)|))) (.cse6 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse14 (and .cse29 .cse12)) (.cse18 (or (and (not .cse33) .cse24) .cse32)) (.cse20 (let ((.cse31 (not .cse16))) (and .cse28 (or .cse31 .cse8) (or .cse31 (= 2 ~waterLevel~0)) (<= ~waterLevel~0 0) (or .cse32 .cse24) .cse19 .cse26 .cse4))) (.cse13 (not (<= |old(~waterLevel~0)| 1))) (.cse22 (and .cse28 .cse16 .cse30 .cse17 .cse24 .cse19 .cse26)) (.cse0 (not .cse29)) (.cse11 (and .cse28 .cse16 .cse27 .cse23 .cse24 .cse19 .cse4)) (.cse1 (not .cse27))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or .cse6 .cse7 .cse8 .cse9 .cse10 .cse2 .cse5 (= |old(~switchedOnBeforeTS~0)| 0)) (or .cse7 .cse11 .cse1 .cse9 .cse12 .cse10) (or .cse6 .cse13 .cse14 .cse8 (and .cse15 .cse16 .cse17 .cse18 .cse19 .cse4) .cse10 .cse20) (or .cse0 .cse8 .cse2 .cse3 .cse4 .cse21) (or .cse0 .cse22 .cse8 .cse10 .cse2 (and .cse23 .cse24 .cse19 .cse25) (and .cse16 .cse23 .cse24 .cse19 .cse26 .cse4)) (or .cse13 .cse0 .cse8 .cse4 .cse21) (or .cse7 .cse8 (not (= |old(~pumpRunning~0)| 1)) (and (= ~waterLevel~0 1) .cse19 .cse26 .cse25) .cse10 .cse2 .cse5) (or .cse6 .cse13 .cse14 (and .cse15 .cse16 .cse17 .cse18 .cse19) .cse1 .cse10 .cse20) (or .cse13 .cse0 .cse22 .cse1) (or .cse0 .cse11 .cse1 .cse12 .cse10))))) [2022-11-03 04:13:44,929 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 67 93) the Hoare annotation is: (let ((.cse14 (not (= |old(~waterLevel~0)| 2))) (.cse13 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse15 (= |old(~pumpRunning~0)| 0))) (let ((.cse8 (not (= ~switchedOnBeforeTS~0 0))) (.cse10 (= |old(~switchedOnBeforeTS~0)| 0)) (.cse1 (not .cse15)) (.cse6 (and (= ~pumpRunning~0 0) .cse13)) (.cse7 (not (= ~methaneLevelCritical~0 0))) (.cse12 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse4 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse3 (not (<= |old(~waterLevel~0)| 2))) (.cse0 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse5 (not (<= |old(~waterLevel~0)| 1))) (.cse11 (and .cse15 .cse14)) (.cse2 (not (= ~methaneLevelCritical~0 1))) (.cse9 (= 0 ~systemActive~0))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse1 .cse6 .cse7) (or .cse0 .cse1 .cse7 .cse3 .cse4) (or .cse8 .cse1 .cse7 .cse9 .cse3 .cse10) (or .cse0 .cse11 .cse7 (and .cse12 .cse13 .cse4) .cse9 .cse3) (or .cse8 .cse1 .cse2 .cse9 .cse3 .cse10) (or (and .cse12 .cse13) .cse2 .cse14 .cse9) (or .cse1 .cse6 .cse2 .cse3) (or .cse1 .cse6 .cse7 .cse14) (or .cse7 (not (= |old(~pumpRunning~0)| 1)) .cse14 .cse9 (and .cse13 (= ~pumpRunning~0 1))) (or .cse0 (and .cse12 .cse4) .cse2 .cse9 .cse3) (or .cse0 .cse5 .cse11 .cse2 .cse13 .cse9)))) [2022-11-03 04:13:44,929 INFO L895 garLoopResultBuilder]: At program point L142(line 142) the Hoare annotation is: (let ((.cse9 (not (= |old(~waterLevel~0)| 2))) (.cse15 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse12 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse13 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse14 (= |old(~pumpRunning~0)| 0))) (let ((.cse1 (not .cse14)) (.cse4 (and .cse15 .cse12 .cse13)) (.cse8 (not (= ~methaneLevelCritical~0 1))) (.cse3 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse0 (not (<= |old(~waterLevel~0)| 1))) (.cse10 (and .cse15 (<= ~waterLevel~0 0) (or (and .cse12 (< 0 |old(~waterLevel~0)|)) (= |old(~waterLevel~0)| ~waterLevel~0)) .cse13)) (.cse11 (and .cse14 .cse9)) (.cse2 (not (= ~methaneLevelCritical~0 0))) (.cse5 (= 0 ~systemActive~0)) (.cse6 (not (<= |old(~waterLevel~0)| 2))) (.cse7 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 .cse1 .cse2) (or .cse3 .cse4 .cse2 .cse5 .cse6 .cse7) (or .cse1 .cse8 .cse6) (or .cse1 .cse2 .cse9) (or .cse4 .cse8 .cse9 .cse5) (or .cse3 .cse0 .cse10 .cse11 .cse8 .cse5) (or .cse3 .cse0 .cse10 .cse11 .cse2 .cse5) (or .cse2 (not (= |old(~pumpRunning~0)| 1)) .cse5 .cse6 (and .cse12 .cse13 (= ~pumpRunning~0 1)) .cse7)))) [2022-11-03 04:13:44,929 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 67 93) no Hoare annotation was computed. [2022-11-03 04:13:44,930 INFO L895 garLoopResultBuilder]: At program point L138(line 138) the Hoare annotation is: (let ((.cse2 (= 0 ~systemActive~0))) (let ((.cse18 (< 0 |old(~waterLevel~0)|)) (.cse20 (not (= ~pumpRunning~0 0))) (.cse7 (not (= ~methaneLevelCritical~0 0))) (.cse17 (not (= |old(~waterLevel~0)| 2))) (.cse21 (= |old(~pumpRunning~0)| 0)) (.cse10 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse19 (= |old(~waterLevel~0)| (+ ~waterLevel~0 1))) (.cse15 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse16 (not .cse2))) (let ((.cse0 (and .cse10 .cse19 .cse15 .cse16)) (.cse4 (not (<= 2 |old(~waterLevel~0)|))) (.cse5 (not (<= |old(~waterLevel~0)| 1))) (.cse1 (not (= ~methaneLevelCritical~0 1))) (.cse6 (not .cse21)) (.cse8 (not (= |old(~switchedOnBeforeTS~0)| |old(~pumpRunning~0)|))) (.cse9 (and .cse21 .cse17)) (.cse11 (or .cse20 .cse7)) (.cse12 (or .cse20 (= 2 ~waterLevel~0))) (.cse14 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse13 (and .cse19 .cse18)) (.cse3 (not (<= |old(~waterLevel~0)| 2)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse6 .cse7) (or .cse8 .cse5 .cse9 (and .cse10 .cse11 .cse12 (<= ~waterLevel~0 0) (or .cse13 .cse14) .cse15 .cse16) .cse1 .cse2) (or .cse0 .cse7 (not (= |old(~pumpRunning~0)| 1)) .cse2 .cse3 .cse4) (or .cse6 .cse1 .cse17) (or .cse5 .cse6 .cse1) (or .cse6 .cse7 .cse17) (or .cse8 .cse9 .cse7 (and .cse10 .cse11 .cse12 (or (and (not .cse18) .cse14) .cse13) .cse15 .cse16) .cse2 .cse3))))) [2022-11-03 04:13:44,930 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 933) no Hoare annotation was computed. [2022-11-03 04:13:44,931 INFO L895 garLoopResultBuilder]: At program point L287(line 287) the Hoare annotation is: (let ((.cse4 (= 2 ~waterLevel~0)) (.cse2 (= ~methaneLevelCritical~0 0)) (.cse3 (not (= ~pumpRunning~0 0))) (.cse5 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse6 (= |ULTIMATE.start_main_~tmp~10#1| 1)) (.cse7 (not (= 0 ~systemActive~0)))) (let ((.cse1 (or (and .cse4 (not .cse2) .cse5 .cse6 .cse7) (and .cse3 .cse5 .cse6 .cse7))) (.cse0 (= ~methaneLevelCritical~0 1))) (or (and (<= ~waterLevel~0 1) .cse0 .cse1) (and .cse2 (<= ~waterLevel~0 2) .cse1) (and .cse3 .cse4 .cse0 .cse5 .cse6 .cse7)))) [2022-11-03 04:13:44,931 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-03 04:13:44,931 INFO L902 garLoopResultBuilder]: At program point L371(lines 308 375) the Hoare annotation is: true [2022-11-03 04:13:44,933 INFO L899 garLoopResultBuilder]: For program point L338(lines 338 344) no Hoare annotation was computed. [2022-11-03 04:13:44,933 INFO L899 garLoopResultBuilder]: For program point L338-1(lines 338 344) no Hoare annotation was computed. [2022-11-03 04:13:44,933 INFO L895 garLoopResultBuilder]: At program point L330(line 330) the Hoare annotation is: (let ((.cse1 (= ~methaneLevelCritical~0 0))) (let ((.cse0 (= ~pumpRunning~0 0)) (.cse8 (= 2 ~waterLevel~0)) (.cse9 (or (not .cse1) (= ~pumpRunning~0 1))) (.cse2 (<= ~waterLevel~0 1)) (.cse7 (= ~methaneLevelCritical~0 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (= |ULTIMATE.start_main_~tmp~10#1| 1)) (.cse5 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse6 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse6) (and .cse0 .cse2 .cse7 .cse3 .cse4 .cse6) (and .cse0 .cse8 .cse1 .cse3 .cse4 .cse6) (and .cse0 .cse7 .cse3 (<= ~waterLevel~0 2) .cse4 .cse5) (and .cse0 .cse8 .cse9 .cse7 .cse3 .cse4 .cse6) (and .cse1 .cse3 (<= ~waterLevel~0 0) .cse4 .cse5 .cse6) (and .cse0 .cse8 .cse1 .cse3 .cse4 .cse5) (and .cse1 .cse3 (= ~waterLevel~0 1) .cse4 .cse5 .cse6) (and .cse8 .cse1 .cse9 .cse3 .cse4 .cse6) (and .cse2 .cse7 .cse3 .cse4 .cse5 .cse6)))) [2022-11-03 04:13:44,934 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-03 04:13:44,934 INFO L899 garLoopResultBuilder]: For program point L285(lines 285 291) no Hoare annotation was computed. [2022-11-03 04:13:44,934 INFO L895 garLoopResultBuilder]: At program point L285-1(lines 285 291) the Hoare annotation is: (let ((.cse1 (= ~methaneLevelCritical~0 1)) (.cse0 (= ~pumpRunning~0 0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (= |ULTIMATE.start_main_~tmp~10#1| 1))) (or (and .cse0 (<= ~waterLevel~0 1) .cse1 .cse2 .cse3) (and .cse0 (= 2 ~waterLevel~0) .cse1 .cse2 .cse3) (and .cse0 (= ~methaneLevelCritical~0 0) .cse2 (<= ~waterLevel~0 2) .cse3))) [2022-11-03 04:13:44,934 INFO L895 garLoopResultBuilder]: At program point L880(lines 880 887) the Hoare annotation is: (and (= ~pumpRunning~0 0) (= ~methaneLevelCritical~0 0) (= ~waterLevel~0 1) (= |ULTIMATE.start_main_~tmp~10#1| 1) (= ~pumpRunning~0 ~switchedOnBeforeTS~0) (not (= 0 ~systemActive~0))) [2022-11-03 04:13:44,935 INFO L895 garLoopResultBuilder]: At program point L368(lines 317 369) the Hoare annotation is: false [2022-11-03 04:13:44,935 INFO L902 garLoopResultBuilder]: At program point L880-2(lines 880 887) the Hoare annotation is: true [2022-11-03 04:13:44,935 INFO L899 garLoopResultBuilder]: For program point L356(lines 356 362) no Hoare annotation was computed. [2022-11-03 04:13:44,935 INFO L895 garLoopResultBuilder]: At program point L356-2(lines 348 363) the Hoare annotation is: (let ((.cse5 (= ~pumpRunning~0 0)) (.cse1 (= ~methaneLevelCritical~0 0)) (.cse7 (<= ~waterLevel~0 2)) (.cse8 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse0 (= 2 ~waterLevel~0)) (.cse6 (= ~methaneLevelCritical~0 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (= |ULTIMATE.start_main_~tmp~10#1| 1)) (.cse4 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 (= ~pumpRunning~0 1)) (and .cse5 .cse0 .cse1 .cse2 .cse3) (and .cse5 .cse6 .cse2 .cse7 .cse3) (and .cse1 .cse2 .cse7 .cse3 .cse8 .cse4) (and .cse5 .cse1 (<= ~waterLevel~0 1) .cse2 .cse3) (and .cse6 .cse2 .cse7 .cse3 .cse8 .cse4) (and .cse0 .cse6 .cse2 .cse3 .cse4))) [2022-11-03 04:13:44,936 INFO L899 garLoopResultBuilder]: For program point L319(lines 318 367) no Hoare annotation was computed. [2022-11-03 04:13:44,936 INFO L895 garLoopResultBuilder]: At program point L348(lines 348 363) the Hoare annotation is: (let ((.cse0 (= ~pumpRunning~0 0)) (.cse1 (= ~methaneLevelCritical~0 0)) (.cse6 (<= ~waterLevel~0 2)) (.cse7 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse5 (= 2 ~waterLevel~0)) (.cse8 (= ~methaneLevelCritical~0 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (= |ULTIMATE.start_main_~tmp~10#1| 1)) (.cse4 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 (<= ~waterLevel~0 1) .cse2 .cse3 .cse4) (and .cse5 .cse1 .cse2 .cse3 .cse4 (= ~pumpRunning~0 1)) (and .cse1 .cse2 .cse6 .cse3 .cse7 .cse4) (and .cse0 .cse8 .cse2 .cse6 .cse3 .cse4) (and .cse0 .cse5 .cse1 .cse2 .cse3 .cse4) (and .cse0 .cse8 .cse2 .cse6 .cse3 .cse7) (and .cse8 .cse2 .cse6 .cse3 .cse7 .cse4) (and .cse0 .cse1 .cse2 .cse6 .cse3 .cse7) (and .cse5 .cse8 .cse2 .cse3 .cse4))) [2022-11-03 04:13:44,937 INFO L895 garLoopResultBuilder]: At program point L340(line 340) the Hoare annotation is: (let ((.cse9 (= ~pumpRunning~0 0))) (let ((.cse10 (= 0 ~systemActive~0)) (.cse0 (= 2 ~waterLevel~0)) (.cse12 (not .cse9)) (.cse1 (= ~methaneLevelCritical~0 0))) (let ((.cse5 (or .cse12 (not .cse1))) (.cse7 (or .cse12 .cse0)) (.cse4 (not .cse10)) (.cse11 (= ~methaneLevelCritical~0 1)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse6 (<= ~waterLevel~0 2)) (.cse3 (= |ULTIMATE.start_main_~tmp~10#1| 1)) (.cse8 (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4) (and .cse1 .cse5 .cse2 .cse6 .cse7 .cse3 .cse8 .cse4) (and .cse9 .cse1 (<= ~waterLevel~0 1) .cse2 .cse3 .cse4) (and .cse9 .cse1 .cse2 .cse6 .cse10 .cse3 .cse8) (and .cse9 .cse11 .cse2 .cse6 .cse3 .cse4) (and .cse5 .cse11 .cse2 .cse6 .cse7 .cse3 .cse8 .cse4) (and .cse9 .cse11 .cse2 .cse6 .cse10 .cse3 .cse8))))) [2022-11-03 04:13:44,938 INFO L895 garLoopResultBuilder]: At program point L365(lines 318 367) the Hoare annotation is: (let ((.cse6 (= ~methaneLevelCritical~0 0))) (let ((.cse9 (or (not .cse6) (= ~pumpRunning~0 1))) (.cse0 (= ~pumpRunning~0 0)) (.cse8 (= 2 ~waterLevel~0)) (.cse2 (= ~methaneLevelCritical~0 1)) (.cse1 (<= ~waterLevel~0 1)) (.cse3 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse4 (= |ULTIMATE.start_main_~tmp~10#1| 1)) (.cse5 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse7 (not (= 0 ~systemActive~0)))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse6 .cse1 .cse3 .cse4 .cse5) (and .cse0 .cse6 .cse1 .cse3 .cse4 .cse7) (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse7) (and .cse0 .cse8 .cse6 .cse3 .cse4 .cse7) (and .cse0 .cse8 .cse9 .cse2 .cse3 .cse4 .cse7) (and .cse0 .cse8 .cse6 .cse3 .cse4 .cse5) (and .cse8 .cse6 .cse9 .cse3 .cse4 .cse7) (and .cse0 .cse8 .cse2 .cse3 .cse4 .cse5) (and .cse1 .cse2 .cse3 .cse4 .cse5 .cse7) (and .cse6 .cse1 .cse3 .cse4 .cse5 .cse7)))) [2022-11-03 04:13:44,939 INFO L899 garLoopResultBuilder]: For program point L328(lines 328 334) no Hoare annotation was computed. [2022-11-03 04:13:44,939 INFO L899 garLoopResultBuilder]: For program point L328-1(lines 328 334) no Hoare annotation was computed. [2022-11-03 04:13:44,939 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 102 126) the Hoare annotation is: (let ((.cse0 (not (<= ~waterLevel~0 2))) (.cse1 (= 0 ~systemActive~0)) (.cse2 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse3 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 (not (= ~methaneLevelCritical~0 1)) .cse1 .cse2 .cse3) (or (not (= ~methaneLevelCritical~0 0)) .cse0 .cse1 .cse2 .cse3))) [2022-11-03 04:13:44,940 INFO L895 garLoopResultBuilder]: At program point L116(line 116) the Hoare annotation is: (let ((.cse0 (not (= ~methaneLevelCritical~0 0))) (.cse3 (= ~switchedOnBeforeTS~0 0)) (.cse5 (and (or (<= 2 ~waterLevel~0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~0#1| 0)) (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (.cse1 (not (<= ~waterLevel~0 2))) (.cse6 (not (= ~methaneLevelCritical~0 1))) (.cse2 (= 0 ~systemActive~0)) (.cse4 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse0 .cse5 .cse1 .cse2 .cse4) (or .cse1 .cse6 .cse2 .cse3 .cse4) (or .cse5 .cse1 .cse6 .cse2 .cse4))) [2022-11-03 04:13:44,940 INFO L895 garLoopResultBuilder]: At program point L110(lines 110 118) the Hoare annotation is: (let ((.cse0 (not (= ~methaneLevelCritical~0 0))) (.cse3 (= ~switchedOnBeforeTS~0 0)) (.cse5 (and (or (<= 2 ~waterLevel~0) (= |processEnvironment__wrappee__highWaterSensor_~tmp~0#1| 0)) (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (.cse1 (not (<= ~waterLevel~0 2))) (.cse6 (not (= ~methaneLevelCritical~0 1))) (.cse2 (= 0 ~systemActive~0)) (.cse4 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse0 .cse5 .cse1 .cse2 .cse4) (or .cse1 .cse6 .cse2 .cse3 .cse4) (or .cse5 .cse1 .cse6 .cse2 .cse4))) [2022-11-03 04:13:44,940 INFO L895 garLoopResultBuilder]: At program point L106(lines 106 123) the Hoare annotation is: (let ((.cse0 (not (<= ~waterLevel~0 2))) (.cse1 (= 0 ~systemActive~0)) (.cse2 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse3 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 (not (= ~methaneLevelCritical~0 1)) .cse1 .cse2 .cse3) (or (not (= ~methaneLevelCritical~0 0)) .cse0 .cse1 .cse2 .cse3))) [2022-11-03 04:13:44,941 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 102 126) no Hoare annotation was computed. [2022-11-03 04:13:44,941 INFO L895 garLoopResultBuilder]: At program point L121(line 121) the Hoare annotation is: (let ((.cse3 (= ~pumpRunning~0 ~switchedOnBeforeTS~0)) (.cse5 (not (= ~methaneLevelCritical~0 0))) (.cse6 (not (= |old(~pumpRunning~0)| 0))) (.cse0 (not (<= ~waterLevel~0 2))) (.cse1 (not (= ~methaneLevelCritical~0 1))) (.cse2 (= 0 ~systemActive~0)) (.cse4 (not (= ~switchedOnBeforeTS~0 |old(~pumpRunning~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse0 .cse2 .cse3 .cse4) (or .cse6 .cse5 .cse0 .cse2 .cse4) (or .cse6 .cse0 .cse1 .cse2 .cse4))) [2022-11-03 04:13:44,941 INFO L899 garLoopResultBuilder]: For program point L121-1(lines 102 126) no Hoare annotation was computed. [2022-11-03 04:13:44,943 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 952 963) no Hoare annotation was computed. [2022-11-03 04:13:44,944 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 952 963) the Hoare annotation is: (let ((.cse3 (= 0 ~systemActive~0)) (.cse10 (= ~pumpRunning~0 0)) (.cse11 (= ~methaneLevelCritical~0 0))) (let ((.cse4 (not (<= |old(~waterLevel~0)| 2))) (.cse1 (not .cse11)) (.cse0 (not .cse10)) (.cse5 (let ((.cse9 (and .cse11 (not (= ~pumpRunning~0 1))))) (and (or .cse9 (not (= |old(~waterLevel~0)| 2)) .cse3) (or .cse10 (not (= |old(~waterLevel~0)| 1)) .cse9 .cse3)))) (.cse8 (not (<= |old(~waterLevel~0)| 1))) (.cse6 (not (= ~methaneLevelCritical~0 1))) (.cse7 (not (= ~pumpRunning~0 ~switchedOnBeforeTS~0))) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse1 .cse2 (not (<= 2 |old(~waterLevel~0)|))) (or .cse0 .cse6 .cse7 .cse2 .cse4) (or .cse0 .cse1 .cse7 .cse2 .cse4) (or .cse8 .cse0 .cse6 .cse2 .cse3) (or .cse8 .cse1 .cse7 .cse2 .cse3) (or .cse0 .cse5 .cse6 .cse2) (or .cse8 .cse6 .cse7 .cse2 .cse3)))) [2022-11-03 04:13:44,944 INFO L899 garLoopResultBuilder]: For program point isPumpRunningEXIT(lines 198 206) no Hoare annotation was computed. [2022-11-03 04:13:44,944 INFO L902 garLoopResultBuilder]: At program point isPumpRunningENTRY(lines 198 206) the Hoare annotation is: true [2022-11-03 04:13:44,949 INFO L444 BasicCegarLoop]: Path program histogram: [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-03 04:13:44,952 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-03 04:13:45,058 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 03.11 04:13:45 BoogieIcfgContainer [2022-11-03 04:13:45,058 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-03 04:13:45,059 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-03 04:13:45,059 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-03 04:13:45,059 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-03 04:13:45,060 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 03.11 04:10:58" (3/4) ... [2022-11-03 04:13:45,064 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-03 04:13:45,071 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-11-03 04:13:45,071 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-03 04:13:45,071 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-03 04:13:45,071 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-03 04:13:45,071 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-03 04:13:45,072 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-03 04:13:45,072 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-03 04:13:45,072 INFO L354 RCFGBacktranslator]: Ignoring RootEdge to procedure isPumpRunning [2022-11-03 04:13:45,085 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 81 nodes and edges [2022-11-03 04:13:45,086 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 28 nodes and edges [2022-11-03 04:13:45,087 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 12 nodes and edges [2022-11-03 04:13:45,088 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-03 04:13:45,088 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-11-03 04:13:45,089 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 04:13:45,089 INFO L910 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-03 04:13:45,121 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((((!(\old(pumpRunning) == 0) || ((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel) && 0 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && ((((!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || 0 == systemActive) || ((pumpRunning == aux-isPumpRunning()-aux && \old(waterLevel) == waterLevel) && pumpRunning == 1))) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || pumpRunning == switchedOnBeforeTS) || !(2 <= \old(waterLevel)))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0)) || (((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && !(0 == systemActive))) || 0 == systemActive)) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || (\old(pumpRunning) == 0 && !(\old(waterLevel) == 2))) || !(methaneLevelCritical == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || (((((!(switchedOnBeforeTS == 0) && pumpRunning == \old(pumpRunning)) && pumpRunning == aux-isPumpRunning()-aux) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))) || \old(switchedOnBeforeTS) == 0)) && ((((!(\old(pumpRunning) == 0) || ((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel) && 0 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || ((((((!(switchedOnBeforeTS == 0) && pumpRunning == \old(pumpRunning)) && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))) || (\old(pumpRunning) == 0 && !(\old(waterLevel) == 2))) || !(methaneLevelCritical == 0)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || \old(switchedOnBeforeTS) == 0)) && (((((pumpRunning == \old(pumpRunning) && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || 0 == systemActive)) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && !(0 == systemActive))) || !(methaneLevelCritical == 1)) || 0 == systemActive)) && (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || ((pumpRunning == 0 && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 1)) || pumpRunning == switchedOnBeforeTS)) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 0)) || pumpRunning == switchedOnBeforeTS)) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || (\old(pumpRunning) == 0 && !(\old(waterLevel) == 2))) || waterLevel <= 0) || !(methaneLevelCritical == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 0)) || \old(switchedOnBeforeTS) == 0)) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || pumpRunning == switchedOnBeforeTS) || !(2 <= \old(waterLevel))) [2022-11-03 04:13:45,122 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 1)) || (2 <= waterLevel && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS)) || (\old(pumpRunning) == 0 && !(\old(waterLevel) == 2))) || ((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))))) || !(methaneLevelCritical == 1)) || 0 == systemActive)) && ((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1))) && ((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && pumpRunning == switchedOnBeforeTS)) || (pumpRunning == \old(pumpRunning) && pumpRunning == 0)) || !(methaneLevelCritical == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS)) || (\old(pumpRunning) == 0 && !(\old(waterLevel) == 2))) || !(methaneLevelCritical == 0)) || ((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))))) || 0 == systemActive)) && ((((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && \old(waterLevel) == waterLevel) && 0 == systemActive) && pumpRunning == switchedOnBeforeTS) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 0))) && ((((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && \old(waterLevel) == waterLevel) && 0 == systemActive) && pumpRunning == switchedOnBeforeTS) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 0)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && methaneLevelCritical == 0) && !(0 == systemActive))) || !(2 <= \old(waterLevel))) || \old(switchedOnBeforeTS) == 0)) && (((((!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || 0 == systemActive) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && methaneLevelCritical == 0) && !(0 == systemActive))) || ((\old(waterLevel) == waterLevel + 1 && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) [2022-11-03 04:13:45,123 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) || ((((pumpRunning == 0 && tmp == 2) && 0 == systemActive) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(0 == systemActive)) || !(2 <= \old(waterLevel))) && (((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || (((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && tmp___0 == 0) && tmp == waterLevel) && !(0 == systemActive))) || !(methaneLevelCritical == 0)) || ((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || \old(switchedOnBeforeTS) == 0)) && ((((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && tmp___0 == 0) && tmp == waterLevel) && !(0 == systemActive)) || ((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && methaneLevelCritical == 1) && tmp == 2) && \old(waterLevel) == waterLevel) && tmp == waterLevel) && !(0 == systemActive))) || !(methaneLevelCritical == 1)) || ((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))) || !(\old(waterLevel) == 2)) || 0 == systemActive)) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (\old(pumpRunning) == 0 && !(\old(waterLevel) == 2))) || !(methaneLevelCritical == 0)) || (((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && tmp___0 == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == waterLevel) && !(0 == systemActive))) || 0 == systemActive) || (((((((pumpRunning == \old(pumpRunning) && (!(pumpRunning == 0) || !(methaneLevelCritical == 0))) && (!(pumpRunning == 0) || 2 == waterLevel)) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive)))) && (((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || ((((pumpRunning == 0 && tmp == 2) && 0 == systemActive) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(0 == systemActive)) || ((((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && methaneLevelCritical == 0) && waterLevel <= 1) && tmp___0 == 0) && \old(waterLevel) == waterLevel) && 0 == systemActive) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS))) && ((((((!(\old(pumpRunning) == 0) || ((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && waterLevel <= 1) && tmp___0 == 0) && \old(waterLevel) == waterLevel) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 0)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || (((tmp == 2 && \old(waterLevel) == waterLevel) && tmp == waterLevel) && pumpRunning == 1)) || (((((pumpRunning == 0 && tmp == 2) && \old(waterLevel) == waterLevel) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive)))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0)) || !(0 == systemActive)) || ((((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && methaneLevelCritical == 0) && waterLevel <= 1) && tmp___0 == 0) && \old(waterLevel) == waterLevel) && 0 == systemActive) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS))) && (((((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && tmp___0 == 0) && tmp == waterLevel) && !(0 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (((waterLevel == 1 && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (\old(pumpRunning) == 0 && !(\old(waterLevel) == 2))) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && tmp___0 == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == waterLevel)) || !(methaneLevelCritical == 1)) || 0 == systemActive) || (((((((pumpRunning == \old(pumpRunning) && (!(pumpRunning == 0) || !(methaneLevelCritical == 0))) && (!(pumpRunning == 0) || 2 == waterLevel)) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive)))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || ((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && waterLevel <= 1) && tmp___0 == 0) && \old(waterLevel) == waterLevel) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 1))) && ((((!(\old(pumpRunning) == 0) || ((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && methaneLevelCritical == 1) && tmp == 2) && \old(waterLevel) == waterLevel) && tmp == waterLevel) && !(0 == systemActive))) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || 0 == systemActive) [2022-11-03 04:13:45,123 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || (((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(methaneLevelCritical == 0)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS)) || !(2 <= \old(waterLevel))) || \old(switchedOnBeforeTS) == 0)) && ((((((pumpRunning == \old(pumpRunning) && ((pumpRunning == 0 && \old(waterLevel) == waterLevel) || (!(pumpRunning == 0) && \old(waterLevel) == waterLevel + 1))) && pumpRunning == switchedOnBeforeTS) || !(methaneLevelCritical == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (\old(pumpRunning) == 0 && !(\old(waterLevel) == 2))) || !(methaneLevelCritical == 0)) || (((((!(switchedOnBeforeTS == 0) && pumpRunning == \old(pumpRunning)) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))) || 0 == systemActive)) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (\old(pumpRunning) == 0 && !(\old(waterLevel) == 2))) || !(methaneLevelCritical == 1)) || (((((!(switchedOnBeforeTS == 0) && pumpRunning == \old(pumpRunning)) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))) || 0 == systemActive)) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 1))) && (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && ((((!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)) || ((((pumpRunning == 0 && \old(waterLevel) == waterLevel) || (!(pumpRunning == 0) && \old(waterLevel) == waterLevel + 1)) && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) || !(\old(waterLevel) == 2)) || 0 == systemActive) [2022-11-03 04:13:45,124 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0)) && ((((!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || (\old(pumpRunning) == 0 && !(\old(waterLevel) == 2))) || !(methaneLevelCritical == 0)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((!(methaneLevelCritical == 1) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (\old(pumpRunning) == 0 && !(\old(waterLevel) == 2))) || !(methaneLevelCritical == 1)) || 0 == systemActive) [2022-11-03 04:13:45,124 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && ((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 1)) || (2 <= waterLevel && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS)) || (\old(pumpRunning) == 0 && !(\old(waterLevel) == 2))) || ((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))))) || !(methaneLevelCritical == 1)) || 0 == systemActive)) && ((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1))) && ((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && pumpRunning == switchedOnBeforeTS)) || (pumpRunning == \old(pumpRunning) && pumpRunning == 0)) || !(methaneLevelCritical == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS)) || (\old(pumpRunning) == 0 && !(\old(waterLevel) == 2))) || !(methaneLevelCritical == 0)) || ((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))))) || 0 == systemActive)) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 0))) && (((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 0)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && methaneLevelCritical == 0) && !(0 == systemActive))) || !(2 <= \old(waterLevel))) || \old(switchedOnBeforeTS) == 0)) && (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((((!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || 0 == systemActive) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && methaneLevelCritical == 0) && !(0 == systemActive))) || ((\old(waterLevel) == waterLevel + 1 && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) [2022-11-03 04:13:45,125 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(waterLevel <= 2) || !(methaneLevelCritical == 1)) || 0 == systemActive) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning))) && ((((!(methaneLevelCritical == 0) || !(waterLevel <= 2)) || 0 == systemActive) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning))) [2022-11-03 04:13:45,129 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((!(methaneLevelCritical == 0) || !(waterLevel <= 2)) || 0 == systemActive) || switchedOnBeforeTS == 0) || !(switchedOnBeforeTS == \old(pumpRunning))) && ((((!(methaneLevelCritical == 0) || ((2 <= waterLevel || tmp == 0) && pumpRunning == switchedOnBeforeTS)) || !(waterLevel <= 2)) || 0 == systemActive) || !(switchedOnBeforeTS == \old(pumpRunning)))) && ((((!(waterLevel <= 2) || !(methaneLevelCritical == 1)) || 0 == systemActive) || switchedOnBeforeTS == 0) || !(switchedOnBeforeTS == \old(pumpRunning)))) && ((((((2 <= waterLevel || tmp == 0) && pumpRunning == switchedOnBeforeTS) || !(waterLevel <= 2)) || !(methaneLevelCritical == 1)) || 0 == systemActive) || !(switchedOnBeforeTS == \old(pumpRunning))) [2022-11-03 04:13:45,199 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/witness.graphml [2022-11-03 04:13:45,199 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-03 04:13:45,200 INFO L158 Benchmark]: Toolchain (without parser) took 168345.23ms. Allocated memory was 96.5MB in the beginning and 956.3MB in the end (delta: 859.8MB). Free memory was 54.3MB in the beginning and 491.0MB in the end (delta: -436.7MB). Peak memory consumption was 423.8MB. Max. memory is 16.1GB. [2022-11-03 04:13:45,201 INFO L158 Benchmark]: CDTParser took 0.39ms. Allocated memory is still 96.5MB. Free memory was 71.5MB in the beginning and 71.4MB in the end (delta: 47.7kB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-03 04:13:45,201 INFO L158 Benchmark]: CACSL2BoogieTranslator took 852.42ms. Allocated memory is still 96.5MB. Free memory was 54.2MB in the beginning and 64.0MB in the end (delta: -9.8MB). Peak memory consumption was 6.5MB. Max. memory is 16.1GB. [2022-11-03 04:13:45,201 INFO L158 Benchmark]: Boogie Procedure Inliner took 113.51ms. Allocated memory is still 96.5MB. Free memory was 64.0MB in the beginning and 61.2MB in the end (delta: 2.7MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. [2022-11-03 04:13:45,202 INFO L158 Benchmark]: Boogie Preprocessor took 67.95ms. Allocated memory is still 96.5MB. Free memory was 61.2MB in the beginning and 59.6MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-03 04:13:45,203 INFO L158 Benchmark]: RCFGBuilder took 1012.05ms. Allocated memory was 96.5MB in the beginning and 123.7MB in the end (delta: 27.3MB). Free memory was 59.4MB in the beginning and 87.3MB in the end (delta: -27.9MB). Peak memory consumption was 26.2MB. Max. memory is 16.1GB. [2022-11-03 04:13:45,204 INFO L158 Benchmark]: TraceAbstraction took 166146.28ms. Allocated memory was 123.7MB in the beginning and 956.3MB in the end (delta: 832.6MB). Free memory was 86.7MB in the beginning and 497.4MB in the end (delta: -410.7MB). Peak memory consumption was 590.3MB. Max. memory is 16.1GB. [2022-11-03 04:13:45,204 INFO L158 Benchmark]: Witness Printer took 140.82ms. Allocated memory is still 956.3MB. Free memory was 497.4MB in the beginning and 491.0MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-03 04:13:45,207 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.39ms. Allocated memory is still 96.5MB. Free memory was 71.5MB in the beginning and 71.4MB in the end (delta: 47.7kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 852.42ms. Allocated memory is still 96.5MB. Free memory was 54.2MB in the beginning and 64.0MB in the end (delta: -9.8MB). Peak memory consumption was 6.5MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 113.51ms. Allocated memory is still 96.5MB. Free memory was 64.0MB in the beginning and 61.2MB in the end (delta: 2.7MB). Peak memory consumption was 4.2MB. Max. memory is 16.1GB. * Boogie Preprocessor took 67.95ms. Allocated memory is still 96.5MB. Free memory was 61.2MB in the beginning and 59.6MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 1012.05ms. Allocated memory was 96.5MB in the beginning and 123.7MB in the end (delta: 27.3MB). Free memory was 59.4MB in the beginning and 87.3MB in the end (delta: -27.9MB). Peak memory consumption was 26.2MB. Max. memory is 16.1GB. * TraceAbstraction took 166146.28ms. Allocated memory was 123.7MB in the beginning and 956.3MB in the end (delta: 832.6MB). Free memory was 86.7MB in the beginning and 497.4MB in the end (delta: -410.7MB). Peak memory consumption was 590.3MB. Max. memory is 16.1GB. * Witness Printer took 140.82ms. Allocated memory is still 956.3MB. Free memory was 497.4MB in the beginning and 491.0MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 933]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 66 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 165.9s, OverallIterations: 11, TraceHistogramMax: 5, PathProgramHistogramMax: 1, EmptinessCheckTime: 0.1s, AutomataDifference: 18.7s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 57.8s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 4655 SdHoareTripleChecker+Valid, 9.0s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 4614 mSDsluCounter, 4851 SdHoareTripleChecker+Invalid, 7.4s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 4641 mSDsCounter, 3286 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 8885 IncrementalHoareTripleChecker+Invalid, 12171 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 3286 mSolverCounterUnsat, 1034 mSDtfsCounter, 8885 mSolverCounterSat, 0.1s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 1356 GetRequests, 896 SyntacticMatches, 8 SemanticMatches, 452 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 17708 ImplicationChecksByTransitivity, 52.8s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1733occurred in iteration=10, InterpolantAutomatonStates: 283, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 0.9s AutomataMinimizationTime, 11 MinimizatonAttempts, 1408 StatesRemovedByMinimization, 8 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 39 LocationsWithAnnotation, 4911 PreInvPairs, 6401 NumberOfFragments, 5967 HoareAnnotationTreeSize, 4911 FomulaSimplifications, 95448 FormulaSimplificationTreeSizeReduction, 18.1s HoareSimplificationTime, 39 FomulaSimplificationsInter, 283627 FormulaSimplificationTreeSizeReductionInter, 39.4s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.1s SsaConstructionTime, 0.5s SatisfiabilityAnalysisTime, 7.0s InterpolantComputationTime, 825 NumberOfCodeBlocks, 825 NumberOfCodeBlocksAsserted, 15 NumberOfCheckSat, 1118 ConstructedInterpolants, 0 QuantifiedInterpolants, 3769 SizeOfPredicates, 34 NumberOfNonLiveVariables, 2086 ConjunctsInSsa, 94 ConjunctsInUnsatCore, 19 InterpolantComputations, 7 PerfectInterpolantSequences, 445/650 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: No data available, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 880]: Loop Invariant Derived loop invariant: ((((pumpRunning == 0 && methaneLevelCritical == 0) && waterLevel == 1) && tmp == 1) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive) - InvariantResult [Line: 398]: Loop Invariant Derived loop invariant: ((((((((((((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) || ((((pumpRunning == 0 && tmp == 2) && 0 == systemActive) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(0 == systemActive)) || !(2 <= \old(waterLevel))) && (((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || (((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && tmp___0 == 0) && tmp == waterLevel) && !(0 == systemActive))) || !(methaneLevelCritical == 0)) || ((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel))) || \old(switchedOnBeforeTS) == 0)) && ((((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && tmp___0 == 0) && tmp == waterLevel) && !(0 == systemActive)) || ((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && methaneLevelCritical == 1) && tmp == 2) && \old(waterLevel) == waterLevel) && tmp == waterLevel) && !(0 == systemActive))) || !(methaneLevelCritical == 1)) || ((((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))) || !(\old(waterLevel) == 2)) || 0 == systemActive)) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (\old(pumpRunning) == 0 && !(\old(waterLevel) == 2))) || !(methaneLevelCritical == 0)) || (((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && tmp___0 == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == waterLevel) && !(0 == systemActive))) || 0 == systemActive) || (((((((pumpRunning == \old(pumpRunning) && (!(pumpRunning == 0) || !(methaneLevelCritical == 0))) && (!(pumpRunning == 0) || 2 == waterLevel)) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive)))) && (((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || ((((pumpRunning == 0 && tmp == 2) && 0 == systemActive) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(0 == systemActive)) || ((((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && methaneLevelCritical == 0) && waterLevel <= 1) && tmp___0 == 0) && \old(waterLevel) == waterLevel) && 0 == systemActive) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS))) && ((((((!(\old(pumpRunning) == 0) || ((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && waterLevel <= 1) && tmp___0 == 0) && \old(waterLevel) == waterLevel) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 0)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || (((tmp == 2 && \old(waterLevel) == waterLevel) && tmp == waterLevel) && pumpRunning == 1)) || (((((pumpRunning == 0 && tmp == 2) && \old(waterLevel) == waterLevel) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive)))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0)) || !(0 == systemActive)) || ((((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && methaneLevelCritical == 0) && waterLevel <= 1) && tmp___0 == 0) && \old(waterLevel) == waterLevel) && 0 == systemActive) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS))) && (((((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && tmp___0 == 0) && tmp == waterLevel) && !(0 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (((waterLevel == 1 && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (\old(pumpRunning) == 0 && !(\old(waterLevel) == 2))) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && tmp___0 == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)))) && tmp == waterLevel)) || !(methaneLevelCritical == 1)) || 0 == systemActive) || (((((((pumpRunning == \old(pumpRunning) && (!(pumpRunning == 0) || !(methaneLevelCritical == 0))) && (!(pumpRunning == 0) || 2 == waterLevel)) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive)))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || ((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && waterLevel <= 1) && tmp___0 == 0) && \old(waterLevel) == waterLevel) && tmp == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 1))) && ((((!(\old(pumpRunning) == 0) || ((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && methaneLevelCritical == 1) && tmp == 2) && \old(waterLevel) == waterLevel) && tmp == waterLevel) && !(0 == systemActive))) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || 0 == systemActive) - InvariantResult [Line: 318]: Loop Invariant Derived loop invariant: ((((((((((((((pumpRunning == 0 && waterLevel <= 1) && methaneLevelCritical == 1) && splverifierCounter == 0) && tmp == 1) && pumpRunning == switchedOnBeforeTS) || (((((pumpRunning == 0 && methaneLevelCritical == 0) && waterLevel <= 1) && splverifierCounter == 0) && tmp == 1) && pumpRunning == switchedOnBeforeTS)) || (((((pumpRunning == 0 && methaneLevelCritical == 0) && waterLevel <= 1) && splverifierCounter == 0) && tmp == 1) && !(0 == systemActive))) || (((((pumpRunning == 0 && waterLevel <= 1) && methaneLevelCritical == 1) && splverifierCounter == 0) && tmp == 1) && !(0 == systemActive))) || (((((pumpRunning == 0 && 2 == waterLevel) && methaneLevelCritical == 0) && splverifierCounter == 0) && tmp == 1) && !(0 == systemActive))) || ((((((pumpRunning == 0 && 2 == waterLevel) && (!(methaneLevelCritical == 0) || pumpRunning == 1)) && methaneLevelCritical == 1) && splverifierCounter == 0) && tmp == 1) && !(0 == systemActive))) || (((((pumpRunning == 0 && 2 == waterLevel) && methaneLevelCritical == 0) && splverifierCounter == 0) && tmp == 1) && pumpRunning == switchedOnBeforeTS)) || (((((2 == waterLevel && methaneLevelCritical == 0) && (!(methaneLevelCritical == 0) || pumpRunning == 1)) && splverifierCounter == 0) && tmp == 1) && !(0 == systemActive))) || (((((pumpRunning == 0 && 2 == waterLevel) && methaneLevelCritical == 1) && splverifierCounter == 0) && tmp == 1) && pumpRunning == switchedOnBeforeTS)) || (((((waterLevel <= 1 && methaneLevelCritical == 1) && splverifierCounter == 0) && tmp == 1) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))) || (((((methaneLevelCritical == 0 && waterLevel <= 1) && splverifierCounter == 0) && tmp == 1) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive)) - InvariantResult [Line: 285]: Loop Invariant Derived loop invariant: (((((pumpRunning == 0 && waterLevel <= 1) && methaneLevelCritical == 1) && splverifierCounter == 0) && tmp == 1) || ((((pumpRunning == 0 && 2 == waterLevel) && methaneLevelCritical == 1) && splverifierCounter == 0) && tmp == 1)) || ((((pumpRunning == 0 && methaneLevelCritical == 0) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) - InvariantResult [Line: 880]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 317]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 933]: Loop Invariant Derived loop invariant: (((((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0)) && ((((!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || (\old(pumpRunning) == 0 && !(\old(waterLevel) == 2))) || !(methaneLevelCritical == 0)) || 0 == systemActive) || !(\old(waterLevel) <= 2))) && (((!(methaneLevelCritical == 1) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (\old(pumpRunning) == 0 && !(\old(waterLevel) == 2))) || !(methaneLevelCritical == 1)) || 0 == systemActive) - InvariantResult [Line: 110]: Loop Invariant Derived loop invariant: ((((((!(methaneLevelCritical == 0) || !(waterLevel <= 2)) || 0 == systemActive) || switchedOnBeforeTS == 0) || !(switchedOnBeforeTS == \old(pumpRunning))) && ((((!(methaneLevelCritical == 0) || ((2 <= waterLevel || tmp == 0) && pumpRunning == switchedOnBeforeTS)) || !(waterLevel <= 2)) || 0 == systemActive) || !(switchedOnBeforeTS == \old(pumpRunning)))) && ((((!(waterLevel <= 2) || !(methaneLevelCritical == 1)) || 0 == systemActive) || switchedOnBeforeTS == 0) || !(switchedOnBeforeTS == \old(pumpRunning)))) && ((((((2 <= waterLevel || tmp == 0) && pumpRunning == switchedOnBeforeTS) || !(waterLevel <= 2)) || !(methaneLevelCritical == 1)) || 0 == systemActive) || !(switchedOnBeforeTS == \old(pumpRunning))) - InvariantResult [Line: 132]: Loop Invariant Derived loop invariant: (((((((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || (((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(methaneLevelCritical == 0)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((pumpRunning == \old(pumpRunning) && waterLevel == 1) && pumpRunning == switchedOnBeforeTS)) || !(2 <= \old(waterLevel))) || \old(switchedOnBeforeTS) == 0)) && ((((((pumpRunning == \old(pumpRunning) && ((pumpRunning == 0 && \old(waterLevel) == waterLevel) || (!(pumpRunning == 0) && \old(waterLevel) == waterLevel + 1))) && pumpRunning == switchedOnBeforeTS) || !(methaneLevelCritical == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (\old(pumpRunning) == 0 && !(\old(waterLevel) == 2))) || !(methaneLevelCritical == 0)) || (((((!(switchedOnBeforeTS == 0) && pumpRunning == \old(pumpRunning)) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))) || 0 == systemActive)) && (((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (\old(pumpRunning) == 0 && !(\old(waterLevel) == 2))) || !(methaneLevelCritical == 1)) || (((((!(switchedOnBeforeTS == 0) && pumpRunning == \old(pumpRunning)) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))) || 0 == systemActive)) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 1))) && (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && ((((!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)) || ((((pumpRunning == 0 && \old(waterLevel) == waterLevel) || (!(pumpRunning == 0) && \old(waterLevel) == waterLevel + 1)) && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) || !(\old(waterLevel) == 2)) || 0 == systemActive) - InvariantResult [Line: 795]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 106]: Loop Invariant Derived loop invariant: ((((!(waterLevel <= 2) || !(methaneLevelCritical == 1)) || 0 == systemActive) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning))) && ((((!(methaneLevelCritical == 0) || !(waterLevel <= 2)) || 0 == systemActive) || pumpRunning == switchedOnBeforeTS) || !(switchedOnBeforeTS == \old(pumpRunning))) - InvariantResult [Line: 348]: Loop Invariant Derived loop invariant: ((((((((((((pumpRunning == 0 && methaneLevelCritical == 0) && waterLevel <= 1) && splverifierCounter == 0) && tmp == 1) && !(0 == systemActive)) || (((((2 == waterLevel && methaneLevelCritical == 0) && splverifierCounter == 0) && tmp == 1) && !(0 == systemActive)) && pumpRunning == 1)) || (((((methaneLevelCritical == 0 && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))) || (((((pumpRunning == 0 && methaneLevelCritical == 1) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && !(0 == systemActive))) || (((((pumpRunning == 0 && 2 == waterLevel) && methaneLevelCritical == 0) && splverifierCounter == 0) && tmp == 1) && !(0 == systemActive))) || (((((pumpRunning == 0 && methaneLevelCritical == 1) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && pumpRunning == switchedOnBeforeTS)) || (((((methaneLevelCritical == 1 && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))) || (((((pumpRunning == 0 && methaneLevelCritical == 0) && splverifierCounter == 0) && waterLevel <= 2) && tmp == 1) && pumpRunning == switchedOnBeforeTS)) || ((((2 == waterLevel && methaneLevelCritical == 1) && splverifierCounter == 0) && tmp == 1) && !(0 == systemActive)) - InvariantResult [Line: 81]: Loop Invariant Derived loop invariant: ((((((((((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 1)) || (2 <= waterLevel && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2)) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS)) || (\old(pumpRunning) == 0 && !(\old(waterLevel) == 2))) || ((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))))) || !(methaneLevelCritical == 1)) || 0 == systemActive)) && ((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1))) && ((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && pumpRunning == switchedOnBeforeTS)) || (pumpRunning == \old(pumpRunning) && pumpRunning == 0)) || !(methaneLevelCritical == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS)) || (\old(pumpRunning) == 0 && !(\old(waterLevel) == 2))) || !(methaneLevelCritical == 0)) || ((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))))) || 0 == systemActive)) && ((((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && \old(waterLevel) == waterLevel) && 0 == systemActive) && pumpRunning == switchedOnBeforeTS) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 0))) && ((((((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && \old(waterLevel) == waterLevel) && 0 == systemActive) && pumpRunning == switchedOnBeforeTS) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 0)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && methaneLevelCritical == 0) && !(0 == systemActive))) || !(2 <= \old(waterLevel))) || \old(switchedOnBeforeTS) == 0)) && (((((!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || 0 == systemActive) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && methaneLevelCritical == 0) && !(0 == systemActive))) || ((\old(waterLevel) == waterLevel + 1 && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) - InvariantResult [Line: 805]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 308]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 393]: Loop Invariant Derived loop invariant: ((((((((((((((((!(\old(pumpRunning) == 0) || ((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel) && 0 == systemActive)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && ((((!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || 0 == systemActive) || ((pumpRunning == aux-isPumpRunning()-aux && \old(waterLevel) == waterLevel) && pumpRunning == 1))) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || pumpRunning == switchedOnBeforeTS) || !(2 <= \old(waterLevel)))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 0)) || (((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && !(0 == systemActive))) || 0 == systemActive)) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || (\old(pumpRunning) == 0 && !(\old(waterLevel) == 2))) || !(methaneLevelCritical == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || (((((!(switchedOnBeforeTS == 0) && pumpRunning == \old(pumpRunning)) && pumpRunning == aux-isPumpRunning()-aux) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))) || \old(switchedOnBeforeTS) == 0)) && ((((!(\old(pumpRunning) == 0) || ((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel) && 0 == systemActive)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || ((((((!(switchedOnBeforeTS == 0) && pumpRunning == \old(pumpRunning)) && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && pumpRunning == switchedOnBeforeTS) && !(0 == systemActive))) || (\old(pumpRunning) == 0 && !(\old(waterLevel) == 2))) || !(methaneLevelCritical == 0)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || \old(switchedOnBeforeTS) == 0)) && (((((pumpRunning == \old(pumpRunning) && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || 0 == systemActive)) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (((((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel) && (\old(waterLevel) == waterLevel || waterLevel == 1)) && !(0 == systemActive))) || !(methaneLevelCritical == 1)) || 0 == systemActive)) && (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || ((pumpRunning == 0 && pumpRunning == aux-isPumpRunning()-aux) && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) == 2))) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 1)) || pumpRunning == switchedOnBeforeTS)) && ((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || !(\old(waterLevel) == 1)) || !(methaneLevelCritical == 0)) || pumpRunning == switchedOnBeforeTS)) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || (\old(pumpRunning) == 0 && !(\old(waterLevel) == 2))) || waterLevel <= 0) || !(methaneLevelCritical == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 0)) || \old(switchedOnBeforeTS) == 0)) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(pumpRunning) == 0)) || !(methaneLevelCritical == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || pumpRunning == switchedOnBeforeTS) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 128]: Loop Invariant Derived loop invariant: (((((((((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive)) && ((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 1)) || (2 <= waterLevel && \old(waterLevel) == waterLevel)) || !(\old(waterLevel) <= 2))) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS)) || (\old(pumpRunning) == 0 && !(\old(waterLevel) == 2))) || ((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))))) || !(methaneLevelCritical == 1)) || 0 == systemActive)) && ((((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || (\old(waterLevel) == waterLevel && pumpRunning == 1))) && ((((((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && pumpRunning == switchedOnBeforeTS)) || (pumpRunning == \old(pumpRunning) && pumpRunning == 0)) || !(methaneLevelCritical == 1)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || !(2 <= \old(waterLevel)))) && ((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || !(\old(waterLevel) <= 1)) || (((pumpRunning == \old(pumpRunning) && waterLevel <= 0) && ((\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel)) || \old(waterLevel) == waterLevel)) && pumpRunning == switchedOnBeforeTS)) || (\old(pumpRunning) == 0 && !(\old(waterLevel) == 2))) || !(methaneLevelCritical == 0)) || ((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && ((!(0 < \old(waterLevel)) && \old(waterLevel) == waterLevel) || (\old(waterLevel) == waterLevel + 1 && 0 < \old(waterLevel))))) || 0 == systemActive)) && (((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || ((pumpRunning == 0 && \old(waterLevel) == waterLevel) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 0))) && (((((((!(\old(switchedOnBeforeTS) == \old(pumpRunning)) || ((pumpRunning == \old(pumpRunning) && \old(waterLevel) == waterLevel + 1) && pumpRunning == switchedOnBeforeTS)) || !(methaneLevelCritical == 0)) || 0 == systemActive) || !(\old(waterLevel) <= 2)) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && methaneLevelCritical == 0) && !(0 == systemActive))) || !(2 <= \old(waterLevel))) || \old(switchedOnBeforeTS) == 0)) && (((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) <= 2)) || !(0 == systemActive))) && (((((!(methaneLevelCritical == 0) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2)) || 0 == systemActive) || ((((!(switchedOnBeforeTS == 0) && pumpRunning == 0) && \old(waterLevel) == waterLevel + 1) && methaneLevelCritical == 0) && !(0 == systemActive))) || ((\old(waterLevel) == waterLevel + 1 && pumpRunning == switchedOnBeforeTS) && pumpRunning == 1)) RESULT: Ultimate proved your program to be correct! [2022-11-03 04:13:45,318 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_8f029a07-e88c-446f-87a2-4057496ac8f9/bin/utaipan-7li7fVZpFI/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE