./Ultimate.py --spec ../../sv-benchmarks/c/properties/unreach-call.prp --file ../../sv-benchmarks/c/product-lines/minepump_spec2_product52.cil.c --full-output --architecture 32bit -------------------------------------------------------------------------------- Checking for ERROR reachability Using default analysis Version e04fb08f Calling Ultimate with: /usr/lib/jvm/java-1.11.0-openjdk-amd64/bin/java -Dosgi.configuration.area=/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/data/config -Xmx15G -Xms4m -jar /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/plugins/org.eclipse.equinox.launcher_1.5.800.v20200727-1323.jar -data @noDefault -ultimatedata /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/data -tc /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/config/TaipanReach.xml -i ../../sv-benchmarks/c/product-lines/minepump_spec2_product52.cil.c -s /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/config/svcomp-Reach-32bit-Taipan_Default.epf --cacsl2boogietranslator.entry.function main --witnessprinter.witness.directory /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0 --witnessprinter.witness.filename witness.graphml --witnessprinter.write.witness.besides.input.file false --witnessprinter.graph.data.specification CHECK( init(main()), LTL(G ! call(reach_error())) ) --witnessprinter.graph.data.producer Taipan --witnessprinter.graph.data.architecture 32bit --witnessprinter.graph.data.programhash 4583285deb29d8014ded34089a46614a743cea13eee9bbb990cdfd770bfce36e --- Real Ultimate output --- [0.001s][warning][os,container] Duplicate cpuset controllers detected. Picking /sys/fs/cgroup/cpuset, skipping /sys/fs/cgroup/cpuset. This is Ultimate 0.2.2-dev-e04fb08 [2022-11-16 16:16:48,781 INFO L177 SettingsManager]: Resetting all preferences to default values... [2022-11-16 16:16:48,783 INFO L181 SettingsManager]: Resetting UltimateCore preferences to default values [2022-11-16 16:16:48,827 INFO L184 SettingsManager]: Ultimate Commandline Interface provides no preferences, ignoring... [2022-11-16 16:16:48,828 INFO L181 SettingsManager]: Resetting Boogie Preprocessor preferences to default values [2022-11-16 16:16:48,830 INFO L181 SettingsManager]: Resetting Boogie Procedure Inliner preferences to default values [2022-11-16 16:16:48,832 INFO L181 SettingsManager]: Resetting Abstract Interpretation preferences to default values [2022-11-16 16:16:48,836 INFO L181 SettingsManager]: Resetting LassoRanker preferences to default values [2022-11-16 16:16:48,839 INFO L181 SettingsManager]: Resetting Reaching Definitions preferences to default values [2022-11-16 16:16:48,842 INFO L181 SettingsManager]: Resetting SyntaxChecker preferences to default values [2022-11-16 16:16:48,843 INFO L181 SettingsManager]: Resetting Sifa preferences to default values [2022-11-16 16:16:48,848 INFO L184 SettingsManager]: Büchi Program Product provides no preferences, ignoring... [2022-11-16 16:16:48,848 INFO L181 SettingsManager]: Resetting LTL2Aut preferences to default values [2022-11-16 16:16:48,849 INFO L181 SettingsManager]: Resetting PEA to Boogie preferences to default values [2022-11-16 16:16:48,851 INFO L181 SettingsManager]: Resetting BlockEncodingV2 preferences to default values [2022-11-16 16:16:48,852 INFO L181 SettingsManager]: Resetting ChcToBoogie preferences to default values [2022-11-16 16:16:48,853 INFO L181 SettingsManager]: Resetting AutomataScriptInterpreter preferences to default values [2022-11-16 16:16:48,853 INFO L181 SettingsManager]: Resetting BuchiAutomizer preferences to default values [2022-11-16 16:16:48,855 INFO L181 SettingsManager]: Resetting CACSL2BoogieTranslator preferences to default values [2022-11-16 16:16:48,857 INFO L181 SettingsManager]: Resetting CodeCheck preferences to default values [2022-11-16 16:16:48,858 INFO L181 SettingsManager]: Resetting InvariantSynthesis preferences to default values [2022-11-16 16:16:48,859 INFO L181 SettingsManager]: Resetting RCFGBuilder preferences to default values [2022-11-16 16:16:48,860 INFO L181 SettingsManager]: Resetting Referee preferences to default values [2022-11-16 16:16:48,861 INFO L181 SettingsManager]: Resetting TraceAbstraction preferences to default values [2022-11-16 16:16:48,864 INFO L184 SettingsManager]: TraceAbstractionConcurrent provides no preferences, ignoring... [2022-11-16 16:16:48,865 INFO L184 SettingsManager]: TraceAbstractionWithAFAs provides no preferences, ignoring... [2022-11-16 16:16:48,865 INFO L181 SettingsManager]: Resetting TreeAutomizer preferences to default values [2022-11-16 16:16:48,866 INFO L181 SettingsManager]: Resetting IcfgToChc preferences to default values [2022-11-16 16:16:48,866 INFO L181 SettingsManager]: Resetting IcfgTransformer preferences to default values [2022-11-16 16:16:48,867 INFO L184 SettingsManager]: ReqToTest provides no preferences, ignoring... [2022-11-16 16:16:48,867 INFO L181 SettingsManager]: Resetting Boogie Printer preferences to default values [2022-11-16 16:16:48,868 INFO L181 SettingsManager]: Resetting ChcSmtPrinter preferences to default values [2022-11-16 16:16:48,869 INFO L181 SettingsManager]: Resetting ReqPrinter preferences to default values [2022-11-16 16:16:48,869 INFO L181 SettingsManager]: Resetting Witness Printer preferences to default values [2022-11-16 16:16:48,870 INFO L184 SettingsManager]: Boogie PL CUP Parser provides no preferences, ignoring... [2022-11-16 16:16:48,871 INFO L181 SettingsManager]: Resetting CDTParser preferences to default values [2022-11-16 16:16:48,871 INFO L184 SettingsManager]: AutomataScriptParser provides no preferences, ignoring... [2022-11-16 16:16:48,872 INFO L184 SettingsManager]: ReqParser provides no preferences, ignoring... [2022-11-16 16:16:48,872 INFO L181 SettingsManager]: Resetting SmtParser preferences to default values [2022-11-16 16:16:48,873 INFO L181 SettingsManager]: Resetting Witness Parser preferences to default values [2022-11-16 16:16:48,873 INFO L188 SettingsManager]: Finished resetting all preferences to default values... [2022-11-16 16:16:48,874 INFO L101 SettingsManager]: Beginning loading settings from /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/config/svcomp-Reach-32bit-Taipan_Default.epf [2022-11-16 16:16:48,895 INFO L113 SettingsManager]: Loading preferences was successful [2022-11-16 16:16:48,896 INFO L115 SettingsManager]: Preferences different from defaults after loading the file: [2022-11-16 16:16:48,896 INFO L136 SettingsManager]: Preferences of UltimateCore differ from their defaults: [2022-11-16 16:16:48,896 INFO L138 SettingsManager]: * Log level for class=de.uni_freiburg.informatik.ultimate.lib.smtlibutils.quantifier.QuantifierPusher=ERROR; [2022-11-16 16:16:48,897 INFO L136 SettingsManager]: Preferences of Boogie Procedure Inliner differ from their defaults: [2022-11-16 16:16:48,897 INFO L138 SettingsManager]: * Ignore calls to procedures called more than once=ONLY_FOR_SEQUENTIAL_PROGRAMS [2022-11-16 16:16:48,897 INFO L138 SettingsManager]: * User list type=DISABLED [2022-11-16 16:16:48,898 INFO L136 SettingsManager]: Preferences of Abstract Interpretation differ from their defaults: [2022-11-16 16:16:48,898 INFO L138 SettingsManager]: * Explicit value domain=true [2022-11-16 16:16:48,898 INFO L138 SettingsManager]: * Abstract domain for RCFG-of-the-future=PoormanAbstractDomain [2022-11-16 16:16:48,898 INFO L138 SettingsManager]: * Octagon Domain=false [2022-11-16 16:16:48,898 INFO L138 SettingsManager]: * Abstract domain=CompoundDomain [2022-11-16 16:16:48,898 INFO L138 SettingsManager]: * Check feasibility of abstract posts with an SMT solver=true [2022-11-16 16:16:48,899 INFO L138 SettingsManager]: * Use the RCFG-of-the-future interface=true [2022-11-16 16:16:48,899 INFO L138 SettingsManager]: * Interval Domain=false [2022-11-16 16:16:48,899 INFO L136 SettingsManager]: Preferences of Sifa differ from their defaults: [2022-11-16 16:16:48,899 INFO L138 SettingsManager]: * Call Summarizer=TopInputCallSummarizer [2022-11-16 16:16:48,899 INFO L138 SettingsManager]: * Simplification Technique=POLY_PAC [2022-11-16 16:16:48,900 INFO L136 SettingsManager]: Preferences of CACSL2BoogieTranslator differ from their defaults: [2022-11-16 16:16:48,900 INFO L138 SettingsManager]: * sizeof long=4 [2022-11-16 16:16:48,900 INFO L138 SettingsManager]: * Overapproximate operations on floating types=true [2022-11-16 16:16:48,900 INFO L138 SettingsManager]: * sizeof POINTER=4 [2022-11-16 16:16:48,901 INFO L138 SettingsManager]: * Check division by zero=IGNORE [2022-11-16 16:16:48,901 INFO L138 SettingsManager]: * Pointer to allocated memory at dereference=IGNORE [2022-11-16 16:16:48,901 INFO L138 SettingsManager]: * If two pointers are subtracted or compared they have the same base address=IGNORE [2022-11-16 16:16:48,901 INFO L138 SettingsManager]: * Check array bounds for arrays that are off heap=IGNORE [2022-11-16 16:16:48,901 INFO L138 SettingsManager]: * sizeof long double=12 [2022-11-16 16:16:48,901 INFO L138 SettingsManager]: * Check if freed pointer was valid=false [2022-11-16 16:16:48,902 INFO L138 SettingsManager]: * Use constant arrays=true [2022-11-16 16:16:48,902 INFO L138 SettingsManager]: * Pointer base address is valid at dereference=IGNORE [2022-11-16 16:16:48,902 INFO L136 SettingsManager]: Preferences of RCFGBuilder differ from their defaults: [2022-11-16 16:16:48,902 INFO L138 SettingsManager]: * SMT solver=External_DefaultMode [2022-11-16 16:16:48,902 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-16 16:16:48,903 INFO L136 SettingsManager]: Preferences of TraceAbstraction differ from their defaults: [2022-11-16 16:16:48,903 INFO L138 SettingsManager]: * Abstract interpretation Mode=USE_PREDICATES [2022-11-16 16:16:48,903 INFO L138 SettingsManager]: * Compute Interpolants along a Counterexample=FPandBP [2022-11-16 16:16:48,903 INFO L138 SettingsManager]: * Positions where we compute the Hoare Annotation=LoopsAndPotentialCycles [2022-11-16 16:16:48,903 INFO L138 SettingsManager]: * Trace refinement strategy=SIFA_TAIPAN [2022-11-16 16:16:48,903 INFO L138 SettingsManager]: * Command for external solver=z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in [2022-11-16 16:16:48,904 INFO L138 SettingsManager]: * Compute Hoare Annotation of negated interpolant automaton, abstraction and CFG=true [2022-11-16 16:16:48,904 INFO L138 SettingsManager]: * Trace refinement exception blacklist=NONE [2022-11-16 16:16:48,904 INFO L138 SettingsManager]: * SMT solver=External_ModelsAndUnsatCoreMode WARNING: An illegal reflective access operation has occurred WARNING: Illegal reflective access by com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 (file:/tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/plugins/com.sun.xml.bind_2.2.0.v201505121915.jar) to method java.lang.ClassLoader.defineClass(java.lang.String,byte[],int,int) WARNING: Please consider reporting this to the maintainers of com.sun.xml.bind.v2.runtime.reflect.opt.Injector$1 WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations WARNING: All illegal access operations will be denied in a future release Applying setting for plugin de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator: Entry function -> main Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness directory -> /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0 Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Witness filename -> witness.graphml Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Write witness besides input file -> false Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data specification -> CHECK( init(main()), LTL(G ! call(reach_error())) ) Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data producer -> Taipan Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data architecture -> 32bit Applying setting for plugin de.uni_freiburg.informatik.ultimate.witnessprinter: Graph data programhash -> 4583285deb29d8014ded34089a46614a743cea13eee9bbb990cdfd770bfce36e [2022-11-16 16:16:49,221 INFO L75 nceAwareModelManager]: Repository-Root is: /tmp [2022-11-16 16:16:49,256 INFO L261 ainManager$Toolchain]: [Toolchain 1]: Applicable parser(s) successfully (re)initialized [2022-11-16 16:16:49,259 INFO L217 ainManager$Toolchain]: [Toolchain 1]: Toolchain selected. [2022-11-16 16:16:49,260 INFO L271 PluginConnector]: Initializing CDTParser... [2022-11-16 16:16:49,261 INFO L275 PluginConnector]: CDTParser initialized [2022-11-16 16:16:49,262 INFO L432 ainManager$Toolchain]: [Toolchain 1]: Parsing single file: /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/../../sv-benchmarks/c/product-lines/minepump_spec2_product52.cil.c [2022-11-16 16:16:49,338 INFO L220 CDTParser]: Created temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/data/9547a541b/b52ab5e6fde2499e83ac4b9627c69137/FLAGeeb70f5f5 [2022-11-16 16:16:49,852 INFO L306 CDTParser]: Found 1 translation units. [2022-11-16 16:16:49,856 INFO L160 CDTParser]: Scanning /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/sv-benchmarks/c/product-lines/minepump_spec2_product52.cil.c [2022-11-16 16:16:49,871 INFO L349 CDTParser]: About to delete temporary CDT project at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/data/9547a541b/b52ab5e6fde2499e83ac4b9627c69137/FLAGeeb70f5f5 [2022-11-16 16:16:50,358 INFO L357 CDTParser]: Successfully deleted /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/data/9547a541b/b52ab5e6fde2499e83ac4b9627c69137 [2022-11-16 16:16:50,360 INFO L299 ainManager$Toolchain]: ####################### [Toolchain 1] ####################### [2022-11-16 16:16:50,364 INFO L131 ToolchainWalker]: Walking toolchain with 6 elements. [2022-11-16 16:16:50,368 INFO L113 PluginConnector]: ------------------------CACSL2BoogieTranslator---------------------------- [2022-11-16 16:16:50,369 INFO L271 PluginConnector]: Initializing CACSL2BoogieTranslator... [2022-11-16 16:16:50,372 INFO L275 PluginConnector]: CACSL2BoogieTranslator initialized [2022-11-16 16:16:50,373 INFO L185 PluginConnector]: Executing the observer ACSLObjectContainerObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 04:16:50" (1/1) ... [2022-11-16 16:16:50,375 INFO L205 PluginConnector]: Invalid model from CACSL2BoogieTranslator for observer de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator.ACSLObjectContainerObserver@48de196f and model type de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 04:16:50, skipping insertion in model container [2022-11-16 16:16:50,375 INFO L185 PluginConnector]: Executing the observer CACSL2BoogieTranslatorObserver from plugin CACSL2BoogieTranslator for "CDTParser AST 16.11 04:16:50" (1/1) ... [2022-11-16 16:16:50,383 INFO L145 MainTranslator]: Starting translation in SV-COMP mode [2022-11-16 16:16:50,439 INFO L178 MainTranslator]: Built tables and reachable declarations [2022-11-16 16:16:50,755 WARN L229 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/sv-benchmarks/c/product-lines/minepump_spec2_product52.cil.c[19177,19190] [2022-11-16 16:16:50,758 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-16 16:16:50,768 INFO L203 MainTranslator]: Completed pre-run [2022-11-16 16:16:50,868 WARN L229 ndardFunctionHandler]: Function reach_error is already implemented but we override the implementation for the call at /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/sv-benchmarks/c/product-lines/minepump_spec2_product52.cil.c[19177,19190] [2022-11-16 16:16:50,868 INFO L210 PostProcessor]: Analyzing one entry point: main [2022-11-16 16:16:50,884 INFO L208 MainTranslator]: Completed translation [2022-11-16 16:16:50,897 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 04:16:50 WrapperNode [2022-11-16 16:16:50,897 INFO L132 PluginConnector]: ------------------------ END CACSL2BoogieTranslator---------------------------- [2022-11-16 16:16:50,898 INFO L113 PluginConnector]: ------------------------Boogie Procedure Inliner---------------------------- [2022-11-16 16:16:50,899 INFO L271 PluginConnector]: Initializing Boogie Procedure Inliner... [2022-11-16 16:16:50,899 INFO L275 PluginConnector]: Boogie Procedure Inliner initialized [2022-11-16 16:16:50,906 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 04:16:50" (1/1) ... [2022-11-16 16:16:50,921 INFO L185 PluginConnector]: Executing the observer Inliner from plugin Boogie Procedure Inliner for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 04:16:50" (1/1) ... [2022-11-16 16:16:50,968 INFO L138 Inliner]: procedures = 58, calls = 158, calls flagged for inlining = 24, calls inlined = 21, statements flattened = 265 [2022-11-16 16:16:50,968 INFO L132 PluginConnector]: ------------------------ END Boogie Procedure Inliner---------------------------- [2022-11-16 16:16:50,969 INFO L113 PluginConnector]: ------------------------Boogie Preprocessor---------------------------- [2022-11-16 16:16:50,969 INFO L271 PluginConnector]: Initializing Boogie Preprocessor... [2022-11-16 16:16:50,969 INFO L275 PluginConnector]: Boogie Preprocessor initialized [2022-11-16 16:16:50,978 INFO L185 PluginConnector]: Executing the observer EnsureBoogieModelObserver from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 04:16:50" (1/1) ... [2022-11-16 16:16:50,978 INFO L185 PluginConnector]: Executing the observer TypeChecker from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 04:16:50" (1/1) ... [2022-11-16 16:16:50,981 INFO L185 PluginConnector]: Executing the observer ConstExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 04:16:50" (1/1) ... [2022-11-16 16:16:50,981 INFO L185 PluginConnector]: Executing the observer StructExpander from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 04:16:50" (1/1) ... [2022-11-16 16:16:50,987 INFO L185 PluginConnector]: Executing the observer UnstructureCode from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 04:16:50" (1/1) ... [2022-11-16 16:16:50,991 INFO L185 PluginConnector]: Executing the observer FunctionInliner from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 04:16:50" (1/1) ... [2022-11-16 16:16:50,993 INFO L185 PluginConnector]: Executing the observer LTLStepAnnotator from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 04:16:50" (1/1) ... [2022-11-16 16:16:50,994 INFO L185 PluginConnector]: Executing the observer BoogieSymbolTableConstructor from plugin Boogie Preprocessor for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 04:16:50" (1/1) ... [2022-11-16 16:16:50,997 INFO L132 PluginConnector]: ------------------------ END Boogie Preprocessor---------------------------- [2022-11-16 16:16:50,998 INFO L113 PluginConnector]: ------------------------RCFGBuilder---------------------------- [2022-11-16 16:16:50,998 INFO L271 PluginConnector]: Initializing RCFGBuilder... [2022-11-16 16:16:50,998 INFO L275 PluginConnector]: RCFGBuilder initialized [2022-11-16 16:16:50,999 INFO L185 PluginConnector]: Executing the observer RCFGBuilderObserver from plugin RCFGBuilder for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 04:16:50" (1/1) ... [2022-11-16 16:16:51,006 INFO L173 SolverBuilder]: Constructing external solver with command: z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 [2022-11-16 16:16:51,017 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 [2022-11-16 16:16:51,029 INFO L229 MonitoredProcess]: Starting monitored process 1 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (exit command is (exit), workingDir is null) [2022-11-16 16:16:51,067 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Waiting until timeout for monitored process [2022-11-16 16:16:51,111 INFO L130 BoogieDeclarations]: Found specification of procedure #Ultimate.allocInit [2022-11-16 16:16:51,112 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__base [2022-11-16 16:16:51,112 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__base [2022-11-16 16:16:51,112 INFO L130 BoogieDeclarations]: Found specification of procedure isMethaneLevelCritical [2022-11-16 16:16:51,112 INFO L138 BoogieDeclarations]: Found implementation of procedure isMethaneLevelCritical [2022-11-16 16:16:51,112 INFO L130 BoogieDeclarations]: Found specification of procedure cleanup [2022-11-16 16:16:51,113 INFO L138 BoogieDeclarations]: Found implementation of procedure cleanup [2022-11-16 16:16:51,113 INFO L130 BoogieDeclarations]: Found specification of procedure timeShift [2022-11-16 16:16:51,113 INFO L138 BoogieDeclarations]: Found implementation of procedure timeShift [2022-11-16 16:16:51,113 INFO L130 BoogieDeclarations]: Found specification of procedure processEnvironment__wrappee__highWaterSensor [2022-11-16 16:16:51,113 INFO L138 BoogieDeclarations]: Found implementation of procedure processEnvironment__wrappee__highWaterSensor [2022-11-16 16:16:51,113 INFO L130 BoogieDeclarations]: Found specification of procedure waterRise [2022-11-16 16:16:51,114 INFO L138 BoogieDeclarations]: Found implementation of procedure waterRise [2022-11-16 16:16:51,114 INFO L130 BoogieDeclarations]: Found specification of procedure deactivatePump [2022-11-16 16:16:51,114 INFO L138 BoogieDeclarations]: Found implementation of procedure deactivatePump [2022-11-16 16:16:51,114 INFO L130 BoogieDeclarations]: Found specification of procedure write~init~int [2022-11-16 16:16:51,114 INFO L130 BoogieDeclarations]: Found specification of procedure changeMethaneLevel [2022-11-16 16:16:51,114 INFO L138 BoogieDeclarations]: Found implementation of procedure changeMethaneLevel [2022-11-16 16:16:51,115 INFO L130 BoogieDeclarations]: Found specification of procedure ULTIMATE.start [2022-11-16 16:16:51,115 INFO L138 BoogieDeclarations]: Found implementation of procedure ULTIMATE.start [2022-11-16 16:16:51,241 INFO L235 CfgBuilder]: Building ICFG [2022-11-16 16:16:51,243 INFO L261 CfgBuilder]: Building CFG for each procedure with an implementation [2022-11-16 16:16:51,661 INFO L276 CfgBuilder]: Performing block encoding [2022-11-16 16:16:51,805 INFO L295 CfgBuilder]: Using the 1 location(s) as analysis (start of procedure ULTIMATE.start) [2022-11-16 16:16:51,805 INFO L300 CfgBuilder]: Removed 2 assume(true) statements. [2022-11-16 16:16:51,808 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 16.11 04:16:51 BoogieIcfgContainer [2022-11-16 16:16:51,808 INFO L132 PluginConnector]: ------------------------ END RCFGBuilder---------------------------- [2022-11-16 16:16:51,810 INFO L113 PluginConnector]: ------------------------TraceAbstraction---------------------------- [2022-11-16 16:16:51,810 INFO L271 PluginConnector]: Initializing TraceAbstraction... [2022-11-16 16:16:51,814 INFO L275 PluginConnector]: TraceAbstraction initialized [2022-11-16 16:16:51,814 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "CDTParser AST 16.11 04:16:50" (1/3) ... [2022-11-16 16:16:51,815 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@999d514 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 04:16:51, skipping insertion in model container [2022-11-16 16:16:51,815 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.cacsl2boogietranslator AST 16.11 04:16:50" (2/3) ... [2022-11-16 16:16:51,815 INFO L205 PluginConnector]: Invalid model from TraceAbstraction for observer de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.TraceAbstractionObserver@999d514 and model type de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction AST 16.11 04:16:51, skipping insertion in model container [2022-11-16 16:16:51,815 INFO L185 PluginConnector]: Executing the observer TraceAbstractionObserver from plugin TraceAbstraction for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 16.11 04:16:51" (3/3) ... [2022-11-16 16:16:51,817 INFO L112 eAbstractionObserver]: Analyzing ICFG minepump_spec2_product52.cil.c [2022-11-16 16:16:51,836 INFO L203 ceAbstractionStarter]: Automizer settings: Hoare:true NWA Interpolation:FPandBP Determinization: PREDICATE_ABSTRACTION [2022-11-16 16:16:51,837 INFO L162 ceAbstractionStarter]: Applying trace abstraction to program that has 1 error locations. [2022-11-16 16:16:51,889 INFO L356 AbstractCegarLoop]: ======== Iteration 0 == of CEGAR loop == AllErrorsAtOnce ======== [2022-11-16 16:16:51,896 INFO L357 AbstractCegarLoop]: Settings: SEPARATE_VIOLATION_CHECK=true, mInterprocedural=true, mMaxIterations=1000000, mWatchIteration=1000000, mArtifact=RCFG, mInterpolation=FPandBP, mInterpolantAutomaton=STRAIGHT_LINE, mDumpAutomata=false, mAutomataFormat=ATS_NUMERATE, mDumpPath=., mDeterminiation=PREDICATE_ABSTRACTION, mMinimize=MINIMIZE_SEVPA, mHoare=true, mAutomataTypeConcurrency=FINITE_AUTOMATA, mHoareTripleChecks=INCREMENTAL, mHoareAnnotationPositions=LoopsAndPotentialCycles, mDumpOnlyReuseAutomata=false, mLimitTraceHistogram=0, mErrorLocTimeLimit=0, mLimitPathProgramCount=0, mCollectInterpolantStatistics=true, mHeuristicEmptinessCheck=false, mHeuristicEmptinessCheckAStarHeuristic=ZERO, mHeuristicEmptinessCheckAStarHeuristicRandomSeed=1337, mHeuristicEmptinessCheckSmtFeatureScoringMethod=DAGSIZE, mSMTFeatureExtraction=false, mSMTFeatureExtractionDumpPath=., mOverrideInterpolantAutomaton=false, mMcrInterpolantMethod=WP, mPorIndependenceSettings=[Lde.uni_freiburg.informatik.ultimate.lib.tracecheckerutils.partialorder.independence.IndependenceSettings;@320e4f9f, mLbeIndependenceSettings=[IndependenceType=SEMANTIC, AbstractionType=NONE, UseConditional=false, UseSemiCommutativity=true, Solver=Z3, SolverTimeout=1000ms] [2022-11-16 16:16:51,896 INFO L358 AbstractCegarLoop]: Starting to check reachability of 1 error locations. [2022-11-16 16:16:51,900 INFO L276 IsEmpty]: Start isEmpty. Operand has 64 states, 41 states have (on average 1.4634146341463414) internal successors, (60), 50 states have internal predecessors, (60), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) [2022-11-16 16:16:51,909 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 18 [2022-11-16 16:16:51,909 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 16:16:51,910 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 16:16:51,910 INFO L420 AbstractCegarLoop]: === Iteration 1 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 16:16:51,915 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 16:16:51,915 INFO L85 PathProgramCache]: Analyzing trace with hash 1871913479, now seen corresponding path program 1 times [2022-11-16 16:16:51,925 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-16 16:16:51,926 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1506500777] [2022-11-16 16:16:51,926 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 16:16:51,927 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 16:16:52,036 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 16:16:52,134 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-16 16:16:52,134 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-16 16:16:52,135 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1506500777] [2022-11-16 16:16:52,136 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1506500777] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 16:16:52,136 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 16:16:52,136 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [2] imperfect sequences [] total 2 [2022-11-16 16:16:52,138 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [557509127] [2022-11-16 16:16:52,139 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 16:16:52,143 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 2 states [2022-11-16 16:16:52,144 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-16 16:16:52,180 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 2 interpolants. [2022-11-16 16:16:52,181 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-16 16:16:52,184 INFO L87 Difference]: Start difference. First operand has 64 states, 41 states have (on average 1.4634146341463414) internal successors, (60), 50 states have internal predecessors, (60), 13 states have call successors, (13), 8 states have call predecessors, (13), 8 states have return successors, (13), 10 states have call predecessors, (13), 13 states have call successors, (13) Second operand has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-16 16:16:52,283 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 16:16:52,283 INFO L93 Difference]: Finished difference Result 126 states and 173 transitions. [2022-11-16 16:16:52,285 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 2 states. [2022-11-16 16:16:52,286 INFO L78 Accepts]: Start accepts. Automaton has has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 17 [2022-11-16 16:16:52,287 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 16:16:52,296 INFO L225 Difference]: With dead ends: 126 [2022-11-16 16:16:52,296 INFO L226 Difference]: Without dead ends: 59 [2022-11-16 16:16:52,300 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 2 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 0 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=1, Invalid=1, Unknown=0, NotChecked=0, Total=2 [2022-11-16 16:16:52,310 INFO L413 NwaCegarLoop]: 65 mSDtfsCounter, 0 mSDsluCounter, 0 mSDsCounter, 0 mSdLazyCounter, 18 mSolverCounterSat, 1 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 0 SdHoareTripleChecker+Valid, 65 SdHoareTripleChecker+Invalid, 19 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 1 IncrementalHoareTripleChecker+Valid, 18 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-16 16:16:52,311 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [0 Valid, 65 Invalid, 19 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [1 Valid, 18 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-16 16:16:52,330 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 59 states. [2022-11-16 16:16:52,365 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 59 to 59. [2022-11-16 16:16:52,366 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 59 states, 38 states have (on average 1.368421052631579) internal successors, (52), 46 states have internal predecessors, (52), 13 states have call successors, (13), 8 states have call predecessors, (13), 7 states have return successors, (12), 9 states have call predecessors, (12), 12 states have call successors, (12) [2022-11-16 16:16:52,375 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 59 states to 59 states and 77 transitions. [2022-11-16 16:16:52,376 INFO L78 Accepts]: Start accepts. Automaton has 59 states and 77 transitions. Word has length 17 [2022-11-16 16:16:52,377 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 16:16:52,377 INFO L495 AbstractCegarLoop]: Abstraction has 59 states and 77 transitions. [2022-11-16 16:16:52,377 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 2 states, 2 states have (on average 6.5) internal successors, (13), 2 states have internal predecessors, (13), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-16 16:16:52,377 INFO L276 IsEmpty]: Start isEmpty. Operand 59 states and 77 transitions. [2022-11-16 16:16:52,379 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 19 [2022-11-16 16:16:52,379 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 16:16:52,380 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 16:16:52,380 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable0 [2022-11-16 16:16:52,380 INFO L420 AbstractCegarLoop]: === Iteration 2 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 16:16:52,381 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 16:16:52,381 INFO L85 PathProgramCache]: Analyzing trace with hash 1788829300, now seen corresponding path program 1 times [2022-11-16 16:16:52,381 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-16 16:16:52,382 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [920236097] [2022-11-16 16:16:52,382 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 16:16:52,382 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 16:16:52,408 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 16:16:52,499 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-16 16:16:52,499 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-16 16:16:52,500 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [920236097] [2022-11-16 16:16:52,500 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [920236097] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 16:16:52,500 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 16:16:52,500 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-16 16:16:52,500 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [780306040] [2022-11-16 16:16:52,501 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 16:16:52,502 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-16 16:16:52,502 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-16 16:16:52,503 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-16 16:16:52,503 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 16:16:52,503 INFO L87 Difference]: Start difference. First operand 59 states and 77 transitions. Second operand has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-16 16:16:52,549 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 16:16:52,550 INFO L93 Difference]: Finished difference Result 90 states and 116 transitions. [2022-11-16 16:16:52,550 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-16 16:16:52,550 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 18 [2022-11-16 16:16:52,551 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 16:16:52,552 INFO L225 Difference]: With dead ends: 90 [2022-11-16 16:16:52,552 INFO L226 Difference]: Without dead ends: 51 [2022-11-16 16:16:52,552 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 3 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 16:16:52,554 INFO L413 NwaCegarLoop]: 51 mSDtfsCounter, 14 mSDsluCounter, 35 mSDsCounter, 0 mSdLazyCounter, 26 mSolverCounterSat, 0 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 18 SdHoareTripleChecker+Valid, 86 SdHoareTripleChecker+Invalid, 26 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Valid, 26 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.0s IncrementalHoareTripleChecker+Time [2022-11-16 16:16:52,554 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [18 Valid, 86 Invalid, 26 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [0 Valid, 26 Invalid, 0 Unknown, 0 Unchecked, 0.0s Time] [2022-11-16 16:16:52,555 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 51 states. [2022-11-16 16:16:52,566 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 51 to 51. [2022-11-16 16:16:52,567 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 51 states, 33 states have (on average 1.393939393939394) internal successors, (46), 41 states have internal predecessors, (46), 10 states have call successors, (10), 7 states have call predecessors, (10), 7 states have return successors, (10), 7 states have call predecessors, (10), 10 states have call successors, (10) [2022-11-16 16:16:52,568 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 51 states to 51 states and 66 transitions. [2022-11-16 16:16:52,568 INFO L78 Accepts]: Start accepts. Automaton has 51 states and 66 transitions. Word has length 18 [2022-11-16 16:16:52,568 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 16:16:52,568 INFO L495 AbstractCegarLoop]: Abstraction has 51 states and 66 transitions. [2022-11-16 16:16:52,568 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 4.666666666666667) internal successors, (14), 3 states have internal predecessors, (14), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-16 16:16:52,569 INFO L276 IsEmpty]: Start isEmpty. Operand 51 states and 66 transitions. [2022-11-16 16:16:52,569 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 22 [2022-11-16 16:16:52,570 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 16:16:52,570 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 16:16:52,570 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable1 [2022-11-16 16:16:52,570 INFO L420 AbstractCegarLoop]: === Iteration 3 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 16:16:52,571 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 16:16:52,571 INFO L85 PathProgramCache]: Analyzing trace with hash 605785607, now seen corresponding path program 1 times [2022-11-16 16:16:52,571 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-16 16:16:52,571 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [2022461394] [2022-11-16 16:16:52,572 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 16:16:52,572 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 16:16:52,616 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 16:16:52,799 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-16 16:16:52,800 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-16 16:16:52,800 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [2022461394] [2022-11-16 16:16:52,800 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [2022461394] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 16:16:52,800 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 16:16:52,801 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-16 16:16:52,801 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1378924950] [2022-11-16 16:16:52,801 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 16:16:52,802 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-16 16:16:52,802 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-16 16:16:52,802 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-16 16:16:52,803 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-16 16:16:52,803 INFO L87 Difference]: Start difference. First operand 51 states and 66 transitions. Second operand has 4 states, 4 states have (on average 4.5) internal successors, (18), 4 states have internal predecessors, (18), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-16 16:16:52,914 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 16:16:52,915 INFO L93 Difference]: Finished difference Result 134 states and 174 transitions. [2022-11-16 16:16:52,915 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-16 16:16:52,915 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 4.5) internal successors, (18), 4 states have internal predecessors, (18), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 21 [2022-11-16 16:16:52,916 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 16:16:52,917 INFO L225 Difference]: With dead ends: 134 [2022-11-16 16:16:52,917 INFO L226 Difference]: Without dead ends: 85 [2022-11-16 16:16:52,918 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 7 GetRequests, 4 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-16 16:16:52,919 INFO L413 NwaCegarLoop]: 61 mSDtfsCounter, 89 mSDsluCounter, 74 mSDsCounter, 0 mSdLazyCounter, 47 mSolverCounterSat, 9 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 93 SdHoareTripleChecker+Valid, 135 SdHoareTripleChecker+Invalid, 56 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 9 IncrementalHoareTripleChecker+Valid, 47 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-16 16:16:52,920 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [93 Valid, 135 Invalid, 56 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [9 Valid, 47 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-16 16:16:52,921 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 85 states. [2022-11-16 16:16:52,933 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 85 to 82. [2022-11-16 16:16:52,934 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 82 states, 54 states have (on average 1.3888888888888888) internal successors, (75), 65 states have internal predecessors, (75), 15 states have call successors, (15), 12 states have call predecessors, (15), 12 states have return successors, (16), 11 states have call predecessors, (16), 15 states have call successors, (16) [2022-11-16 16:16:52,935 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 82 states to 82 states and 106 transitions. [2022-11-16 16:16:52,936 INFO L78 Accepts]: Start accepts. Automaton has 82 states and 106 transitions. Word has length 21 [2022-11-16 16:16:52,936 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 16:16:52,936 INFO L495 AbstractCegarLoop]: Abstraction has 82 states and 106 transitions. [2022-11-16 16:16:52,936 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 4.5) internal successors, (18), 4 states have internal predecessors, (18), 2 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-16 16:16:52,937 INFO L276 IsEmpty]: Start isEmpty. Operand 82 states and 106 transitions. [2022-11-16 16:16:52,938 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 25 [2022-11-16 16:16:52,938 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 16:16:52,938 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 16:16:52,938 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable2 [2022-11-16 16:16:52,939 INFO L420 AbstractCegarLoop]: === Iteration 4 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 16:16:52,939 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 16:16:52,939 INFO L85 PathProgramCache]: Analyzing trace with hash 2039617653, now seen corresponding path program 1 times [2022-11-16 16:16:52,940 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-16 16:16:52,940 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [430432370] [2022-11-16 16:16:52,940 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 16:16:52,941 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 16:16:52,958 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 16:16:53,063 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-16 16:16:53,064 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-16 16:16:53,064 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [430432370] [2022-11-16 16:16:53,064 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [430432370] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 16:16:53,064 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 16:16:53,065 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-16 16:16:53,065 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1771102734] [2022-11-16 16:16:53,065 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 16:16:53,065 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-16 16:16:53,066 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-16 16:16:53,066 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-16 16:16:53,066 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-16 16:16:53,067 INFO L87 Difference]: Start difference. First operand 82 states and 106 transitions. Second operand has 4 states, 4 states have (on average 5.25) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-16 16:16:53,157 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 16:16:53,157 INFO L93 Difference]: Finished difference Result 199 states and 267 transitions. [2022-11-16 16:16:53,158 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 5 states. [2022-11-16 16:16:53,158 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 4 states have (on average 5.25) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) Word has length 24 [2022-11-16 16:16:53,158 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 16:16:53,160 INFO L225 Difference]: With dead ends: 199 [2022-11-16 16:16:53,160 INFO L226 Difference]: Without dead ends: 119 [2022-11-16 16:16:53,161 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 6 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 3 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=9, Invalid=11, Unknown=0, NotChecked=0, Total=20 [2022-11-16 16:16:53,163 INFO L413 NwaCegarLoop]: 60 mSDtfsCounter, 36 mSDsluCounter, 101 mSDsCounter, 0 mSdLazyCounter, 51 mSolverCounterSat, 8 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 36 SdHoareTripleChecker+Valid, 161 SdHoareTripleChecker+Invalid, 59 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 8 IncrementalHoareTripleChecker+Valid, 51 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-16 16:16:53,163 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [36 Valid, 161 Invalid, 59 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [8 Valid, 51 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-16 16:16:53,164 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 119 states. [2022-11-16 16:16:53,182 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 119 to 112. [2022-11-16 16:16:53,183 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 112 states, 76 states have (on average 1.3026315789473684) internal successors, (99), 86 states have internal predecessors, (99), 18 states have call successors, (18), 17 states have call predecessors, (18), 17 states have return successors, (24), 17 states have call predecessors, (24), 18 states have call successors, (24) [2022-11-16 16:16:53,184 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 112 states to 112 states and 141 transitions. [2022-11-16 16:16:53,184 INFO L78 Accepts]: Start accepts. Automaton has 112 states and 141 transitions. Word has length 24 [2022-11-16 16:16:53,185 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 16:16:53,185 INFO L495 AbstractCegarLoop]: Abstraction has 112 states and 141 transitions. [2022-11-16 16:16:53,185 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 4 states have (on average 5.25) internal successors, (21), 4 states have internal predecessors, (21), 1 states have call successors, (2), 2 states have call predecessors, (2), 1 states have return successors, (1), 1 states have call predecessors, (1), 1 states have call successors, (1) [2022-11-16 16:16:53,185 INFO L276 IsEmpty]: Start isEmpty. Operand 112 states and 141 transitions. [2022-11-16 16:16:53,186 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 30 [2022-11-16 16:16:53,187 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 16:16:53,187 INFO L195 NwaCegarLoop]: trace histogram [1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 16:16:53,187 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable3 [2022-11-16 16:16:53,187 INFO L420 AbstractCegarLoop]: === Iteration 5 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 16:16:53,188 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 16:16:53,188 INFO L85 PathProgramCache]: Analyzing trace with hash 1680772318, now seen corresponding path program 1 times [2022-11-16 16:16:53,188 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-16 16:16:53,189 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [165156778] [2022-11-16 16:16:53,189 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 16:16:53,189 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 16:16:53,207 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 16:16:53,269 INFO L134 CoverageAnalysis]: Checked inductivity of 0 backedges. 0 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-16 16:16:53,270 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-16 16:16:53,270 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [165156778] [2022-11-16 16:16:53,270 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [165156778] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 16:16:53,271 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 16:16:53,271 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [] total 3 [2022-11-16 16:16:53,274 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [2117828424] [2022-11-16 16:16:53,277 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 16:16:53,277 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-16 16:16:53,278 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-16 16:16:53,278 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-16 16:16:53,278 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 16:16:53,279 INFO L87 Difference]: Start difference. First operand 112 states and 141 transitions. Second operand has 3 states, 3 states have (on average 8.0) internal successors, (24), 3 states have internal predecessors, (24), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-16 16:16:53,383 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 16:16:53,383 INFO L93 Difference]: Finished difference Result 186 states and 241 transitions. [2022-11-16 16:16:53,383 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-16 16:16:53,388 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 8.0) internal successors, (24), 3 states have internal predecessors, (24), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) Word has length 29 [2022-11-16 16:16:53,390 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 16:16:53,395 INFO L225 Difference]: With dead ends: 186 [2022-11-16 16:16:53,395 INFO L226 Difference]: Without dead ends: 184 [2022-11-16 16:16:53,396 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 3 SyntacticMatches, 0 SemanticMatches, 1 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=3, Invalid=3, Unknown=0, NotChecked=0, Total=6 [2022-11-16 16:16:53,397 INFO L413 NwaCegarLoop]: 60 mSDtfsCounter, 42 mSDsluCounter, 48 mSDsCounter, 0 mSdLazyCounter, 31 mSolverCounterSat, 5 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.0s Time, 0 mProtectedPredicate, 0 mProtectedAction, 42 SdHoareTripleChecker+Valid, 108 SdHoareTripleChecker+Invalid, 36 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 5 IncrementalHoareTripleChecker+Valid, 31 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-16 16:16:53,398 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [42 Valid, 108 Invalid, 36 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [5 Valid, 31 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-16 16:16:53,398 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 184 states. [2022-11-16 16:16:53,440 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 184 to 169. [2022-11-16 16:16:53,440 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 169 states, 113 states have (on average 1.3097345132743363) internal successors, (148), 129 states have internal predecessors, (148), 29 states have call successors, (29), 27 states have call predecessors, (29), 26 states have return successors, (45), 25 states have call predecessors, (45), 29 states have call successors, (45) [2022-11-16 16:16:53,442 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 169 states to 169 states and 222 transitions. [2022-11-16 16:16:53,443 INFO L78 Accepts]: Start accepts. Automaton has 169 states and 222 transitions. Word has length 29 [2022-11-16 16:16:53,443 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 16:16:53,443 INFO L495 AbstractCegarLoop]: Abstraction has 169 states and 222 transitions. [2022-11-16 16:16:53,444 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 8.0) internal successors, (24), 3 states have internal predecessors, (24), 1 states have call successors, (3), 2 states have call predecessors, (3), 1 states have return successors, (2), 1 states have call predecessors, (2), 1 states have call successors, (2) [2022-11-16 16:16:53,444 INFO L276 IsEmpty]: Start isEmpty. Operand 169 states and 222 transitions. [2022-11-16 16:16:53,447 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2022-11-16 16:16:53,447 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 16:16:53,447 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 16:16:53,447 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable4 [2022-11-16 16:16:53,448 INFO L420 AbstractCegarLoop]: === Iteration 6 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 16:16:53,448 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 16:16:53,449 INFO L85 PathProgramCache]: Analyzing trace with hash -522628244, now seen corresponding path program 1 times [2022-11-16 16:16:53,449 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-16 16:16:53,449 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [697434257] [2022-11-16 16:16:53,449 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 16:16:53,449 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 16:16:53,471 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 16:16:53,555 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 19 proven. 0 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2022-11-16 16:16:53,555 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-16 16:16:53,555 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [697434257] [2022-11-16 16:16:53,556 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [697434257] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 16:16:53,556 INFO L184 FreeRefinementEngine]: Found 1 perfect and 0 imperfect interpolant sequences. [2022-11-16 16:16:53,556 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [4] imperfect sequences [] total 4 [2022-11-16 16:16:53,556 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [283192964] [2022-11-16 16:16:53,556 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 16:16:53,557 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 4 states [2022-11-16 16:16:53,558 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-16 16:16:53,559 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 4 interpolants. [2022-11-16 16:16:53,559 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-16 16:16:53,559 INFO L87 Difference]: Start difference. First operand 169 states and 222 transitions. Second operand has 4 states, 3 states have (on average 14.666666666666666) internal successors, (44), 4 states have internal predecessors, (44), 3 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) [2022-11-16 16:16:53,694 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 16:16:53,694 INFO L93 Difference]: Finished difference Result 337 states and 443 transitions. [2022-11-16 16:16:53,695 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 4 states. [2022-11-16 16:16:53,695 INFO L78 Accepts]: Start accepts. Automaton has has 4 states, 3 states have (on average 14.666666666666666) internal successors, (44), 4 states have internal predecessors, (44), 3 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) Word has length 60 [2022-11-16 16:16:53,695 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 16:16:53,699 INFO L225 Difference]: With dead ends: 337 [2022-11-16 16:16:53,700 INFO L226 Difference]: Without dead ends: 170 [2022-11-16 16:16:53,705 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 4 GetRequests, 2 SyntacticMatches, 0 SemanticMatches, 2 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=5, Invalid=7, Unknown=0, NotChecked=0, Total=12 [2022-11-16 16:16:53,708 INFO L413 NwaCegarLoop]: 72 mSDtfsCounter, 82 mSDsluCounter, 44 mSDsCounter, 0 mSdLazyCounter, 80 mSolverCounterSat, 4 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 82 SdHoareTripleChecker+Valid, 116 SdHoareTripleChecker+Invalid, 84 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 4 IncrementalHoareTripleChecker+Valid, 80 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-16 16:16:53,710 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [82 Valid, 116 Invalid, 84 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [4 Valid, 80 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-16 16:16:53,713 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 170 states. [2022-11-16 16:16:53,755 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 170 to 159. [2022-11-16 16:16:53,757 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 159 states, 107 states have (on average 1.2990654205607477) internal successors, (139), 121 states have internal predecessors, (139), 26 states have call successors, (26), 25 states have call predecessors, (26), 25 states have return successors, (36), 24 states have call predecessors, (36), 26 states have call successors, (36) [2022-11-16 16:16:53,760 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 159 states to 159 states and 201 transitions. [2022-11-16 16:16:53,761 INFO L78 Accepts]: Start accepts. Automaton has 159 states and 201 transitions. Word has length 60 [2022-11-16 16:16:53,761 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 16:16:53,761 INFO L495 AbstractCegarLoop]: Abstraction has 159 states and 201 transitions. [2022-11-16 16:16:53,761 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 4 states, 3 states have (on average 14.666666666666666) internal successors, (44), 4 states have internal predecessors, (44), 3 states have call successors, (6), 2 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) [2022-11-16 16:16:53,761 INFO L276 IsEmpty]: Start isEmpty. Operand 159 states and 201 transitions. [2022-11-16 16:16:53,769 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 58 [2022-11-16 16:16:53,769 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 16:16:53,770 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 16:16:53,770 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable5 [2022-11-16 16:16:53,771 INFO L420 AbstractCegarLoop]: === Iteration 7 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 16:16:53,771 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 16:16:53,771 INFO L85 PathProgramCache]: Analyzing trace with hash -1539119106, now seen corresponding path program 1 times [2022-11-16 16:16:53,772 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-16 16:16:53,772 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [349770407] [2022-11-16 16:16:53,772 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 16:16:53,772 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 16:16:53,795 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 16:16:53,907 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 19 proven. 2 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2022-11-16 16:16:53,907 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-16 16:16:53,907 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [349770407] [2022-11-16 16:16:53,907 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [349770407] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-16 16:16:53,908 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [995865679] [2022-11-16 16:16:53,908 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 16:16:53,908 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 16:16:53,908 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 [2022-11-16 16:16:53,911 INFO L229 MonitoredProcess]: Starting monitored process 2 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-16 16:16:53,933 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Waiting until timeout for monitored process [2022-11-16 16:16:54,099 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 16:16:54,102 INFO L263 TraceCheckSpWp]: Trace formula consists of 428 conjuncts, 4 conjunts are in the unsatisfiable core [2022-11-16 16:16:54,108 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-16 16:16:54,229 INFO L134 CoverageAnalysis]: Checked inductivity of 26 backedges. 26 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-16 16:16:54,229 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-16 16:16:54,229 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [995865679] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 16:16:54,230 INFO L184 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2022-11-16 16:16:54,230 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [3] imperfect sequences [5] total 6 [2022-11-16 16:16:54,230 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [31327359] [2022-11-16 16:16:54,230 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 16:16:54,231 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 3 states [2022-11-16 16:16:54,231 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-16 16:16:54,231 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 3 interpolants. [2022-11-16 16:16:54,232 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=12, Invalid=18, Unknown=0, NotChecked=0, Total=30 [2022-11-16 16:16:54,232 INFO L87 Difference]: Start difference. First operand 159 states and 201 transitions. Second operand has 3 states, 3 states have (on average 15.333333333333334) internal successors, (46), 3 states have internal predecessors, (46), 3 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) [2022-11-16 16:16:54,333 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 16:16:54,333 INFO L93 Difference]: Finished difference Result 307 states and 397 transitions. [2022-11-16 16:16:54,334 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 3 states. [2022-11-16 16:16:54,334 INFO L78 Accepts]: Start accepts. Automaton has has 3 states, 3 states have (on average 15.333333333333334) internal successors, (46), 3 states have internal predecessors, (46), 3 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) Word has length 57 [2022-11-16 16:16:54,335 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 16:16:54,336 INFO L225 Difference]: With dead ends: 307 [2022-11-16 16:16:54,336 INFO L226 Difference]: Without dead ends: 150 [2022-11-16 16:16:54,337 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 63 GetRequests, 59 SyntacticMatches, 0 SemanticMatches, 4 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 0 ImplicationChecksByTransitivity, 0.0s TimeCoverageRelationStatistics Valid=12, Invalid=18, Unknown=0, NotChecked=0, Total=30 [2022-11-16 16:16:54,338 INFO L413 NwaCegarLoop]: 75 mSDtfsCounter, 28 mSDsluCounter, 36 mSDsCounter, 0 mSdLazyCounter, 40 mSolverCounterSat, 2 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.1s Time, 0 mProtectedPredicate, 0 mProtectedAction, 28 SdHoareTripleChecker+Valid, 111 SdHoareTripleChecker+Invalid, 42 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 2 IncrementalHoareTripleChecker+Valid, 40 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.1s IncrementalHoareTripleChecker+Time [2022-11-16 16:16:54,338 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [28 Valid, 111 Invalid, 42 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [2 Valid, 40 Invalid, 0 Unknown, 0 Unchecked, 0.1s Time] [2022-11-16 16:16:54,339 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 150 states. [2022-11-16 16:16:54,361 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 150 to 150. [2022-11-16 16:16:54,362 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 150 states, 102 states have (on average 1.2549019607843137) internal successors, (128), 114 states have internal predecessors, (128), 24 states have call successors, (24), 23 states have call predecessors, (24), 23 states have return successors, (31), 23 states have call predecessors, (31), 24 states have call successors, (31) [2022-11-16 16:16:54,363 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 150 states to 150 states and 183 transitions. [2022-11-16 16:16:54,364 INFO L78 Accepts]: Start accepts. Automaton has 150 states and 183 transitions. Word has length 57 [2022-11-16 16:16:54,364 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 16:16:54,364 INFO L495 AbstractCegarLoop]: Abstraction has 150 states and 183 transitions. [2022-11-16 16:16:54,365 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 3 states, 3 states have (on average 15.333333333333334) internal successors, (46), 3 states have internal predecessors, (46), 3 states have call successors, (6), 3 states have call predecessors, (6), 2 states have return successors, (5), 2 states have call predecessors, (5), 3 states have call successors, (5) [2022-11-16 16:16:54,365 INFO L276 IsEmpty]: Start isEmpty. Operand 150 states and 183 transitions. [2022-11-16 16:16:54,366 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 61 [2022-11-16 16:16:54,366 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 16:16:54,367 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 16:16:54,400 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (2)] Forceful destruction successful, exit code 0 [2022-11-16 16:16:54,579 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable6,2 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 16:16:54,580 INFO L420 AbstractCegarLoop]: === Iteration 8 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 16:16:54,580 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 16:16:54,580 INFO L85 PathProgramCache]: Analyzing trace with hash 215137069, now seen corresponding path program 1 times [2022-11-16 16:16:54,580 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-16 16:16:54,580 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [519194605] [2022-11-16 16:16:54,581 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 16:16:54,581 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 16:16:54,616 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 16:16:55,157 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 18 proven. 2 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-11-16 16:16:55,158 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-16 16:16:55,158 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [519194605] [2022-11-16 16:16:55,158 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [519194605] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-16 16:16:55,158 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1805817634] [2022-11-16 16:16:55,158 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 16:16:55,159 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 16:16:55,159 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 [2022-11-16 16:16:55,160 INFO L229 MonitoredProcess]: Starting monitored process 3 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-16 16:16:55,165 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Waiting until timeout for monitored process [2022-11-16 16:16:55,280 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 16:16:55,282 INFO L263 TraceCheckSpWp]: Trace formula consists of 433 conjuncts, 20 conjunts are in the unsatisfiable core [2022-11-16 16:16:55,285 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-16 16:16:55,750 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 24 proven. 0 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-16 16:16:55,751 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-16 16:16:55,751 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1805817634] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 16:16:55,751 INFO L184 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2022-11-16 16:16:55,751 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [9] imperfect sequences [9] total 17 [2022-11-16 16:16:55,752 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1069218138] [2022-11-16 16:16:55,752 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 16:16:55,754 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 10 states [2022-11-16 16:16:55,754 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-16 16:16:55,755 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 10 interpolants. [2022-11-16 16:16:55,755 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=55, Invalid=217, Unknown=0, NotChecked=0, Total=272 [2022-11-16 16:16:55,756 INFO L87 Difference]: Start difference. First operand 150 states and 183 transitions. Second operand has 10 states, 9 states have (on average 5.222222222222222) internal successors, (47), 9 states have internal predecessors, (47), 4 states have call successors, (7), 4 states have call predecessors, (7), 3 states have return successors, (6), 2 states have call predecessors, (6), 4 states have call successors, (6) [2022-11-16 16:16:56,408 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 16:16:56,408 INFO L93 Difference]: Finished difference Result 412 states and 508 transitions. [2022-11-16 16:16:56,409 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 15 states. [2022-11-16 16:16:56,409 INFO L78 Accepts]: Start accepts. Automaton has has 10 states, 9 states have (on average 5.222222222222222) internal successors, (47), 9 states have internal predecessors, (47), 4 states have call successors, (7), 4 states have call predecessors, (7), 3 states have return successors, (6), 2 states have call predecessors, (6), 4 states have call successors, (6) Word has length 60 [2022-11-16 16:16:56,410 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 16:16:56,411 INFO L225 Difference]: With dead ends: 412 [2022-11-16 16:16:56,412 INFO L226 Difference]: Without dead ends: 264 [2022-11-16 16:16:56,412 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 74 GetRequests, 53 SyntacticMatches, 0 SemanticMatches, 21 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 80 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=114, Invalid=392, Unknown=0, NotChecked=0, Total=506 [2022-11-16 16:16:56,414 INFO L413 NwaCegarLoop]: 69 mSDtfsCounter, 189 mSDsluCounter, 285 mSDsCounter, 0 mSdLazyCounter, 407 mSolverCounterSat, 71 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.3s Time, 0 mProtectedPredicate, 0 mProtectedAction, 199 SdHoareTripleChecker+Valid, 354 SdHoareTripleChecker+Invalid, 478 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 71 IncrementalHoareTripleChecker+Valid, 407 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.4s IncrementalHoareTripleChecker+Time [2022-11-16 16:16:56,414 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [199 Valid, 354 Invalid, 478 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [71 Valid, 407 Invalid, 0 Unknown, 0 Unchecked, 0.4s Time] [2022-11-16 16:16:56,416 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 264 states. [2022-11-16 16:16:56,464 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 264 to 251. [2022-11-16 16:16:56,466 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 251 states, 175 states have (on average 1.262857142857143) internal successors, (221), 192 states have internal predecessors, (221), 37 states have call successors, (37), 36 states have call predecessors, (37), 38 states have return successors, (44), 38 states have call predecessors, (44), 37 states have call successors, (44) [2022-11-16 16:16:56,468 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 251 states to 251 states and 302 transitions. [2022-11-16 16:16:56,468 INFO L78 Accepts]: Start accepts. Automaton has 251 states and 302 transitions. Word has length 60 [2022-11-16 16:16:56,470 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 16:16:56,471 INFO L495 AbstractCegarLoop]: Abstraction has 251 states and 302 transitions. [2022-11-16 16:16:56,471 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 10 states, 9 states have (on average 5.222222222222222) internal successors, (47), 9 states have internal predecessors, (47), 4 states have call successors, (7), 4 states have call predecessors, (7), 3 states have return successors, (6), 2 states have call predecessors, (6), 4 states have call successors, (6) [2022-11-16 16:16:56,471 INFO L276 IsEmpty]: Start isEmpty. Operand 251 states and 302 transitions. [2022-11-16 16:16:56,474 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 64 [2022-11-16 16:16:56,474 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 16:16:56,474 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 16:16:56,491 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (3)] Forceful destruction successful, exit code 0 [2022-11-16 16:16:56,680 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable7,3 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 16:16:56,681 INFO L420 AbstractCegarLoop]: === Iteration 9 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 16:16:56,681 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 16:16:56,681 INFO L85 PathProgramCache]: Analyzing trace with hash 1039553112, now seen corresponding path program 1 times [2022-11-16 16:16:56,681 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-16 16:16:56,681 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1180162514] [2022-11-16 16:16:56,681 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 16:16:56,681 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 16:16:56,722 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 16:16:56,865 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 18 proven. 1 refuted. 0 times theorem prover too weak. 5 trivial. 0 not checked. [2022-11-16 16:16:56,866 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-16 16:16:56,866 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1180162514] [2022-11-16 16:16:56,866 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1180162514] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-16 16:16:56,868 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1421410571] [2022-11-16 16:16:56,868 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 16:16:56,869 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 16:16:56,869 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 [2022-11-16 16:16:56,870 INFO L229 MonitoredProcess]: Starting monitored process 4 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-16 16:16:56,899 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Waiting until timeout for monitored process [2022-11-16 16:16:56,998 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 16:16:57,001 INFO L263 TraceCheckSpWp]: Trace formula consists of 439 conjuncts, 34 conjunts are in the unsatisfiable core [2022-11-16 16:16:57,004 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-16 16:16:57,471 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 13 proven. 11 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-16 16:16:57,471 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-16 16:16:58,120 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 11 proven. 3 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2022-11-16 16:16:58,121 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1421410571] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-16 16:16:58,121 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [708462737] [2022-11-16 16:16:58,140 INFO L159 IcfgInterpreter]: Started Sifa with 40 locations of interest [2022-11-16 16:16:58,141 INFO L166 IcfgInterpreter]: Building call graph [2022-11-16 16:16:58,144 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-16 16:16:58,149 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-16 16:16:58,150 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-16 16:17:05,462 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 296 for LOIs [2022-11-16 16:17:05,527 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 303 for LOIs [2022-11-16 16:17:10,492 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 299 for LOIs [2022-11-16 16:17:11,070 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 315 for LOIs [2022-11-16 16:17:11,191 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-16 16:18:06,715 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSifa [708462737] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 16:18:06,715 INFO L184 FreeRefinementEngine]: Found 1 perfect and 3 imperfect interpolant sequences. [2022-11-16 16:18:06,716 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [21] imperfect sequences [7, 12, 14] total 49 [2022-11-16 16:18:06,716 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1188734270] [2022-11-16 16:18:06,716 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 16:18:06,717 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 22 states [2022-11-16 16:18:06,717 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-16 16:18:06,717 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 22 interpolants. [2022-11-16 16:18:06,718 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=344, Invalid=2008, Unknown=0, NotChecked=0, Total=2352 [2022-11-16 16:18:06,719 INFO L87 Difference]: Start difference. First operand 251 states and 302 transitions. Second operand has 22 states, 18 states have (on average 1.7777777777777777) internal successors, (32), 18 states have internal predecessors, (32), 5 states have call successors, (6), 5 states have call predecessors, (6), 4 states have return successors, (6), 5 states have call predecessors, (6), 5 states have call successors, (6) [2022-11-16 16:18:43,693 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 16:18:43,693 INFO L93 Difference]: Finished difference Result 656 states and 800 transitions. [2022-11-16 16:18:43,694 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 28 states. [2022-11-16 16:18:43,694 INFO L78 Accepts]: Start accepts. Automaton has has 22 states, 18 states have (on average 1.7777777777777777) internal successors, (32), 18 states have internal predecessors, (32), 5 states have call successors, (6), 5 states have call predecessors, (6), 4 states have return successors, (6), 5 states have call predecessors, (6), 5 states have call successors, (6) Word has length 63 [2022-11-16 16:18:43,694 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 16:18:43,696 INFO L225 Difference]: With dead ends: 656 [2022-11-16 16:18:43,697 INFO L226 Difference]: Without dead ends: 407 [2022-11-16 16:18:43,699 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 205 GetRequests, 140 SyntacticMatches, 7 SemanticMatches, 58 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 1181 ImplicationChecksByTransitivity, 87.9s TimeCoverageRelationStatistics Valid=550, Invalid=2990, Unknown=0, NotChecked=0, Total=3540 [2022-11-16 16:18:43,699 INFO L413 NwaCegarLoop]: 75 mSDtfsCounter, 175 mSDsluCounter, 464 mSDsCounter, 0 mSdLazyCounter, 1247 mSolverCounterSat, 76 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 4.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 178 SdHoareTripleChecker+Valid, 539 SdHoareTripleChecker+Invalid, 1323 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 76 IncrementalHoareTripleChecker+Valid, 1247 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 4.8s IncrementalHoareTripleChecker+Time [2022-11-16 16:18:43,700 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [178 Valid, 539 Invalid, 1323 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [76 Valid, 1247 Invalid, 0 Unknown, 0 Unchecked, 4.8s Time] [2022-11-16 16:18:43,701 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 407 states. [2022-11-16 16:18:43,873 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 407 to 369. [2022-11-16 16:18:43,875 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 369 states, 259 states have (on average 1.2586872586872586) internal successors, (326), 279 states have internal predecessors, (326), 53 states have call successors, (53), 52 states have call predecessors, (53), 56 states have return successors, (64), 55 states have call predecessors, (64), 53 states have call successors, (64) [2022-11-16 16:18:43,878 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 369 states to 369 states and 443 transitions. [2022-11-16 16:18:43,878 INFO L78 Accepts]: Start accepts. Automaton has 369 states and 443 transitions. Word has length 63 [2022-11-16 16:18:43,879 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 16:18:43,879 INFO L495 AbstractCegarLoop]: Abstraction has 369 states and 443 transitions. [2022-11-16 16:18:43,880 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 22 states, 18 states have (on average 1.7777777777777777) internal successors, (32), 18 states have internal predecessors, (32), 5 states have call successors, (6), 5 states have call predecessors, (6), 4 states have return successors, (6), 5 states have call predecessors, (6), 5 states have call successors, (6) [2022-11-16 16:18:43,880 INFO L276 IsEmpty]: Start isEmpty. Operand 369 states and 443 transitions. [2022-11-16 16:18:43,887 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 67 [2022-11-16 16:18:43,888 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 16:18:43,893 INFO L195 NwaCegarLoop]: trace histogram [2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 16:18:43,899 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (4)] Forceful destruction successful, exit code 0 [2022-11-16 16:18:44,099 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 4 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable8 [2022-11-16 16:18:44,099 INFO L420 AbstractCegarLoop]: === Iteration 10 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 16:18:44,100 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 16:18:44,100 INFO L85 PathProgramCache]: Analyzing trace with hash 744251358, now seen corresponding path program 1 times [2022-11-16 16:18:44,100 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-16 16:18:44,100 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [971546310] [2022-11-16 16:18:44,100 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 16:18:44,100 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 16:18:44,122 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 16:18:44,792 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 7 proven. 13 refuted. 0 times theorem prover too weak. 4 trivial. 0 not checked. [2022-11-16 16:18:44,792 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-16 16:18:44,792 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [971546310] [2022-11-16 16:18:44,792 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [971546310] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-16 16:18:44,792 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [701047266] [2022-11-16 16:18:44,793 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 16:18:44,793 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 16:18:44,793 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 [2022-11-16 16:18:44,794 INFO L229 MonitoredProcess]: Starting monitored process 5 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-16 16:18:44,817 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Waiting until timeout for monitored process [2022-11-16 16:18:44,909 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 16:18:44,912 INFO L263 TraceCheckSpWp]: Trace formula consists of 445 conjuncts, 34 conjunts are in the unsatisfiable core [2022-11-16 16:18:44,915 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-16 16:18:45,295 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 13 proven. 11 refuted. 0 times theorem prover too weak. 0 trivial. 0 not checked. [2022-11-16 16:18:45,296 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-16 16:18:45,926 INFO L134 CoverageAnalysis]: Checked inductivity of 24 backedges. 11 proven. 3 refuted. 0 times theorem prover too weak. 10 trivial. 0 not checked. [2022-11-16 16:18:45,926 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [701047266] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-16 16:18:45,926 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1973887118] [2022-11-16 16:18:45,931 INFO L159 IcfgInterpreter]: Started Sifa with 43 locations of interest [2022-11-16 16:18:45,937 INFO L166 IcfgInterpreter]: Building call graph [2022-11-16 16:18:45,938 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-16 16:18:45,938 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-16 16:18:45,938 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-16 16:18:55,175 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 323 for LOIs [2022-11-16 16:18:55,287 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 37 for LOIs [2022-11-16 16:18:55,550 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 67 for LOIs [2022-11-16 16:18:55,799 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 24 for LOIs [2022-11-16 16:18:55,801 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 51 for LOIs [2022-11-16 16:18:55,810 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 40 for LOIs [2022-11-16 16:18:55,813 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-16 16:19:09,822 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '7180#(and (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp~6#1| 0)) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification2_spec__2_~tmp___0~3#1|) (<= 0 (+ 2147483648 |old(~pumpRunning~0)|)) (= ~head~0.offset 0) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~1#1|) (<= |old(~pumpRunning~0)| 2147483647) (= 1 ~systemActive~0) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~1#1|) (<= 0 ~methAndRunningLastTime~0) (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp___0~3#1| 0)) (<= 0 |old(~methAndRunningLastTime~0)|) (<= |timeShift___utac_acc__Specification2_spec__2_~tmp~6#1| 1) (<= |old(~methAndRunningLastTime~0)| 1) (<= 0 ~head~0.base) (<= 0 ~methaneLevelCritical~0) (<= |timeShift___utac_acc__Specification2_spec__2_~tmp___0~3#1| 2147483647) (<= ~head~0.base 0) (= |#NULL.offset| 0) (not (= ~methAndRunningLastTime~0 0)) (<= ~methAndRunningLastTime~0 1) (<= 0 (+ |timeShift___utac_acc__Specification2_spec__2_~tmp___0~3#1| 2147483648)) (<= 0 |#StackHeapBarrier|) (= |timeShift___utac_acc__Specification2_spec__2_~tmp~6#1| ~methaneLevelCritical~0) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-16 16:19:09,822 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-16 16:19:09,822 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-16 16:19:09,822 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [14, 12, 14] total 35 [2022-11-16 16:19:09,822 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1350840987] [2022-11-16 16:19:09,822 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-16 16:19:09,823 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 35 states [2022-11-16 16:19:09,823 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-16 16:19:09,823 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 35 interpolants. [2022-11-16 16:19:09,825 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=467, Invalid=3955, Unknown=0, NotChecked=0, Total=4422 [2022-11-16 16:19:09,825 INFO L87 Difference]: Start difference. First operand 369 states and 443 transitions. Second operand has 35 states, 30 states have (on average 3.7333333333333334) internal successors, (112), 30 states have internal predecessors, (112), 15 states have call successors, (24), 12 states have call predecessors, (24), 11 states have return successors, (21), 9 states have call predecessors, (21), 14 states have call successors, (21) [2022-11-16 16:19:13,718 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 16:19:13,719 INFO L93 Difference]: Finished difference Result 1051 states and 1290 transitions. [2022-11-16 16:19:13,719 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 52 states. [2022-11-16 16:19:13,720 INFO L78 Accepts]: Start accepts. Automaton has has 35 states, 30 states have (on average 3.7333333333333334) internal successors, (112), 30 states have internal predecessors, (112), 15 states have call successors, (24), 12 states have call predecessors, (24), 11 states have return successors, (21), 9 states have call predecessors, (21), 14 states have call successors, (21) Word has length 66 [2022-11-16 16:19:13,720 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 16:19:13,724 INFO L225 Difference]: With dead ends: 1051 [2022-11-16 16:19:13,724 INFO L226 Difference]: Without dead ends: 768 [2022-11-16 16:19:13,728 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 271 GetRequests, 154 SyntacticMatches, 4 SemanticMatches, 113 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 4921 ImplicationChecksByTransitivity, 16.4s TimeCoverageRelationStatistics Valid=1457, Invalid=11653, Unknown=0, NotChecked=0, Total=13110 [2022-11-16 16:19:13,729 INFO L413 NwaCegarLoop]: 135 mSDtfsCounter, 1670 mSDsluCounter, 1280 mSDsCounter, 0 mSdLazyCounter, 2160 mSolverCounterSat, 896 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 1.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 1674 SdHoareTripleChecker+Valid, 1415 SdHoareTripleChecker+Invalid, 3056 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 896 IncrementalHoareTripleChecker+Valid, 2160 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 1.7s IncrementalHoareTripleChecker+Time [2022-11-16 16:19:13,729 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [1674 Valid, 1415 Invalid, 3056 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [896 Valid, 2160 Invalid, 0 Unknown, 0 Unchecked, 1.7s Time] [2022-11-16 16:19:13,730 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 768 states. [2022-11-16 16:19:13,890 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 768 to 623. [2022-11-16 16:19:13,891 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 623 states, 442 states have (on average 1.253393665158371) internal successors, (554), 476 states have internal predecessors, (554), 88 states have call successors, (88), 87 states have call predecessors, (88), 92 states have return successors, (102), 90 states have call predecessors, (102), 88 states have call successors, (102) [2022-11-16 16:19:13,894 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 623 states to 623 states and 744 transitions. [2022-11-16 16:19:13,894 INFO L78 Accepts]: Start accepts. Automaton has 623 states and 744 transitions. Word has length 66 [2022-11-16 16:19:13,895 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 16:19:13,895 INFO L495 AbstractCegarLoop]: Abstraction has 623 states and 744 transitions. [2022-11-16 16:19:13,895 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 35 states, 30 states have (on average 3.7333333333333334) internal successors, (112), 30 states have internal predecessors, (112), 15 states have call successors, (24), 12 states have call predecessors, (24), 11 states have return successors, (21), 9 states have call predecessors, (21), 14 states have call successors, (21) [2022-11-16 16:19:13,895 INFO L276 IsEmpty]: Start isEmpty. Operand 623 states and 744 transitions. [2022-11-16 16:19:13,897 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 114 [2022-11-16 16:19:13,897 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 16:19:13,897 INFO L195 NwaCegarLoop]: trace histogram [4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 16:19:13,911 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (5)] Forceful destruction successful, exit code 0 [2022-11-16 16:19:14,107 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 5 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable9 [2022-11-16 16:19:14,107 INFO L420 AbstractCegarLoop]: === Iteration 11 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 16:19:14,107 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 16:19:14,108 INFO L85 PathProgramCache]: Analyzing trace with hash -244726395, now seen corresponding path program 1 times [2022-11-16 16:19:14,108 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-16 16:19:14,108 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [388904234] [2022-11-16 16:19:14,108 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 16:19:14,108 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 16:19:14,128 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 16:19:14,307 INFO L134 CoverageAnalysis]: Checked inductivity of 131 backedges. 72 proven. 9 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2022-11-16 16:19:14,308 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-16 16:19:14,308 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [388904234] [2022-11-16 16:19:14,308 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [388904234] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-16 16:19:14,308 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [1482045140] [2022-11-16 16:19:14,308 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 16:19:14,309 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 16:19:14,309 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 [2022-11-16 16:19:14,310 INFO L229 MonitoredProcess]: Starting monitored process 6 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-16 16:19:14,334 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Waiting until timeout for monitored process [2022-11-16 16:19:14,459 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 16:19:14,462 INFO L263 TraceCheckSpWp]: Trace formula consists of 609 conjuncts, 39 conjunts are in the unsatisfiable core [2022-11-16 16:19:14,466 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-16 16:19:15,181 INFO L134 CoverageAnalysis]: Checked inductivity of 131 backedges. 67 proven. 57 refuted. 0 times theorem prover too weak. 7 trivial. 0 not checked. [2022-11-16 16:19:15,181 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-16 16:19:16,390 INFO L134 CoverageAnalysis]: Checked inductivity of 131 backedges. 72 proven. 32 refuted. 0 times theorem prover too weak. 27 trivial. 0 not checked. [2022-11-16 16:19:16,390 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [1482045140] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-16 16:19:16,390 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [1937746396] [2022-11-16 16:19:16,393 INFO L159 IcfgInterpreter]: Started Sifa with 43 locations of interest [2022-11-16 16:19:16,393 INFO L166 IcfgInterpreter]: Building call graph [2022-11-16 16:19:16,394 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-16 16:19:16,394 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-16 16:19:16,394 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-16 16:19:24,203 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 25 for LOIs [2022-11-16 16:19:24,206 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 30 for LOIs [2022-11-16 16:19:24,498 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 63 for LOIs [2022-11-16 16:19:24,681 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 23 for LOIs [2022-11-16 16:19:24,683 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 35 for LOIs [2022-11-16 16:19:24,685 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 31 for LOIs [2022-11-16 16:19:24,687 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-16 16:19:31,379 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSifa [1937746396] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 16:19:31,379 INFO L184 FreeRefinementEngine]: Found 1 perfect and 3 imperfect interpolant sequences. [2022-11-16 16:19:31,380 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [28] imperfect sequences [7, 17, 17] total 63 [2022-11-16 16:19:31,380 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [137553836] [2022-11-16 16:19:31,380 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 16:19:31,381 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 29 states [2022-11-16 16:19:31,381 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-16 16:19:31,381 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 29 interpolants. [2022-11-16 16:19:31,383 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=529, Invalid=3377, Unknown=0, NotChecked=0, Total=3906 [2022-11-16 16:19:31,387 INFO L87 Difference]: Start difference. First operand 623 states and 744 transitions. Second operand has 29 states, 20 states have (on average 1.75) internal successors, (35), 24 states have internal predecessors, (35), 7 states have call successors, (7), 6 states have call predecessors, (7), 6 states have return successors, (7), 5 states have call predecessors, (7), 7 states have call successors, (7) [2022-11-16 16:19:54,397 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 16:19:54,397 INFO L93 Difference]: Finished difference Result 1707 states and 2139 transitions. [2022-11-16 16:19:54,397 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 58 states. [2022-11-16 16:19:54,398 INFO L78 Accepts]: Start accepts. Automaton has has 29 states, 20 states have (on average 1.75) internal successors, (35), 24 states have internal predecessors, (35), 7 states have call successors, (7), 6 states have call predecessors, (7), 6 states have return successors, (7), 5 states have call predecessors, (7), 7 states have call successors, (7) Word has length 113 [2022-11-16 16:19:54,398 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 16:19:54,406 INFO L225 Difference]: With dead ends: 1707 [2022-11-16 16:19:54,406 INFO L226 Difference]: Without dead ends: 1086 [2022-11-16 16:19:54,410 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 391 GetRequests, 272 SyntacticMatches, 14 SemanticMatches, 105 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 3828 ImplicationChecksByTransitivity, 27.2s TimeCoverageRelationStatistics Valid=1614, Invalid=9728, Unknown=0, NotChecked=0, Total=11342 [2022-11-16 16:19:54,411 INFO L413 NwaCegarLoop]: 79 mSDtfsCounter, 245 mSDsluCounter, 580 mSDsCounter, 0 mSdLazyCounter, 2244 mSolverCounterSat, 237 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 2.4s Time, 0 mProtectedPredicate, 0 mProtectedAction, 248 SdHoareTripleChecker+Valid, 659 SdHoareTripleChecker+Invalid, 2481 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 237 IncrementalHoareTripleChecker+Valid, 2244 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 2.7s IncrementalHoareTripleChecker+Time [2022-11-16 16:19:54,411 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [248 Valid, 659 Invalid, 2481 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [237 Valid, 2244 Invalid, 0 Unknown, 0 Unchecked, 2.7s Time] [2022-11-16 16:19:54,413 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1086 states. [2022-11-16 16:19:54,643 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1086 to 902. [2022-11-16 16:19:54,645 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 902 states, 646 states have (on average 1.238390092879257) internal successors, (800), 684 states have internal predecessors, (800), 126 states have call successors, (126), 123 states have call predecessors, (126), 129 states have return successors, (147), 128 states have call predecessors, (147), 126 states have call successors, (147) [2022-11-16 16:19:54,649 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 902 states to 902 states and 1073 transitions. [2022-11-16 16:19:54,650 INFO L78 Accepts]: Start accepts. Automaton has 902 states and 1073 transitions. Word has length 113 [2022-11-16 16:19:54,650 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 16:19:54,651 INFO L495 AbstractCegarLoop]: Abstraction has 902 states and 1073 transitions. [2022-11-16 16:19:54,651 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 29 states, 20 states have (on average 1.75) internal successors, (35), 24 states have internal predecessors, (35), 7 states have call successors, (7), 6 states have call predecessors, (7), 6 states have return successors, (7), 5 states have call predecessors, (7), 7 states have call successors, (7) [2022-11-16 16:19:54,651 INFO L276 IsEmpty]: Start isEmpty. Operand 902 states and 1073 transitions. [2022-11-16 16:19:54,654 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 117 [2022-11-16 16:19:54,654 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 16:19:54,654 INFO L195 NwaCegarLoop]: trace histogram [4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 16:19:54,663 INFO L552 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (6)] Ended with exit code 0 [2022-11-16 16:19:54,860 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable10,6 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 16:19:54,861 INFO L420 AbstractCegarLoop]: === Iteration 12 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 16:19:54,861 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 16:19:54,861 INFO L85 PathProgramCache]: Analyzing trace with hash -1515969141, now seen corresponding path program 1 times [2022-11-16 16:19:54,861 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-16 16:19:54,862 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1679213024] [2022-11-16 16:19:54,862 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 16:19:54,862 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 16:19:54,880 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 16:19:55,040 INFO L134 CoverageAnalysis]: Checked inductivity of 131 backedges. 72 proven. 9 refuted. 0 times theorem prover too weak. 50 trivial. 0 not checked. [2022-11-16 16:19:55,041 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-16 16:19:55,041 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1679213024] [2022-11-16 16:19:55,041 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1679213024] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-16 16:19:55,041 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [658232196] [2022-11-16 16:19:55,041 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 16:19:55,041 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 16:19:55,042 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 [2022-11-16 16:19:55,043 INFO L229 MonitoredProcess]: Starting monitored process 7 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-16 16:19:55,075 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Waiting until timeout for monitored process [2022-11-16 16:19:55,182 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 16:19:55,185 INFO L263 TraceCheckSpWp]: Trace formula consists of 615 conjuncts, 22 conjunts are in the unsatisfiable core [2022-11-16 16:19:55,188 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-16 16:19:55,374 INFO L134 CoverageAnalysis]: Checked inductivity of 131 backedges. 87 proven. 16 refuted. 0 times theorem prover too weak. 28 trivial. 0 not checked. [2022-11-16 16:19:55,375 INFO L328 TraceCheckSpWp]: Computing backward predicates... [2022-11-16 16:19:55,712 INFO L134 CoverageAnalysis]: Checked inductivity of 131 backedges. 61 proven. 28 refuted. 0 times theorem prover too weak. 42 trivial. 0 not checked. [2022-11-16 16:19:55,712 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [658232196] provided 0 perfect and 2 imperfect interpolant sequences [2022-11-16 16:19:55,713 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSifa [703934117] [2022-11-16 16:19:55,715 INFO L159 IcfgInterpreter]: Started Sifa with 46 locations of interest [2022-11-16 16:19:55,715 INFO L166 IcfgInterpreter]: Building call graph [2022-11-16 16:19:55,716 INFO L171 IcfgInterpreter]: Initial procedures are [ULTIMATE.start] [2022-11-16 16:19:55,716 INFO L176 IcfgInterpreter]: Starting interpretation [2022-11-16 16:19:55,716 INFO L197 IcfgInterpreter]: Interpreting procedure ULTIMATE.start with input of size 1 for LOIs [2022-11-16 16:19:59,939 INFO L197 IcfgInterpreter]: Interpreting procedure waterRise with input of size 45 for LOIs [2022-11-16 16:19:59,946 INFO L197 IcfgInterpreter]: Interpreting procedure timeShift with input of size 30 for LOIs [2022-11-16 16:20:00,234 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__highWaterSensor with input of size 59 for LOIs [2022-11-16 16:20:00,388 INFO L197 IcfgInterpreter]: Interpreting procedure isMethaneLevelCritical with input of size 22 for LOIs [2022-11-16 16:20:00,389 INFO L197 IcfgInterpreter]: Interpreting procedure changeMethaneLevel with input of size 43 for LOIs [2022-11-16 16:20:00,396 INFO L197 IcfgInterpreter]: Interpreting procedure processEnvironment__wrappee__base with input of size 35 for LOIs [2022-11-16 16:20:00,398 INFO L197 IcfgInterpreter]: Interpreting procedure deactivatePump with input of size 31 for LOIs [2022-11-16 16:20:00,399 INFO L180 IcfgInterpreter]: Interpretation finished [2022-11-16 16:20:06,746 INFO L133 SifaRunner]: Sifa could not show that error location is unreachable, found '15269#(and (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp~6#1| 0)) (= |timeShift_isPumpRunning_#res#1| |timeShift___utac_acc__Specification2_spec__2_~tmp___0~3#1|) (= ~head~0.offset 0) (= ~pumpRunning~0 |timeShift_isPumpRunning_~retValue_acc~1#1|) (= 1 ~systemActive~0) (= |timeShift_isPumpRunning_#res#1| |timeShift_isPumpRunning_~retValue_acc~1#1|) (<= 0 ~methAndRunningLastTime~0) (not (= |timeShift___utac_acc__Specification2_spec__2_~tmp___0~3#1| 0)) (<= 0 |old(~methAndRunningLastTime~0)|) (<= |timeShift___utac_acc__Specification2_spec__2_~tmp~6#1| 2147483647) (<= 0 ~head~0.base) (<= 0 ~methaneLevelCritical~0) (<= |timeShift___utac_acc__Specification2_spec__2_~tmp___0~3#1| 2147483647) (<= ~head~0.base 0) (= |#NULL.offset| 0) (not (= ~methAndRunningLastTime~0 0)) (<= 0 (+ |timeShift___utac_acc__Specification2_spec__2_~tmp___0~3#1| 2147483648)) (<= 0 |#StackHeapBarrier|) (= |timeShift___utac_acc__Specification2_spec__2_~tmp~6#1| ~methaneLevelCritical~0) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))' at error location [2022-11-16 16:20:06,747 WARN L310 FreeRefinementEngine]: Interpolation failed due to KNOWN_IGNORE: ALGORITHM_FAILED [2022-11-16 16:20:06,747 INFO L184 FreeRefinementEngine]: Found 0 perfect and 3 imperfect interpolant sequences. [2022-11-16 16:20:06,747 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [] imperfect sequences [7, 9, 11] total 21 [2022-11-16 16:20:06,747 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [1997188999] [2022-11-16 16:20:06,747 INFO L85 oduleStraightlineAll]: Using 3 imperfect interpolants to construct interpolant automaton [2022-11-16 16:20:06,748 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 21 states [2022-11-16 16:20:06,748 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-16 16:20:06,749 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 21 interpolants. [2022-11-16 16:20:06,749 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=286, Invalid=2576, Unknown=0, NotChecked=0, Total=2862 [2022-11-16 16:20:06,750 INFO L87 Difference]: Start difference. First operand 902 states and 1073 transitions. Second operand has 21 states, 15 states have (on average 8.733333333333333) internal successors, (131), 16 states have internal predecessors, (131), 8 states have call successors, (30), 7 states have call predecessors, (30), 12 states have return successors, (33), 10 states have call predecessors, (33), 8 states have call successors, (33) [2022-11-16 16:20:08,658 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 16:20:08,659 INFO L93 Difference]: Finished difference Result 2485 states and 3087 transitions. [2022-11-16 16:20:08,659 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 27 states. [2022-11-16 16:20:08,660 INFO L78 Accepts]: Start accepts. Automaton has has 21 states, 15 states have (on average 8.733333333333333) internal successors, (131), 16 states have internal predecessors, (131), 8 states have call successors, (30), 7 states have call predecessors, (30), 12 states have return successors, (33), 10 states have call predecessors, (33), 8 states have call successors, (33) Word has length 116 [2022-11-16 16:20:08,660 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 16:20:08,674 INFO L225 Difference]: With dead ends: 2485 [2022-11-16 16:20:08,674 INFO L226 Difference]: Without dead ends: 1937 [2022-11-16 16:20:08,679 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 387 GetRequests, 301 SyntacticMatches, 12 SemanticMatches, 74 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 2168 ImplicationChecksByTransitivity, 6.9s TimeCoverageRelationStatistics Valid=547, Invalid=5153, Unknown=0, NotChecked=0, Total=5700 [2022-11-16 16:20:08,679 INFO L413 NwaCegarLoop]: 61 mSDtfsCounter, 552 mSDsluCounter, 390 mSDsCounter, 0 mSdLazyCounter, 1172 mSolverCounterSat, 283 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.6s Time, 0 mProtectedPredicate, 0 mProtectedAction, 559 SdHoareTripleChecker+Valid, 451 SdHoareTripleChecker+Invalid, 1455 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 283 IncrementalHoareTripleChecker+Valid, 1172 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.7s IncrementalHoareTripleChecker+Time [2022-11-16 16:20:08,680 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [559 Valid, 451 Invalid, 1455 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [283 Valid, 1172 Invalid, 0 Unknown, 0 Unchecked, 0.7s Time] [2022-11-16 16:20:08,682 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 1937 states. [2022-11-16 16:20:09,271 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 1937 to 1692. [2022-11-16 16:20:09,274 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 1692 states, 1218 states have (on average 1.2192118226600985) internal successors, (1485), 1286 states have internal predecessors, (1485), 234 states have call successors, (234), 229 states have call predecessors, (234), 239 states have return successors, (274), 238 states have call predecessors, (274), 234 states have call successors, (274) [2022-11-16 16:20:09,281 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 1692 states to 1692 states and 1993 transitions. [2022-11-16 16:20:09,282 INFO L78 Accepts]: Start accepts. Automaton has 1692 states and 1993 transitions. Word has length 116 [2022-11-16 16:20:09,283 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 16:20:09,283 INFO L495 AbstractCegarLoop]: Abstraction has 1692 states and 1993 transitions. [2022-11-16 16:20:09,284 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 21 states, 15 states have (on average 8.733333333333333) internal successors, (131), 16 states have internal predecessors, (131), 8 states have call successors, (30), 7 states have call predecessors, (30), 12 states have return successors, (33), 10 states have call predecessors, (33), 8 states have call successors, (33) [2022-11-16 16:20:09,284 INFO L276 IsEmpty]: Start isEmpty. Operand 1692 states and 1993 transitions. [2022-11-16 16:20:09,288 INFO L282 IsEmpty]: Finished isEmpty. Found accepting run of length 117 [2022-11-16 16:20:09,288 INFO L187 NwaCegarLoop]: Found error trace [2022-11-16 16:20:09,288 INFO L195 NwaCegarLoop]: trace histogram [4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 3, 3, 3, 3, 3, 3, 2, 2, 2, 2, 2, 2, 2, 2, 2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 16:20:09,300 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (7)] Forceful destruction successful, exit code 0 [2022-11-16 16:20:09,494 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: SelfDestructingSolverStorable11,7 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 16:20:09,495 INFO L420 AbstractCegarLoop]: === Iteration 13 === Targeting timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION === [timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION] === [2022-11-16 16:20:09,495 INFO L144 PredicateUnifier]: Initialized classic predicate unifier [2022-11-16 16:20:09,495 INFO L85 PathProgramCache]: Analyzing trace with hash 342131089, now seen corresponding path program 2 times [2022-11-16 16:20:09,495 INFO L118 FreeRefinementEngine]: Executing refinement strategy SIFA_TAIPAN [2022-11-16 16:20:09,495 INFO L333 FreeRefinementEngine]: Using trace check IpTcStrategyModuleSmtInterpolCraig [1614380498] [2022-11-16 16:20:09,495 INFO L95 rtionOrderModulation]: Keeping assertion order NOT_INCREMENTALLY [2022-11-16 16:20:09,496 INFO L127 SolverBuilder]: Constructing new instance of SMTInterpol with explicit timeout -1 ms and remaining time -1 ms [2022-11-16 16:20:09,516 INFO L136 AnnotateAndAsserter]: Conjunction of SSA is unsat [2022-11-16 16:20:10,590 INFO L134 CoverageAnalysis]: Checked inductivity of 131 backedges. 52 proven. 58 refuted. 0 times theorem prover too weak. 21 trivial. 0 not checked. [2022-11-16 16:20:10,590 INFO L136 FreeRefinementEngine]: Strategy SIFA_TAIPAN found an infeasible trace [2022-11-16 16:20:10,590 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleSmtInterpolCraig [1614380498] [2022-11-16 16:20:10,590 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleSmtInterpolCraig [1614380498] provided 0 perfect and 1 imperfect interpolant sequences [2022-11-16 16:20:10,591 INFO L333 FreeRefinementEngine]: Using interpolant generator IpTcStrategyModuleZ3 [435061435] [2022-11-16 16:20:10,591 INFO L93 rtionOrderModulation]: Changing assertion order to OUTSIDE_LOOP_FIRST2 [2022-11-16 16:20:10,591 INFO L173 SolverBuilder]: Constructing external solver with command: z3 -smt2 -in SMTLIB2_COMPLIANT=true [2022-11-16 16:20:10,591 INFO L189 MonitoredProcess]: No working directory specified, using /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 [2022-11-16 16:20:10,592 INFO L229 MonitoredProcess]: Starting monitored process 8 with /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (exit command is (exit), workingDir is null) [2022-11-16 16:20:10,594 INFO L327 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (8)] Waiting until timeout for monitored process [2022-11-16 16:20:10,708 INFO L228 tOrderPrioritization]: Assert order OUTSIDE_LOOP_FIRST2 issued 2 check-sat command(s) [2022-11-16 16:20:10,709 INFO L229 tOrderPrioritization]: Conjunction of SSA is unsat [2022-11-16 16:20:10,711 INFO L263 TraceCheckSpWp]: Trace formula consists of 439 conjuncts, 33 conjunts are in the unsatisfiable core [2022-11-16 16:20:10,715 INFO L286 TraceCheckSpWp]: Computing forward predicates... [2022-11-16 16:20:10,931 INFO L134 CoverageAnalysis]: Checked inductivity of 131 backedges. 86 proven. 0 refuted. 0 times theorem prover too weak. 45 trivial. 0 not checked. [2022-11-16 16:20:10,932 INFO L324 TraceCheckSpWp]: Omiting computation of backward sequence because forward sequence was already perfect [2022-11-16 16:20:10,932 INFO L157 FreeRefinementEngine]: IpTcStrategyModuleZ3 [435061435] provided 1 perfect and 0 imperfect interpolant sequences [2022-11-16 16:20:10,932 INFO L184 FreeRefinementEngine]: Found 1 perfect and 1 imperfect interpolant sequences. [2022-11-16 16:20:10,932 INFO L197 FreeRefinementEngine]: Number of different interpolants: perfect sequences [8] imperfect sequences [20] total 25 [2022-11-16 16:20:10,932 INFO L121 tionRefinementEngine]: Using interpolant automaton builder IpAbStrategyModuleStraightlineAll [871129814] [2022-11-16 16:20:10,933 INFO L85 oduleStraightlineAll]: Using 1 perfect interpolants to construct interpolant automaton [2022-11-16 16:20:10,933 INFO L571 AbstractCegarLoop]: INTERPOLANT automaton has 8 states [2022-11-16 16:20:10,933 INFO L100 FreeRefinementEngine]: Using predicate unifier PredicateUnifier provided by strategy SIFA_TAIPAN [2022-11-16 16:20:10,934 INFO L143 InterpolantAutomaton]: Constructing interpolant automaton starting with 8 interpolants. [2022-11-16 16:20:10,934 INFO L145 InterpolantAutomaton]: CoverageRelationStatistics Valid=78, Invalid=522, Unknown=0, NotChecked=0, Total=600 [2022-11-16 16:20:10,934 INFO L87 Difference]: Start difference. First operand 1692 states and 1993 transitions. Second operand has 8 states, 8 states have (on average 7.875) internal successors, (63), 8 states have internal predecessors, (63), 4 states have call successors, (11), 4 states have call predecessors, (11), 3 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2022-11-16 16:20:11,979 INFO L144 Difference]: Subtrahend was deterministic. Have not used determinization. [2022-11-16 16:20:11,980 INFO L93 Difference]: Finished difference Result 3454 states and 4128 transitions. [2022-11-16 16:20:11,980 INFO L141 InterpolantAutomaton]: Switched to read-only mode: deterministic interpolant automaton has 12 states. [2022-11-16 16:20:11,980 INFO L78 Accepts]: Start accepts. Automaton has has 8 states, 8 states have (on average 7.875) internal successors, (63), 8 states have internal predecessors, (63), 4 states have call successors, (11), 4 states have call predecessors, (11), 3 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) Word has length 116 [2022-11-16 16:20:11,982 INFO L84 Accepts]: Finished accepts. some prefix is accepted. [2022-11-16 16:20:11,983 INFO L225 Difference]: With dead ends: 3454 [2022-11-16 16:20:11,984 INFO L226 Difference]: Without dead ends: 0 [2022-11-16 16:20:11,989 INFO L412 NwaCegarLoop]: 0 DeclaredPredicates, 141 GetRequests, 114 SyntacticMatches, 0 SemanticMatches, 27 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 165 ImplicationChecksByTransitivity, 0.4s TimeCoverageRelationStatistics Valid=103, Invalid=709, Unknown=0, NotChecked=0, Total=812 [2022-11-16 16:20:11,992 INFO L413 NwaCegarLoop]: 113 mSDtfsCounter, 139 mSDsluCounter, 274 mSDsCounter, 0 mSdLazyCounter, 264 mSolverCounterSat, 43 mSolverCounterUnsat, 0 mSolverCounterUnknown, 0 mSolverCounterNotChecked, 0.2s Time, 0 mProtectedPredicate, 0 mProtectedAction, 142 SdHoareTripleChecker+Valid, 387 SdHoareTripleChecker+Invalid, 307 SdHoareTripleChecker+Unknown, 0 SdHoareTripleChecker+Unchecked, 0.0s SdHoareTripleChecker+Time, 43 IncrementalHoareTripleChecker+Valid, 264 IncrementalHoareTripleChecker+Invalid, 0 IncrementalHoareTripleChecker+Unknown, 0 IncrementalHoareTripleChecker+Unchecked, 0.2s IncrementalHoareTripleChecker+Time [2022-11-16 16:20:11,993 INFO L414 NwaCegarLoop]: SdHoareTripleChecker [142 Valid, 387 Invalid, 307 Unknown, 0 Unchecked, 0.0s Time], IncrementalHoareTripleChecker [43 Valid, 264 Invalid, 0 Unknown, 0 Unchecked, 0.2s Time] [2022-11-16 16:20:11,993 INFO L82 GeneralOperation]: Start minimizeSevpa. Operand 0 states. [2022-11-16 16:20:11,994 INFO L88 GeneralOperation]: Finished minimizeSevpa. Reduced states from 0 to 0. [2022-11-16 16:20:11,994 INFO L82 GeneralOperation]: Start removeUnreachable. Operand has 0 states, 0 states have (on average 0.0) internal successors, (0), 0 states have internal predecessors, (0), 0 states have call successors, (0), 0 states have call predecessors, (0), 0 states have return successors, (0), 0 states have call predecessors, (0), 0 states have call successors, (0) [2022-11-16 16:20:11,994 INFO L88 GeneralOperation]: Finished removeUnreachable. Reduced from 0 states to 0 states and 0 transitions. [2022-11-16 16:20:11,995 INFO L78 Accepts]: Start accepts. Automaton has 0 states and 0 transitions. Word has length 116 [2022-11-16 16:20:11,995 INFO L84 Accepts]: Finished accepts. word is rejected. [2022-11-16 16:20:11,995 INFO L495 AbstractCegarLoop]: Abstraction has 0 states and 0 transitions. [2022-11-16 16:20:11,995 INFO L496 AbstractCegarLoop]: INTERPOLANT automaton has has 8 states, 8 states have (on average 7.875) internal successors, (63), 8 states have internal predecessors, (63), 4 states have call successors, (11), 4 states have call predecessors, (11), 3 states have return successors, (12), 3 states have call predecessors, (12), 3 states have call successors, (12) [2022-11-16 16:20:11,995 INFO L276 IsEmpty]: Start isEmpty. Operand 0 states and 0 transitions. [2022-11-16 16:20:11,996 INFO L282 IsEmpty]: Finished isEmpty. No accepting run. [2022-11-16 16:20:12,005 INFO L805 garLoopResultBuilder]: Registering result SAFE for location timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION (0 of 1 remaining) [2022-11-16 16:20:12,016 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true (8)] Forceful destruction successful, exit code 0 [2022-11-16 16:20:12,211 WARN L477 AbstractCegarLoop]: Destroyed unattended storables created during the last iteration: 8 /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 -smt2 -in SMTLIB2_COMPLIANT=true,SelfDestructingSolverStorable12 [2022-11-16 16:20:12,214 INFO L343 DoubleDeckerVisitor]: Before removal of dead ends 0 states and 0 transitions. [2022-11-16 16:20:22,988 WARN L233 SmtUtils]: Spent 5.45s on a formula simplification. DAG size of input: 400 DAG size of output: 396 (called from [L 182] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.or) [2022-11-16 16:20:30,638 WARN L233 SmtUtils]: Spent 6.74s on a formula simplification that was a NOOP. DAG size: 453 (called from [L 182] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.or) [2022-11-16 16:20:38,334 WARN L233 SmtUtils]: Spent 7.69s on a formula simplification. DAG size of input: 462 DAG size of output: 446 (called from [L 182] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.or) [2022-11-16 16:20:55,083 WARN L233 SmtUtils]: Spent 9.69s on a formula simplification. DAG size of input: 475 DAG size of output: 464 (called from [L 182] de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction.HoareAnnotationComposer.or) [2022-11-16 16:21:53,142 INFO L895 garLoopResultBuilder]: At program point deactivatePumpENTRY(lines 229 236) the Hoare annotation is: (let ((.cse7 (= ~pumpRunning~0 1)) (.cse8 (= 1 ~systemActive~0))) (let ((.cse5 (not (= ~waterLevel~0 1))) (.cse3 (not (= ~methaneLevelCritical~0 1))) (.cse0 (not .cse8)) (.cse1 (not (<= 2 ~waterLevel~0))) (.cse6 (not (= ~methaneLevelCritical~0 0))) (.cse2 (not (= |old(~pumpRunning~0)| 1))) (.cse4 (and (= ~pumpRunning~0 |old(~pumpRunning~0)|) .cse8 .cse7))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse0 .cse6 .cse2 .cse7) (or .cse5 .cse0 .cse2 .cse3 .cse7) (or .cse0 .cse1 .cse6 .cse2 .cse4)))) [2022-11-16 16:21:53,142 INFO L899 garLoopResultBuilder]: For program point deactivatePumpEXIT(lines 229 236) no Hoare annotation was computed. [2022-11-16 16:21:53,142 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__baseEXIT(lines 162 168) no Hoare annotation was computed. [2022-11-16 16:21:53,142 INFO L902 garLoopResultBuilder]: At program point processEnvironment__wrappee__baseFINAL(lines 162 168) the Hoare annotation is: true [2022-11-16 16:21:53,143 INFO L895 garLoopResultBuilder]: At program point changeMethaneLevelENTRY(lines 558 569) the Hoare annotation is: (let ((.cse4 (not (= 0 ~systemActive~0))) (.cse0 (not (= ~pumpRunning~0 0))) (.cse1 (= ~methaneLevelCritical~0 1)) (.cse2 (not (= |old(~methaneLevelCritical~0)| 1))) (.cse5 (not (= |old(~methaneLevelCritical~0)| 0))) (.cse7 (not (= 1 ~systemActive~0))) (.cse6 (= |old(~methaneLevelCritical~0)| ~methaneLevelCritical~0)) (.cse9 (not (<= 2 ~waterLevel~0))) (.cse8 (not (= ~pumpRunning~0 1))) (.cse3 (not (= ~methAndRunningLastTime~0 0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse0 .cse6 .cse3 .cse4) (or .cse5 .cse7 (not (= 2 ~waterLevel~0)) .cse6 .cse8) (or .cse7 .cse9 .cse1 .cse8 .cse2) (or .cse5 .cse0 .cse7 .cse6 .cse3) (or .cse0 .cse7 .cse1 .cse2 .cse3) (or .cse5 .cse7 .cse6 .cse9 .cse8 .cse3))) [2022-11-16 16:21:53,143 INFO L899 garLoopResultBuilder]: For program point changeMethaneLevelEXIT(lines 558 569) no Hoare annotation was computed. [2022-11-16 16:21:53,143 INFO L902 garLoopResultBuilder]: At program point isMethaneLevelCriticalENTRY(lines 570 578) the Hoare annotation is: true [2022-11-16 16:21:53,143 INFO L899 garLoopResultBuilder]: For program point isMethaneLevelCriticalEXIT(lines 570 578) no Hoare annotation was computed. [2022-11-16 16:21:53,143 INFO L899 garLoopResultBuilder]: For program point cleanupEXIT(lines 356 385) no Hoare annotation was computed. [2022-11-16 16:21:53,144 INFO L902 garLoopResultBuilder]: At program point L381(lines 356 385) the Hoare annotation is: true [2022-11-16 16:21:53,144 INFO L902 garLoopResultBuilder]: At program point cleanupENTRY(lines 356 385) the Hoare annotation is: true [2022-11-16 16:21:53,144 INFO L899 garLoopResultBuilder]: For program point L377(line 377) no Hoare annotation was computed. [2022-11-16 16:21:53,144 INFO L899 garLoopResultBuilder]: For program point L370(lines 370 374) no Hoare annotation was computed. [2022-11-16 16:21:53,144 INFO L902 garLoopResultBuilder]: At program point L370-1(lines 370 374) the Hoare annotation is: true [2022-11-16 16:21:53,145 INFO L902 garLoopResultBuilder]: At program point L366-2(lines 366 380) the Hoare annotation is: true [2022-11-16 16:21:53,145 INFO L902 garLoopResultBuilder]: At program point L362(line 362) the Hoare annotation is: true [2022-11-16 16:21:53,145 INFO L899 garLoopResultBuilder]: For program point L362-1(line 362) no Hoare annotation was computed. [2022-11-16 16:21:53,145 INFO L899 garLoopResultBuilder]: For program point L478(lines 478 488) no Hoare annotation was computed. [2022-11-16 16:21:53,146 INFO L895 garLoopResultBuilder]: At program point L474(lines 474 491) the Hoare annotation is: (let ((.cse11 (not (= |old(~pumpRunning~0)| 0))) (.cse9 (<= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse6 (= ~pumpRunning~0 0)) (.cse29 (= 1 ~systemActive~0)) (.cse8 (<= ~waterLevel~0 |old(~waterLevel~0)|)) (.cse10 (= |timeShift___utac_acc__Specification2_spec__2_~tmp~6#1| ~methaneLevelCritical~0)) (.cse28 (or .cse11 .cse9)) (.cse7 (<= ~waterLevel~0 1))) (let ((.cse13 (= ~methAndRunningLastTime~0 0)) (.cse14 (= ~pumpRunning~0 1)) (.cse20 (and .cse7 (<= 1 ~waterLevel~0))) (.cse1 (not (<= 1 |old(~pumpRunning~0)|))) (.cse4 (and .cse6 (= |timeShift_processEnvironment_~tmp~2#1| 1) .cse29 .cse8 .cse10 .cse28)) (.cse19 (not (<= |old(~waterLevel~0)| 1))) (.cse2 (not (= |old(~pumpRunning~0)| 1))) (.cse5 (not (<= 2 |old(~waterLevel~0)|))) (.cse22 (not (= |#NULL.offset| 0))) (.cse12 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse0 (not .cse29)) (.cse23 (not (= ~head~0.offset 0))) (.cse15 (not (= ~methaneLevelCritical~0 0))) (.cse24 (not (= |#NULL.base| 0))) (.cse25 (not (<= 0 |#StackHeapBarrier|))) (.cse26 (not (= ~head~0.base 0))) (.cse27 (not (= ~cleanupTimeShifts~0 4))) (.cse21 (and .cse6 .cse10 .cse28)) (.cse3 (not (= ~methaneLevelCritical~0 1))) (.cse16 (not (= |old(~waterLevel~0)| 2))) (.cse17 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse18 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (or (and .cse6 .cse7 .cse8 .cse9 .cse10) .cse11 .cse12 (and .cse13 (<= 2 ~waterLevel~0) .cse8 .cse9 .cse10 .cse14) .cse0 .cse15) (or .cse11 .cse15 .cse16 .cse17 .cse18) (or .cse19 .cse11 (and .cse6 .cse8 .cse9 .cse10) .cse12 .cse0 .cse3) (or .cse11 .cse12 .cse0 .cse3 (and .cse13 .cse8 .cse9 .cse10 .cse14) .cse5) (or .cse0 .cse1 .cse15 .cse20 .cse2 .cse16) (or .cse0 .cse1 .cse20 .cse2 .cse3 .cse16) (or .cse11 .cse21 .cse15 .cse18) (or .cse0 .cse1 .cse15 .cse2 .cse4 .cse5) (or .cse19 .cse11 .cse7 .cse3 .cse18) (or .cse19 .cse11 .cse7 .cse15 .cse18) (or .cse22 .cse12 .cse0 .cse23 .cse15 .cse2 .cse24 (and (<= ~methAndRunningLastTime~0 0) (= (ite (= ~waterLevel~0 0) 1 0) 0) (<= 0 ~methAndRunningLastTime~0)) .cse25 .cse26 .cse27 .cse5) (or .cse11 .cse22 .cse12 .cse0 .cse23 .cse15 .cse24 .cse25 (= |old(~methAndRunningLastTime~0)| ~methAndRunningLastTime~0) .cse26 .cse27) (or .cse11 .cse21 .cse3 .cse18) (or .cse11 .cse3 .cse16 .cse17 .cse18))))) [2022-11-16 16:21:53,147 INFO L895 garLoopResultBuilder]: At program point L474-1(lines 466 494) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse12 (<= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse17 (= ~pumpRunning~0 0)) (.cse18 (= ~methAndRunningLastTime~0 0)) (.cse22 (= 1 ~systemActive~0)) (.cse11 (<= ~waterLevel~0 |old(~waterLevel~0)|)) (.cse4 (not (= 0 ~systemActive~0))) (.cse13 (= |timeShift___utac_acc__Specification2_spec__2_~tmp~6#1| ~methaneLevelCritical~0)) (.cse23 (or .cse0 .cse12)) (.cse19 (<= ~waterLevel~0 1))) (let ((.cse7 (and .cse19 (<= 1 ~waterLevel~0))) (.cse16 (not (<= |old(~waterLevel~0)| 1))) (.cse6 (not (<= 1 |old(~pumpRunning~0)|))) (.cse8 (not (= |old(~pumpRunning~0)| 1))) (.cse21 (and .cse17 .cse18 (= |timeShift_processEnvironment_~tmp~2#1| 1) .cse22 .cse11 .cse4 .cse13 .cse23)) (.cse15 (not (<= 2 |old(~waterLevel~0)|))) (.cse20 (and .cse17 .cse18 .cse13 .cse23)) (.cse9 (not (= ~methaneLevelCritical~0 1))) (.cse2 (not (= |old(~waterLevel~0)| 2))) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse10 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse14 (= ~pumpRunning~0 1)) (.cse5 (not .cse22)) (.cse1 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse6 .cse1 .cse7 .cse8 .cse2) (or .cse5 .cse6 .cse7 .cse8 .cse9 .cse2) (or .cse0 .cse10 .cse5 (and .cse11 .cse12 .cse13 .cse14) .cse9 .cse15) (or .cse16 .cse0 .cse10 .cse5 .cse9 (and .cse17 .cse18 .cse11 .cse12 .cse4 .cse13)) (or .cse16 .cse0 .cse19 .cse9 .cse4) (or .cse16 .cse0 .cse19 .cse1 .cse4) (or .cse0 .cse20 .cse9 .cse4) (or .cse5 .cse6 .cse8 .cse9 .cse21 .cse15) (or (not (= |#NULL.offset| 0)) .cse10 .cse5 (= (ite (= ~waterLevel~0 0) 1 0) 0) (not (= ~head~0.offset 0)) .cse1 .cse8 (not (= |#NULL.base| 0)) (not (<= 0 |#StackHeapBarrier|)) (not (= ~head~0.base 0)) (not (= ~cleanupTimeShifts~0 4)) .cse15) (or .cse5 .cse6 .cse1 .cse8 .cse21 .cse15) (or .cse0 .cse20 .cse1 .cse4) (or .cse0 .cse9 .cse2 .cse3 .cse4) (or .cse0 .cse10 (and .cse18 (<= 2 ~waterLevel~0) .cse11 .cse12 .cse13 .cse14) .cse5 .cse1 (and .cse17 .cse18 .cse19 .cse11 .cse12 .cse4 .cse13)))))) [2022-11-16 16:21:53,147 INFO L895 garLoopResultBuilder]: At program point L210(line 210) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 1))) (.cse3 (not (<= 2 |old(~waterLevel~0)|))) (.cse6 (not (= 0 ~systemActive~0))) (.cse1 (not (= ~methaneLevelCritical~0 0))) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse7 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse5 (not (= ~methaneLevelCritical~0 1)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse5 .cse6) (or .cse0 .cse2 .cse5 .cse3) (or .cse4 .cse1 .cse6) (or .cse4 .cse7 .cse0 .cse1) (or .cse4 .cse7 .cse0 .cse5))) [2022-11-16 16:21:53,147 INFO L895 garLoopResultBuilder]: At program point L206(line 206) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse9 (= 1 ~systemActive~0))) (let ((.cse2 (not (= 0 ~systemActive~0))) (.cse8 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse5 (not (= ~methaneLevelCritical~0 0))) (.cse3 (let ((.cse10 (+ ~waterLevel~0 1))) (and .cse0 (= |timeShift_processEnvironment_~tmp~2#1| 1) .cse9 (<= .cse10 |old(~waterLevel~0)|) (<= |old(~waterLevel~0)| .cse10) (= ~pumpRunning~0 1)))) (.cse4 (not .cse9)) (.cse6 (not (= |old(~pumpRunning~0)| 1))) (.cse1 (not (= ~methaneLevelCritical~0 1))) (.cse7 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 .cse1 .cse2) (or .cse3 .cse4 .cse5 .cse6 .cse7) (or .cse0 .cse5 .cse2) (or .cse0 .cse8 .cse4 .cse5) (or .cse0 .cse8 .cse4 .cse1) (or (not (= |#NULL.offset| 0)) .cse8 .cse4 (and (= |timeShift_isLowWaterLevel_~tmp___0~2#1| |timeShift_isLowWaterLevel_~retValue_acc~3#1|) (= |timeShift_isLowWaterLevel_~tmp~4#1| 0) (= |timeShift_isLowWaterSensorDry_~retValue_acc~10#1| |timeShift_isLowWaterSensorDry_#res#1|) (= |timeShift_isLowWaterLevel_~tmp___0~2#1| 1) (= |timeShift_isLowWaterSensorDry_#res#1| |timeShift_isLowWaterLevel_~tmp~4#1|) (= |timeShift_isLowWaterLevel_~retValue_acc~3#1| |timeShift_isLowWaterLevel_#res#1|) (= |old(~methAndRunningLastTime~0)| ~methAndRunningLastTime~0)) (not (= ~head~0.offset 0)) .cse5 .cse6 (not (= |#NULL.base| 0)) (not (<= 0 |#StackHeapBarrier|)) (not (= ~head~0.base 0)) (not (= ~cleanupTimeShifts~0 4)) .cse7) (or .cse3 .cse4 .cse6 .cse1 .cse7)))) [2022-11-16 16:21:53,148 INFO L899 garLoopResultBuilder]: For program point L479(lines 479 485) no Hoare annotation was computed. [2022-11-16 16:21:53,148 INFO L895 garLoopResultBuilder]: At program point L215(line 215) the Hoare annotation is: (let ((.cse1 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse2 (and (= ~pumpRunning~0 0) (= ~methAndRunningLastTime~0 0) (<= ~waterLevel~0 |old(~waterLevel~0)|) (<= |old(~waterLevel~0)| ~waterLevel~0))) (.cse3 (not (= 1 ~systemActive~0))) (.cse6 (not (= |old(~pumpRunning~0)| 1))) (.cse4 (not (= ~methaneLevelCritical~0 1))) (.cse7 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (not (= ~methaneLevelCritical~0 0))) (.cse8 (not (= 0 ~systemActive~0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse3 .cse5 .cse6 .cse7) (or .cse0 .cse1 .cse2 .cse3 .cse5) (or .cse0 .cse4 .cse8) (or .cse3 .cse6 .cse4 .cse7) (or .cse0 .cse5 .cse8))) [2022-11-16 16:21:53,149 INFO L895 garLoopResultBuilder]: At program point L215-1(lines 196 220) the Hoare annotation is: (let ((.cse23 (= ~pumpRunning~0 0)) (.cse22 (= 1 ~systemActive~0)) (.cse20 (<= ~waterLevel~0 |old(~waterLevel~0)|)) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse21 (<= |old(~waterLevel~0)| ~waterLevel~0)) (.cse24 (<= ~waterLevel~0 1))) (let ((.cse2 (not (= 0 ~systemActive~0))) (.cse6 (and .cse24 (<= 1 ~waterLevel~0))) (.cse8 (not (= |old(~waterLevel~0)| 2))) (.cse1 (not (= ~methaneLevelCritical~0 1))) (.cse14 (not (= |#NULL.offset| 0))) (.cse15 (not (= ~head~0.offset 0))) (.cse16 (not (= |#NULL.base| 0))) (.cse17 (not (<= 0 |#StackHeapBarrier|))) (.cse18 (not (= ~head~0.base 0))) (.cse19 (not (= ~cleanupTimeShifts~0 4))) (.cse4 (not (<= 1 |old(~pumpRunning~0)|))) (.cse7 (not (= |old(~pumpRunning~0)| 1))) (.cse12 (and .cse23 (= |timeShift_processEnvironment_~tmp~2#1| 1) .cse22 .cse20 (or .cse0 .cse21))) (.cse13 (not (<= 2 |old(~waterLevel~0)|))) (.cse9 (and .cse23 .cse24 .cse20 .cse21)) (.cse10 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse3 (not .cse22)) (.cse11 (and (= ~methAndRunningLastTime~0 0) (<= 2 ~waterLevel~0) .cse20 .cse21 (= ~pumpRunning~0 1))) (.cse5 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2) (or .cse3 .cse4 .cse5 .cse6 .cse7 .cse8) (or .cse0 .cse5 .cse2) (or .cse3 .cse4 .cse6 .cse7 .cse1 .cse8) (or .cse9 .cse0 .cse10 .cse3 .cse11 .cse1) (or .cse3 .cse4 .cse7 .cse12 .cse1 .cse13) (or .cse14 .cse10 .cse3 .cse15 .cse5 .cse7 .cse16 (and (<= ~methAndRunningLastTime~0 0) (= (ite (= ~waterLevel~0 0) 1 0) 0) (<= 0 ~methAndRunningLastTime~0)) .cse17 .cse18 .cse19 .cse13) (or .cse0 .cse14 .cse10 .cse3 .cse15 .cse5 .cse16 .cse17 (= |old(~methAndRunningLastTime~0)| ~methAndRunningLastTime~0) .cse18 .cse19) (or .cse3 .cse4 .cse5 .cse7 .cse12 .cse13) (or .cse9 .cse0 .cse10 .cse3 .cse11 .cse5)))) [2022-11-16 16:21:53,149 INFO L899 garLoopResultBuilder]: For program point L149-1(lines 149 155) no Hoare annotation was computed. [2022-11-16 16:21:53,149 INFO L895 garLoopResultBuilder]: At program point L472(line 472) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse25 (<= |old(~waterLevel~0)| ~waterLevel~0))) (let ((.cse27 (= ~pumpRunning~0 0)) (.cse26 (= 1 ~systemActive~0)) (.cse24 (<= ~waterLevel~0 |old(~waterLevel~0)|)) (.cse28 (or .cse0 .cse25)) (.cse16 (<= ~waterLevel~0 1))) (let ((.cse7 (and .cse16 (<= 1 ~waterLevel~0))) (.cse15 (not (<= |old(~waterLevel~0)| 1))) (.cse17 (not (= |#NULL.offset| 0))) (.cse18 (not (= ~head~0.offset 0))) (.cse19 (not (= |#NULL.base| 0))) (.cse20 (not (<= 0 |#StackHeapBarrier|))) (.cse21 (not (= ~head~0.base 0))) (.cse22 (not (= ~cleanupTimeShifts~0 4))) (.cse6 (not (<= 1 |old(~pumpRunning~0)|))) (.cse8 (not (= |old(~pumpRunning~0)| 1))) (.cse13 (and .cse27 (= |timeShift_processEnvironment_~tmp~2#1| 1) .cse26 .cse24 .cse28)) (.cse14 (not (<= 2 |old(~waterLevel~0)|))) (.cse23 (and .cse27 .cse28)) (.cse9 (not (= ~methaneLevelCritical~0 1))) (.cse2 (not (= |old(~waterLevel~0)| 2))) (.cse3 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse4 (not (= 0 ~systemActive~0))) (.cse10 (and .cse27 .cse16 .cse24 .cse25)) (.cse11 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse5 (not .cse26)) (.cse12 (and (= ~methAndRunningLastTime~0 0) (<= 2 ~waterLevel~0) .cse24 .cse25 (= ~pumpRunning~0 1))) (.cse1 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse6 .cse1 .cse7 .cse8 .cse2) (or .cse5 .cse6 .cse7 .cse8 .cse9 .cse2) (or .cse10 .cse0 .cse11 .cse5 .cse12 .cse9) (or .cse5 .cse6 .cse8 .cse13 .cse9 .cse14) (or .cse15 .cse0 .cse16 .cse9 .cse4) (or .cse15 .cse0 .cse16 .cse1 .cse4) (or .cse17 .cse11 .cse5 .cse18 .cse1 .cse8 .cse19 (and (<= ~methAndRunningLastTime~0 0) (= (ite (= ~waterLevel~0 0) 1 0) 0) (<= 0 ~methAndRunningLastTime~0)) .cse20 .cse21 .cse22 .cse14) (or .cse0 .cse23 .cse9 .cse4) (or .cse0 .cse17 .cse11 .cse5 .cse18 .cse1 .cse19 .cse20 (= |old(~methAndRunningLastTime~0)| ~methAndRunningLastTime~0) .cse21 .cse22) (or .cse5 .cse6 .cse1 .cse8 .cse13 .cse14) (or .cse0 .cse1 .cse23 .cse4) (or .cse0 .cse9 .cse2 .cse3 .cse4) (or .cse10 .cse0 .cse11 .cse5 .cse12 .cse1))))) [2022-11-16 16:21:53,150 INFO L899 garLoopResultBuilder]: For program point L472-1(line 472) no Hoare annotation was computed. [2022-11-16 16:21:53,150 INFO L895 garLoopResultBuilder]: At program point timeShiftENTRY(lines 138 161) the Hoare annotation is: (let ((.cse15 (= 1 ~systemActive~0)) (.cse16 (= ~pumpRunning~0 |old(~pumpRunning~0)|)) (.cse12 (= ~pumpRunning~0 0)) (.cse18 (= 0 ~systemActive~0)) (.cse13 (= ~methAndRunningLastTime~0 0)) (.cse14 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse17 (= ~pumpRunning~0 1))) (let ((.cse7 (and .cse13 .cse14 .cse17)) (.cse1 (and .cse16 .cse12 .cse14 .cse18)) (.cse3 (not .cse18)) (.cse6 (not (= |old(~pumpRunning~0)| 1))) (.cse10 (and .cse16 .cse15 .cse14 .cse17)) (.cse8 (not (= ~methaneLevelCritical~0 1))) (.cse9 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse4 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse5 (not .cse15)) (.cse11 (and .cse12 .cse13 .cse14)) (.cse2 (not (= ~methaneLevelCritical~0 0)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse5 .cse6 .cse7 .cse8 .cse9) (or .cse5 .cse2 .cse6 .cse10 .cse9) (or (not (= |#NULL.offset| 0)) .cse4 .cse5 (not (= ~head~0.offset 0)) .cse2 .cse6 .cse7 (not (= |#NULL.base| 0)) (not (<= 0 |#StackHeapBarrier|)) (not (= ~head~0.base 0)) (not (= ~cleanupTimeShifts~0 4)) .cse9) (or .cse0 .cse4 .cse5 .cse11 .cse8) (or .cse0 .cse1 .cse8 .cse3) (or .cse5 .cse6 .cse10 .cse8 .cse9) (or .cse0 .cse4 .cse5 .cse11 .cse2)))) [2022-11-16 16:21:53,150 INFO L899 garLoopResultBuilder]: For program point L142-1(lines 141 160) no Hoare annotation was computed. [2022-11-16 16:21:53,150 INFO L895 garLoopResultBuilder]: At program point L1005(line 1005) the Hoare annotation is: (let ((.cse2 (not (= |old(~pumpRunning~0)| 1))) (.cse3 (not (<= 2 |old(~waterLevel~0)|))) (.cse6 (not (= 0 ~systemActive~0))) (.cse1 (not (= ~methaneLevelCritical~0 0))) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse7 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse0 (not (= 1 ~systemActive~0))) (.cse5 (not (= ~methaneLevelCritical~0 1)))) (and (or .cse0 .cse1 .cse2 .cse3) (or .cse4 .cse5 .cse6) (or .cse0 .cse2 .cse5 .cse3) (or .cse4 .cse1 .cse6) (or .cse4 .cse7 .cse0 .cse1) (or .cse4 .cse7 .cse0 .cse5))) [2022-11-16 16:21:53,151 INFO L899 garLoopResultBuilder]: For program point L204(lines 204 212) no Hoare annotation was computed. [2022-11-16 16:21:53,151 INFO L899 garLoopResultBuilder]: For program point timeShiftEXIT(lines 138 161) no Hoare annotation was computed. [2022-11-16 16:21:53,151 INFO L899 garLoopResultBuilder]: For program point timeShiftErr0ASSERT_VIOLATIONERROR_FUNCTION(line 1005) no Hoare annotation was computed. [2022-11-16 16:21:53,152 INFO L895 garLoopResultBuilder]: At program point L200(lines 200 217) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse15 (+ ~waterLevel~0 1)) (.cse9 (= ~pumpRunning~0 0))) (let ((.cse14 (= 1 ~systemActive~0)) (.cse13 (let ((.cse17 (<= ~waterLevel~0 |old(~waterLevel~0)|))) (or (<= .cse15 |old(~waterLevel~0)|) (and (not (< 0 ~waterLevel~0)) .cse17) (and .cse9 .cse17)))) (.cse12 (= ~methAndRunningLastTime~0 0)) (.cse16 (or .cse0 (<= |old(~waterLevel~0)| ~waterLevel~0)))) (let ((.cse10 (not (= 0 ~systemActive~0))) (.cse4 (and .cse13 .cse12 .cse16)) (.cse8 (not (<= |old(~waterLevel~0)| 1))) (.cse1 (not (= |old(~methAndRunningLastTime~0)| 0))) (.cse3 (not (= ~methaneLevelCritical~0 1))) (.cse2 (not .cse14)) (.cse5 (not (= ~methaneLevelCritical~0 0))) (.cse6 (not (= |old(~pumpRunning~0)| 1))) (.cse11 (and .cse13 .cse14 (<= |old(~waterLevel~0)| .cse15) (= ~pumpRunning~0 1) .cse16)) (.cse7 (not (<= 2 |old(~waterLevel~0)|)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or (not (= |#NULL.offset| 0)) .cse1 .cse2 (not (= ~head~0.offset 0)) .cse5 .cse6 (not (= |#NULL.base| 0)) (not (<= 0 |#StackHeapBarrier|)) (= |old(~methAndRunningLastTime~0)| ~methAndRunningLastTime~0) (not (= ~head~0.base 0)) (not (= ~cleanupTimeShifts~0 4)) .cse7) (or .cse8 .cse0 .cse9 .cse1 .cse2 .cse3) (or .cse0 .cse3 .cse10) (or .cse0 .cse5 .cse10) (or .cse0 .cse1 .cse2 .cse5 .cse4) (or .cse8 .cse0 .cse9 .cse1 .cse2 .cse5) (or .cse2 .cse6 .cse3 .cse11 .cse7) (or .cse1 .cse12 .cse2 .cse6 .cse3 .cse7) (or .cse2 .cse5 .cse6 .cse11 .cse7))))) [2022-11-16 16:21:53,152 INFO L895 garLoopResultBuilder]: At program point L337(line 337) the Hoare annotation is: (let ((.cse0 (<= 2 ~waterLevel~0)) (.cse1 (= 1 ~systemActive~0)) (.cse2 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse3 (= |ULTIMATE.start_main_~tmp~5#1| 1)) (.cse4 (not (= 0 ~systemActive~0))) (.cse5 (= ~pumpRunning~0 1))) (or (and (= ~methaneLevelCritical~0 0) .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse1 (= ~methaneLevelCritical~0 1) .cse2 .cse3 .cse4 .cse5))) [2022-11-16 16:21:53,152 INFO L902 garLoopResultBuilder]: At program point ULTIMATE.startENTRY(line -1) the Hoare annotation is: true [2022-11-16 16:21:53,152 INFO L902 garLoopResultBuilder]: At program point L119(lines 56 123) the Hoare annotation is: true [2022-11-16 16:21:53,152 INFO L899 garLoopResultBuilder]: For program point L86(lines 86 92) no Hoare annotation was computed. [2022-11-16 16:21:53,153 INFO L899 garLoopResultBuilder]: For program point L86-1(lines 86 92) no Hoare annotation was computed. [2022-11-16 16:21:53,153 INFO L895 garLoopResultBuilder]: At program point L78(line 78) the Hoare annotation is: (let ((.cse7 (= 0 ~systemActive~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse6 (= ~methaneLevelCritical~0 0)) (.cse8 (<= 2 ~waterLevel~0)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= ~methaneLevelCritical~0 1)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse5 (= |ULTIMATE.start_main_~tmp~5#1| 1)) (.cse9 (= ~pumpRunning~0 1))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse1 .cse6 .cse4 .cse5 .cse7) (and .cse1 .cse6 .cse8 .cse2 .cse4 .cse5 .cse9) (and .cse0 .cse1 .cse3 .cse4 .cse5 .cse7) (and .cse0 .cse1 .cse6 .cse2 .cse4 .cse5) (and (= 2 ~waterLevel~0) .cse6 .cse2 .cse4 .cse5 .cse9) (and .cse8 .cse2 .cse3 .cse4 .cse5 .cse9))) [2022-11-16 16:21:53,153 INFO L899 garLoopResultBuilder]: For program point ULTIMATE.startEXIT(line -1) no Hoare annotation was computed. [2022-11-16 16:21:53,154 INFO L895 garLoopResultBuilder]: At program point L442(lines 442 449) the Hoare annotation is: (let ((.cse2 (select |#memory_int| 11)) (.cse8 (select |#memory_int| 8)) (.cse9 (select |#memory_int| 16)) (.cse4 (select |#memory_int| 9)) (.cse0 (select |#memory_int| 14)) (.cse5 (select |#memory_int| 7)) (.cse1 (select |#memory_int| 6)) (.cse6 (select |#memory_int| 13)) (.cse10 (select |#memory_int| 1)) (.cse11 (select |#memory_int| 15)) (.cse3 (select |#memory_int| 10)) (.cse7 (select |#memory_int| 5))) (and (= (select .cse0 3) 84) (= (select .cse1 2) 102) (= (select .cse2 1) 0) (= 1 (select |#valid| 5)) (= 32 (select .cse3 1)) (= (select |#length| 3) 12) (= (select .cse4 0) 79) (= (select |#valid| 15) 1) (= 112 (select .cse5 4)) (= (select .cse1 0) 79) (= 3 (select |#length| 10)) (= ~pumpRunning~0 0) (= (select |#valid| 26) 1) (= (select .cse5 1) 80) (= 58 (select .cse6 5)) (= (select |#length| 8) 3) (= ~methAndRunningLastTime~0 0) (= (select |#length| 6) 4) (= (select |#valid| 9) 1) (= (select |#length| 4) 13) (= 117 (select .cse5 2)) (= (select .cse7 2) 0) (= 7 (select |#length| 7)) (= 7 (select |#length| 13)) (= 110 (select .cse8 1)) (= (select .cse1 1) 102) (= (select |#valid| 11) 1) (= (select |#valid| 27) 1) (= ~methaneLevelCritical~0 0) (= 58 (select .cse5 5)) (= (select .cse8 0) 79) (= 30 (select |#length| 23)) (= 41 (select .cse9 0)) (= 44 (select .cse5 0)) (= (select |#length| 24) 9) (= |ULTIMATE.start_valid_product_~retValue_acc~6#1| |ULTIMATE.start_valid_product_#res#1|) (= 31 (select |#length| 2)) (= ~head~0.offset 0) (= 44 (select .cse6 0)) (= (select .cse2 0) 10) (= (select .cse0 4) 0) (= 2 (select |#length| 1)) (= (select |#length| 17) 30) (= 73 (select .cse0 2)) (= 9 (select |#length| 18)) (= (select |#length| 19) 21) (= (select |#valid| 3) 1) (= (select |#valid| 7) 1) (= (select |#length| 22) 21) (= (select |#valid| 18) 1) (= (select |#valid| 22) 1) (= 3 (select |#length| 5)) (= 30 (select |#length| 26)) (= 77 (select .cse6 1)) (= 2 (select |#length| 11)) (= 1 ~systemActive~0) (= (select |#length| 15) 3) (= (select |#valid| 24) 1) (= (select .cse4 3) 0) (= (select |#valid| 12) 1) (= (select |#valid| 28) 1) (= (select .cse0 1) 82) (= (select |#valid| 4) 1) (= (select .cse4 1) 102) (= (select .cse8 2) 0) (= (select .cse9 1) 0) (= 101 (select .cse6 2)) (= 25 (select |#length| 25)) (= (select |#valid| 1) 1) (= (select .cse5 6) 0) (= (select .cse4 2) 102) (= (select |#valid| 20) 1) (= (select .cse7 0) 79) (= (select |#length| 12) 13) (= 2 (select |#length| 16)) (= (select |#valid| 21) 1) (= (select |#length| 9) 4) (= 104 (select .cse6 4)) (= (select |#length| 21) 9) (= (select |#valid| 14) 1) (= |ULTIMATE.start_main_~tmp~5#1| 1) (= 116 (select .cse6 3)) (= 5 (select |#length| 14)) (= (select |#valid| 0) 0) (= 30 (select |#length| 20)) (= (select |#valid| 25) 1) (= ~head~0.base 0) (= (select |#valid| 2) 1) (= |#NULL.offset| 0) (= (select .cse0 0) 67) (= ~waterLevel~0 1) (= (select .cse3 2) 0) (= (select |#length| 27) 9) (= (select .cse10 0) 48) (= |ULTIMATE.start_valid_product_#res#1| |ULTIMATE.start_main_~tmp~5#1|) (= (select |#valid| 23) 1) (= (select |#valid| 19) 1) (= (select .cse11 1) 75) (= 109 (select .cse5 3)) (= (select .cse1 3) 0) (= 0 (select .cse6 6)) (= (select |#valid| 16) 1) (= (select .cse11 2) 0) (= (select |#valid| 6) 1) (= (select .cse10 1) 0) (= (select .cse11 0) 79) (= (select .cse3 0) 41) (= (select |#valid| 17) 1) (= (select |#valid| 10) 1) (= (select .cse7 1) 110) (= (select |#valid| 8) 1) (= (select |#length| 28) 25) (= (select |#valid| 13) 1) (< 0 |#StackHeapBarrier|) (= ~cleanupTimeShifts~0 4) (= |#NULL.base| 0))) [2022-11-16 16:21:53,155 INFO L902 garLoopResultBuilder]: At program point L442-2(lines 442 449) the Hoare annotation is: true [2022-11-16 16:21:53,155 INFO L895 garLoopResultBuilder]: At program point L116(lines 65 117) the Hoare annotation is: false [2022-11-16 16:21:53,155 INFO L899 garLoopResultBuilder]: For program point L335(lines 335 341) no Hoare annotation was computed. [2022-11-16 16:21:53,155 INFO L895 garLoopResultBuilder]: At program point L335-1(lines 335 341) the Hoare annotation is: (let ((.cse0 (let ((.cse2 (= 0 ~systemActive~0))) (let ((.cse1 (let ((.cse3 (= ~pumpRunning~0 0)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse5 (= |ULTIMATE.start_main_~tmp~5#1| 1))) (or (and .cse3 .cse4 .cse5 (not .cse2)) (and .cse3 (= ~methAndRunningLastTime~0 0) .cse4 .cse5))))) (or (and (= 1 ~systemActive~0) .cse1) (and .cse1 (or (< 1 ~waterLevel~0) .cse2))))))) (or (and .cse0 (= ~methaneLevelCritical~0 1)) (and (= ~methaneLevelCritical~0 0) .cse0))) [2022-11-16 16:21:53,156 INFO L899 garLoopResultBuilder]: For program point L104(lines 104 110) no Hoare annotation was computed. [2022-11-16 16:21:53,156 INFO L895 garLoopResultBuilder]: At program point L104-2(lines 96 111) the Hoare annotation is: (let ((.cse1 (= ~methAndRunningLastTime~0 0)) (.cse3 (= ~methaneLevelCritical~0 1)) (.cse0 (= ~pumpRunning~0 0)) (.cse6 (= 0 ~systemActive~0)) (.cse7 (= ~methaneLevelCritical~0 0)) (.cse8 (<= 2 ~waterLevel~0)) (.cse2 (= 1 ~systemActive~0)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse5 (= |ULTIMATE.start_main_~tmp~5#1| 1)) (.cse9 (= ~pumpRunning~0 1))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse3 .cse4 .cse5 .cse6) (and .cse0 .cse1 .cse7 .cse2 .cse4 .cse5) (and .cse8 .cse2 .cse3 .cse4 .cse5 .cse9) (and .cse0 .cse7 .cse4 .cse5 .cse6) (and .cse7 .cse8 .cse2 .cse4 .cse5 .cse9))) [2022-11-16 16:21:53,156 INFO L899 garLoopResultBuilder]: For program point L67(lines 66 115) no Hoare annotation was computed. [2022-11-16 16:21:53,156 INFO L895 garLoopResultBuilder]: At program point L96(lines 96 111) the Hoare annotation is: (let ((.cse7 (= 0 ~systemActive~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse3 (= ~methaneLevelCritical~0 1)) (.cse6 (= ~methaneLevelCritical~0 0)) (.cse8 (<= 2 ~waterLevel~0)) (.cse2 (= 1 ~systemActive~0)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse5 (= |ULTIMATE.start_main_~tmp~5#1| 1)) (.cse9 (= ~pumpRunning~0 1))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse1 .cse6 .cse4 .cse5 .cse7) (and .cse0 .cse1 .cse3 .cse4 .cse5 .cse7) (and .cse0 .cse1 .cse6 .cse2 .cse4 .cse5) (and .cse8 .cse2 .cse3 .cse4 .cse5 .cse9) (and .cse6 .cse8 .cse2 .cse4 .cse5 .cse9))) [2022-11-16 16:21:53,157 INFO L895 garLoopResultBuilder]: At program point L88(line 88) the Hoare annotation is: (let ((.cse7 (= 0 ~systemActive~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse6 (= ~methaneLevelCritical~0 0)) (.cse8 (<= 2 ~waterLevel~0)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= ~methaneLevelCritical~0 1)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse5 (= |ULTIMATE.start_main_~tmp~5#1| 1)) (.cse9 (= ~pumpRunning~0 1))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse1 .cse6 .cse4 .cse5 .cse7) (and .cse1 .cse6 .cse8 .cse2 .cse4 .cse5 .cse9) (and .cse0 .cse1 .cse3 .cse4 .cse5 .cse7) (and .cse0 .cse1 .cse6 .cse2 .cse4 .cse5) (and (= 2 ~waterLevel~0) .cse6 .cse2 .cse4 .cse5 .cse9) (and .cse8 .cse2 .cse3 .cse4 .cse5 .cse9))) [2022-11-16 16:21:53,157 INFO L895 garLoopResultBuilder]: At program point L113(lines 66 115) the Hoare annotation is: (let ((.cse7 (= 0 ~systemActive~0)) (.cse0 (= ~pumpRunning~0 0)) (.cse1 (= ~methAndRunningLastTime~0 0)) (.cse6 (= ~methaneLevelCritical~0 0)) (.cse8 (<= 2 ~waterLevel~0)) (.cse2 (= 1 ~systemActive~0)) (.cse3 (= ~methaneLevelCritical~0 1)) (.cse4 (= |ULTIMATE.start_test_~splverifierCounter~0#1| 0)) (.cse5 (= |ULTIMATE.start_main_~tmp~5#1| 1)) (.cse9 (= ~pumpRunning~0 1))) (or (and .cse0 .cse1 .cse2 .cse3 .cse4 .cse5) (and .cse0 .cse1 .cse6 .cse4 .cse5 .cse7) (and .cse1 .cse6 .cse8 .cse2 .cse4 .cse5 .cse9) (and .cse0 .cse1 .cse3 .cse4 .cse5 .cse7) (and .cse0 .cse1 .cse6 .cse2 .cse4 .cse5) (and (= 2 ~waterLevel~0) .cse6 .cse2 .cse4 .cse5 .cse9) (and .cse8 .cse2 .cse3 .cse4 .cse5 .cse9))) [2022-11-16 16:21:53,157 INFO L899 garLoopResultBuilder]: For program point L76(lines 76 82) no Hoare annotation was computed. [2022-11-16 16:21:53,158 INFO L899 garLoopResultBuilder]: For program point L76-1(lines 76 82) no Hoare annotation was computed. [2022-11-16 16:21:53,158 INFO L895 garLoopResultBuilder]: At program point processEnvironment__wrappee__highWaterSensorENTRY(lines 170 194) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= 1 ~systemActive~0))) (.cse3 (not (= ~methAndRunningLastTime~0 0)))) (and (or .cse0 .cse1 .cse2 (not (= ~methaneLevelCritical~0 1)) .cse3) (or .cse0 .cse1 .cse2 (not (= ~methaneLevelCritical~0 0)) .cse3))) [2022-11-16 16:21:53,158 INFO L895 garLoopResultBuilder]: At program point L184(line 184) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (and (= ~pumpRunning~0 0) (< ~waterLevel~0 2) (= |processEnvironment__wrappee__highWaterSensor_~tmp~1#1| 0))) (.cse2 (not (= 1 ~systemActive~0))) (.cse4 (not (= ~methaneLevelCritical~0 0))) (.cse3 (not (= ~methAndRunningLastTime~0 0)))) (and (or .cse0 .cse1 .cse2 (not (= ~methaneLevelCritical~0 1)) .cse3) (or .cse0 (not (= |#NULL.offset| 0)) .cse2 (and (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~retValue_acc~2#1| |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1|) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_~retValue_acc~9#1| |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1|) (= |processEnvironment__wrappee__highWaterSensor_~tmp~1#1| |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1|) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp___0~1#1| 0) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_~retValue_acc~9#1| 1) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1| |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp~3#1|)) (not (= ~head~0.offset 0)) .cse4 (not (= |#NULL.base| 0)) (not (<= 0 |#StackHeapBarrier|)) .cse3 (not (= ~head~0.base 0)) (not (= ~cleanupTimeShifts~0 4))) (or .cse0 .cse1 .cse2 .cse4 .cse3))) [2022-11-16 16:21:53,159 INFO L895 garLoopResultBuilder]: At program point L178(lines 178 186) the Hoare annotation is: (let ((.cse2 (< ~waterLevel~0 2))) (let ((.cse1 (not .cse2))) (let ((.cse8 (= ~pumpRunning~0 0)) (.cse4 (not (= |old(~pumpRunning~0)| 0))) (.cse5 (not (= 1 ~systemActive~0))) (.cse6 (not (= ~methaneLevelCritical~0 0))) (.cse9 (and .cse2 (= |processEnvironment__wrappee__highWaterSensor_~tmp~1#1| 0))) (.cse7 (not (= ~methAndRunningLastTime~0 0))) (.cse10 (and .cse1 (= |processEnvironment__wrappee__highWaterSensor_~tmp~1#1| 1)))) (and (or (and (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~retValue_acc~2#1| |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1|) (let ((.cse0 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_~retValue_acc~9#1| |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1|))) (or (and .cse0 .cse1 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_~retValue_acc~9#1| 0)) (and .cse0 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_~retValue_acc~9#1| 1) .cse2))) (= |processEnvironment__wrappee__highWaterSensor_~tmp~1#1| |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_#res#1|) (= |processEnvironment__wrappee__highWaterSensor_isHighWaterSensorDry_#res#1| |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp~3#1|) (let ((.cse3 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp~3#1| 0))) (or (and .cse3 (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp___0~1#1| 1)) (and (= |processEnvironment__wrappee__highWaterSensor_isHighWaterLevel_~tmp___0~1#1| 0) (not .cse3))))) .cse4 (not (= |#NULL.offset| 0)) .cse5 (not (= ~head~0.offset 0)) .cse6 (not (= |#NULL.base| 0)) (not (<= 0 |#StackHeapBarrier|)) .cse7 (not (= ~head~0.base 0)) (not (= ~cleanupTimeShifts~0 4))) (or .cse4 .cse8 .cse5 .cse6 .cse7) (or .cse4 .cse5 (and .cse8 (or .cse9 .cse10)) (not (= ~methaneLevelCritical~0 1)) .cse7) (or .cse4 .cse5 .cse6 .cse9 .cse7 .cse10))))) [2022-11-16 16:21:53,159 INFO L895 garLoopResultBuilder]: At program point L174(lines 174 191) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (= ~pumpRunning~0 0)) (.cse2 (not (= 1 ~systemActive~0))) (.cse3 (not (= ~methAndRunningLastTime~0 0)))) (and (or .cse0 .cse1 .cse2 (not (= ~methaneLevelCritical~0 1)) .cse3) (or .cse0 .cse1 .cse2 (not (= ~methaneLevelCritical~0 0)) .cse3))) [2022-11-16 16:21:53,159 INFO L895 garLoopResultBuilder]: At program point L189(line 189) the Hoare annotation is: (let ((.cse0 (not (= |old(~pumpRunning~0)| 0))) (.cse1 (not (= 1 ~systemActive~0))) (.cse2 (not (= ~methAndRunningLastTime~0 0)))) (and (or .cse0 .cse1 (not (= ~methaneLevelCritical~0 1)) .cse2) (or .cse0 .cse1 (not (= ~methaneLevelCritical~0 0)) .cse2))) [2022-11-16 16:21:53,159 INFO L899 garLoopResultBuilder]: For program point L189-1(lines 170 194) no Hoare annotation was computed. [2022-11-16 16:21:53,160 INFO L899 garLoopResultBuilder]: For program point processEnvironment__wrappee__highWaterSensorEXIT(lines 170 194) no Hoare annotation was computed. [2022-11-16 16:21:53,160 INFO L899 garLoopResultBuilder]: For program point waterRiseEXIT(lines 546 557) no Hoare annotation was computed. [2022-11-16 16:21:53,160 INFO L895 garLoopResultBuilder]: At program point waterRiseENTRY(lines 546 557) the Hoare annotation is: (let ((.cse4 (not (= 0 ~systemActive~0))) (.cse1 (not (= ~methaneLevelCritical~0 0))) (.cse6 (not (= ~pumpRunning~0 1))) (.cse8 (not (<= 2 |old(~waterLevel~0)|))) (.cse0 (not (= ~pumpRunning~0 0))) (.cse5 (not (= 1 ~systemActive~0))) (.cse7 (not (= ~methaneLevelCritical~0 1))) (.cse2 (= |old(~waterLevel~0)| ~waterLevel~0)) (.cse3 (not (= ~methAndRunningLastTime~0 0)))) (and (or .cse0 .cse1 .cse2 .cse3 .cse4) (or .cse5 .cse6 .cse7 .cse2 .cse8) (or .cse0 .cse7 .cse2 .cse3 .cse4) (or .cse5 .cse1 .cse6 (not (= |old(~waterLevel~0)| 2)) .cse2) (or .cse0 .cse5 .cse1 .cse2 .cse3) (or .cse5 .cse1 .cse6 .cse2 .cse3 .cse8) (or .cse0 .cse5 .cse7 .cse2 .cse3))) [2022-11-16 16:21:53,164 INFO L444 BasicCegarLoop]: Path program histogram: [2, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1] [2022-11-16 16:21:53,166 INFO L178 ceAbstractionStarter]: Computing trace abstraction results [2022-11-16 16:21:53,250 INFO L202 PluginConnector]: Adding new model de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction CFG 16.11 04:21:53 BoogieIcfgContainer [2022-11-16 16:21:53,258 INFO L132 PluginConnector]: ------------------------ END TraceAbstraction---------------------------- [2022-11-16 16:21:53,259 INFO L113 PluginConnector]: ------------------------Witness Printer---------------------------- [2022-11-16 16:21:53,259 INFO L271 PluginConnector]: Initializing Witness Printer... [2022-11-16 16:21:53,260 INFO L275 PluginConnector]: Witness Printer initialized [2022-11-16 16:21:53,260 INFO L185 PluginConnector]: Executing the observer RCFGCatcher from plugin Witness Printer for "de.uni_freiburg.informatik.ultimate.plugins.generator.rcfgbuilder CFG 16.11 04:16:51" (3/4) ... [2022-11-16 16:21:53,264 INFO L137 WitnessPrinter]: Generating witness for correct program [2022-11-16 16:21:53,270 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure deactivatePump [2022-11-16 16:21:53,271 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__base [2022-11-16 16:21:53,271 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure changeMethaneLevel [2022-11-16 16:21:53,271 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure isMethaneLevelCritical [2022-11-16 16:21:53,271 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure cleanup [2022-11-16 16:21:53,271 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure timeShift [2022-11-16 16:21:53,272 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure processEnvironment__wrappee__highWaterSensor [2022-11-16 16:21:53,272 INFO L361 RCFGBacktranslator]: Ignoring RootEdge to procedure waterRise [2022-11-16 16:21:53,289 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 74 nodes and edges [2022-11-16 16:21:53,289 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 27 nodes and edges [2022-11-16 16:21:53,290 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 12 nodes and edges [2022-11-16 16:21:53,290 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 5 nodes and edges [2022-11-16 16:21:53,291 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 2 nodes and edges [2022-11-16 16:21:53,291 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-16 16:21:53,292 INFO L915 BoogieBacktranslator]: Reduced CFG by removing 1 nodes and edges [2022-11-16 16:21:53,319 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((unknown-#memory_int-unknown[14][3] == 84 && unknown-#memory_int-unknown[6][2] == 102) && unknown-#memory_int-unknown[11][1] == 0) && 1 == \valid[5]) && 32 == unknown-#memory_int-unknown[10][1]) && unknown-#length-unknown[3] == 12) && unknown-#memory_int-unknown[9][0] == 79) && \valid[15] == 1) && 112 == unknown-#memory_int-unknown[7][4]) && unknown-#memory_int-unknown[6][0] == 79) && 3 == unknown-#length-unknown[10]) && pumpRunning == 0) && \valid[26] == 1) && unknown-#memory_int-unknown[7][1] == 80) && 58 == unknown-#memory_int-unknown[13][5]) && unknown-#length-unknown[8] == 3) && methAndRunningLastTime == 0) && unknown-#length-unknown[6] == 4) && \valid[9] == 1) && unknown-#length-unknown[4] == 13) && 117 == unknown-#memory_int-unknown[7][2]) && unknown-#memory_int-unknown[5][2] == 0) && 7 == unknown-#length-unknown[7]) && 7 == unknown-#length-unknown[13]) && 110 == unknown-#memory_int-unknown[8][1]) && unknown-#memory_int-unknown[6][1] == 102) && \valid[11] == 1) && \valid[27] == 1) && methaneLevelCritical == 0) && 58 == unknown-#memory_int-unknown[7][5]) && unknown-#memory_int-unknown[8][0] == 79) && 30 == unknown-#length-unknown[23]) && 41 == unknown-#memory_int-unknown[16][0]) && 44 == unknown-#memory_int-unknown[7][0]) && unknown-#length-unknown[24] == 9) && retValue_acc == \result) && 31 == unknown-#length-unknown[2]) && head == 0) && 44 == unknown-#memory_int-unknown[13][0]) && unknown-#memory_int-unknown[11][0] == 10) && unknown-#memory_int-unknown[14][4] == 0) && 2 == unknown-#length-unknown[1]) && unknown-#length-unknown[17] == 30) && 73 == unknown-#memory_int-unknown[14][2]) && 9 == unknown-#length-unknown[18]) && unknown-#length-unknown[19] == 21) && \valid[3] == 1) && \valid[7] == 1) && unknown-#length-unknown[22] == 21) && \valid[18] == 1) && \valid[22] == 1) && 3 == unknown-#length-unknown[5]) && 30 == unknown-#length-unknown[26]) && 77 == unknown-#memory_int-unknown[13][1]) && 2 == unknown-#length-unknown[11]) && 1 == systemActive) && unknown-#length-unknown[15] == 3) && \valid[24] == 1) && unknown-#memory_int-unknown[9][3] == 0) && \valid[12] == 1) && \valid[28] == 1) && unknown-#memory_int-unknown[14][1] == 82) && \valid[4] == 1) && unknown-#memory_int-unknown[9][1] == 102) && unknown-#memory_int-unknown[8][2] == 0) && unknown-#memory_int-unknown[16][1] == 0) && 101 == unknown-#memory_int-unknown[13][2]) && 25 == unknown-#length-unknown[25]) && \valid[1] == 1) && unknown-#memory_int-unknown[7][6] == 0) && unknown-#memory_int-unknown[9][2] == 102) && \valid[20] == 1) && unknown-#memory_int-unknown[5][0] == 79) && unknown-#length-unknown[12] == 13) && 2 == unknown-#length-unknown[16]) && \valid[21] == 1) && unknown-#length-unknown[9] == 4) && 104 == unknown-#memory_int-unknown[13][4]) && unknown-#length-unknown[21] == 9) && \valid[14] == 1) && tmp == 1) && 116 == unknown-#memory_int-unknown[13][3]) && 5 == unknown-#length-unknown[14]) && \valid[0] == 0) && 30 == unknown-#length-unknown[20]) && \valid[25] == 1) && head == 0) && \valid[2] == 1) && #NULL == 0) && unknown-#memory_int-unknown[14][0] == 67) && waterLevel == 1) && unknown-#memory_int-unknown[10][2] == 0) && unknown-#length-unknown[27] == 9) && unknown-#memory_int-unknown[1][0] == 48) && \result == tmp) && \valid[23] == 1) && \valid[19] == 1) && unknown-#memory_int-unknown[15][1] == 75) && 109 == unknown-#memory_int-unknown[7][3]) && unknown-#memory_int-unknown[6][3] == 0) && 0 == unknown-#memory_int-unknown[13][6]) && \valid[16] == 1) && unknown-#memory_int-unknown[15][2] == 0) && \valid[6] == 1) && unknown-#memory_int-unknown[1][1] == 0) && unknown-#memory_int-unknown[15][0] == 79) && unknown-#memory_int-unknown[10][0] == 41) && \valid[17] == 1) && \valid[10] == 1) && unknown-#memory_int-unknown[5][1] == 110) && \valid[8] == 1) && unknown-#length-unknown[28] == 25) && \valid[13] == 1) && 0 < unknown-#StackHeapBarrier-unknown) && cleanupTimeShifts == 4) && #NULL == 0 [2022-11-16 16:21:53,320 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((((!(\old(pumpRunning) == 0) || (((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && \old(waterLevel) == waterLevel) && 0 == systemActive)) || !(methaneLevelCritical == 0)) || !(0 == systemActive)) && (((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || ((methAndRunningLastTime == 0 && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(methaneLevelCritical == 1)) || !(2 <= \old(waterLevel)))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (((pumpRunning == \old(pumpRunning) && 1 == systemActive) && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(2 <= \old(waterLevel)))) && (((((((((((!(#NULL == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || ((methAndRunningLastTime == 0 && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(#NULL == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(head == 0)) || !(cleanupTimeShifts == 4)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && \old(waterLevel) == waterLevel)) || !(methaneLevelCritical == 1))) && (((!(\old(pumpRunning) == 0) || (((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && \old(waterLevel) == waterLevel) && 0 == systemActive)) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && ((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || (((pumpRunning == \old(pumpRunning) && 1 == systemActive) && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(methaneLevelCritical == 1)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && \old(waterLevel) == waterLevel)) || !(methaneLevelCritical == 0)) [2022-11-16 16:21:53,322 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || ((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && methAndRunningLastTime == 0) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) && (((((((((((!(#NULL == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(#NULL == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || \old(methAndRunningLastTime) == methAndRunningLastTime) || !(head == 0)) || !(cleanupTimeShifts == 4)) || !(2 <= \old(waterLevel)))) && (((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || ((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && methAndRunningLastTime == 0) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel)))) && (((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && ((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || ((((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && 1 == systemActive) && \old(waterLevel) <= waterLevel + 1) && pumpRunning == 1) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(2 <= \old(waterLevel)))) && (((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(2 <= \old(waterLevel)))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || ((((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && 1 == systemActive) && \old(waterLevel) <= waterLevel + 1) && pumpRunning == 1) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(2 <= \old(waterLevel))) [2022-11-16 16:21:53,323 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(0 == systemActive)) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || (waterLevel <= 1 && 1 <= waterLevel)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (waterLevel <= 1 && 1 <= waterLevel)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && ((((((((pumpRunning == 0 && waterLevel <= 1) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) || !(\old(pumpRunning) == 0)) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || ((((methAndRunningLastTime == 0 && 2 <= waterLevel) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && pumpRunning == 1)) || !(methaneLevelCritical == 1))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(pumpRunning) == 1)) || ((((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && waterLevel <= \old(waterLevel)) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(methaneLevelCritical == 1)) || !(2 <= \old(waterLevel)))) && (((((((((((!(#NULL == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(#NULL == 0)) || ((methAndRunningLastTime <= 0 && (if waterLevel == 0 then 1 else 0) == 0) && 0 <= methAndRunningLastTime)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(head == 0)) || !(cleanupTimeShifts == 4)) || !(2 <= \old(waterLevel)))) && ((((((((((!(\old(pumpRunning) == 0) || !(#NULL == 0)) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(#NULL == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || \old(methAndRunningLastTime) == methAndRunningLastTime) || !(head == 0)) || !(cleanupTimeShifts == 4))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || ((((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && waterLevel <= \old(waterLevel)) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(2 <= \old(waterLevel)))) && ((((((((pumpRunning == 0 && waterLevel <= 1) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) || !(\old(pumpRunning) == 0)) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || ((((methAndRunningLastTime == 0 && 2 <= waterLevel) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && pumpRunning == 1)) || !(methaneLevelCritical == 0)) [2022-11-16 16:21:53,323 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(methAndRunningLastTime == 0)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(methAndRunningLastTime == 0)) [2022-11-16 16:21:53,325 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || (((((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && waterLevel <= \old(waterLevel)) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(2 <= \old(waterLevel))) && (((((((((pumpRunning == 0 && waterLevel <= 1) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical) || !(\old(pumpRunning) == 0)) || !(\old(methAndRunningLastTime) == 0)) || (((((methAndRunningLastTime == 0 && 2 <= waterLevel) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical) && pumpRunning == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && ((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel) || !(0 == systemActive))) && (((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (((pumpRunning == 0 && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical)) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || ((((methAndRunningLastTime == 0 && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical) && pumpRunning == 1)) || !(2 <= \old(waterLevel)))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || (waterLevel <= 1 && 1 <= waterLevel)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (waterLevel <= 1 && 1 <= waterLevel)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && (((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (((((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && waterLevel <= \old(waterLevel)) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(2 <= \old(waterLevel)))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || waterLevel <= 1) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || waterLevel <= 1) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && (((((((((((!(#NULL == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(#NULL == 0)) || ((methAndRunningLastTime <= 0 && (if waterLevel == 0 then 1 else 0) == 0) && 0 <= methAndRunningLastTime)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(head == 0)) || !(cleanupTimeShifts == 4)) || !(2 <= \old(waterLevel)))) && ((((((((((!(\old(pumpRunning) == 0) || !(#NULL == 0)) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(#NULL == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || \old(methAndRunningLastTime) == methAndRunningLastTime) || !(head == 0)) || !(cleanupTimeShifts == 4))) && (((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel) || !(0 == systemActive)) [2022-11-16 16:21:53,325 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel) || !(0 == systemActive)) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || (waterLevel <= 1 && 1 <= waterLevel)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (waterLevel <= 1 && 1 <= waterLevel)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || (((waterLevel <= \old(waterLevel) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical) && pumpRunning == 1)) || !(methaneLevelCritical == 1)) || !(2 <= \old(waterLevel)))) && (((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || (((((pumpRunning == 0 && methAndRunningLastTime == 0) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && !(0 == systemActive)) && tmp == methaneLevelCritical))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || waterLevel <= 1) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || waterLevel <= 1) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && (((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && methAndRunningLastTime == 0) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || (((((((pumpRunning == 0 && methAndRunningLastTime == 0) && tmp == 1) && 1 == systemActive) && waterLevel <= \old(waterLevel)) && !(0 == systemActive)) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(2 <= \old(waterLevel)))) && (((((((((((!(#NULL == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || (if waterLevel == 0 then 1 else 0) == 0) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(#NULL == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(head == 0)) || !(cleanupTimeShifts == 4)) || !(2 <= \old(waterLevel)))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (((((((pumpRunning == 0 && methAndRunningLastTime == 0) && tmp == 1) && 1 == systemActive) && waterLevel <= \old(waterLevel)) && !(0 == systemActive)) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && methAndRunningLastTime == 0) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || (((((methAndRunningLastTime == 0 && 2 <= waterLevel) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical) && pumpRunning == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || ((((((pumpRunning == 0 && methAndRunningLastTime == 0) && waterLevel <= 1) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && !(0 == systemActive)) && tmp == methaneLevelCritical)) [2022-11-16 16:21:53,326 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: (((((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(2 <= \old(waterLevel))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(2 <= \old(waterLevel)))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && (((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) [2022-11-16 16:21:53,329 WARN L220 nessWitnessGenerator]: Not writing invariant because ACSL is forbidden: ((((((((((((((((retValue_acc == \result && (((retValue_acc == \result && !(waterLevel < 2)) && retValue_acc == 0) || ((retValue_acc == \result && retValue_acc == 1) && waterLevel < 2))) && tmp == \result) && \result == tmp) && ((tmp == 0 && tmp___0 == 1) || (tmp___0 == 0 && !(tmp == 0)))) || !(\old(pumpRunning) == 0)) || !(#NULL == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(#NULL == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(methAndRunningLastTime == 0)) || !(head == 0)) || !(cleanupTimeShifts == 4)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(methAndRunningLastTime == 0))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && ((waterLevel < 2 && tmp == 0) || (!(waterLevel < 2) && tmp == 1)))) || !(methaneLevelCritical == 1)) || !(methAndRunningLastTime == 0))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || (waterLevel < 2 && tmp == 0)) || !(methAndRunningLastTime == 0)) || (!(waterLevel < 2) && tmp == 1)) [2022-11-16 16:21:53,371 INFO L141 WitnessManager]: Wrote witness to /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/witness.graphml [2022-11-16 16:21:53,372 INFO L132 PluginConnector]: ------------------------ END Witness Printer---------------------------- [2022-11-16 16:21:53,373 INFO L158 Benchmark]: Toolchain (without parser) took 303009.67ms. Allocated memory was 111.1MB in the beginning and 901.8MB in the end (delta: 790.6MB). Free memory was 68.8MB in the beginning and 557.8MB in the end (delta: -489.0MB). Peak memory consumption was 299.8MB. Max. memory is 16.1GB. [2022-11-16 16:21:53,373 INFO L158 Benchmark]: CDTParser took 0.26ms. Allocated memory is still 111.1MB. Free memory was 86.6MB in the beginning and 86.5MB in the end (delta: 92.4kB). There was no memory consumed. Max. memory is 16.1GB. [2022-11-16 16:21:53,375 INFO L158 Benchmark]: CACSL2BoogieTranslator took 529.32ms. Allocated memory is still 111.1MB. Free memory was 68.5MB in the beginning and 76.0MB in the end (delta: -7.4MB). Peak memory consumption was 6.4MB. Max. memory is 16.1GB. [2022-11-16 16:21:53,376 INFO L158 Benchmark]: Boogie Procedure Inliner took 69.75ms. Allocated memory is still 111.1MB. Free memory was 76.0MB in the beginning and 73.5MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-16 16:21:53,376 INFO L158 Benchmark]: Boogie Preprocessor took 28.42ms. Allocated memory is still 111.1MB. Free memory was 73.5MB in the beginning and 71.8MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. [2022-11-16 16:21:53,376 INFO L158 Benchmark]: RCFGBuilder took 810.59ms. Allocated memory was 111.1MB in the beginning and 140.5MB in the end (delta: 29.4MB). Free memory was 71.8MB in the beginning and 113.6MB in the end (delta: -41.8MB). Peak memory consumption was 39.4MB. Max. memory is 16.1GB. [2022-11-16 16:21:53,377 INFO L158 Benchmark]: TraceAbstraction took 301448.45ms. Allocated memory was 140.5MB in the beginning and 901.8MB in the end (delta: 761.3MB). Free memory was 113.6MB in the beginning and 564.1MB in the end (delta: -450.5MB). Peak memory consumption was 568.5MB. Max. memory is 16.1GB. [2022-11-16 16:21:53,377 INFO L158 Benchmark]: Witness Printer took 112.57ms. Allocated memory is still 901.8MB. Free memory was 564.1MB in the beginning and 557.8MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. [2022-11-16 16:21:53,382 INFO L339 ainManager$Toolchain]: ####################### End [Toolchain 1] ####################### --- Results --- * Results from de.uni_freiburg.informatik.ultimate.core: - StatisticsResult: Toolchain Benchmarks Benchmark results are: * CDTParser took 0.26ms. Allocated memory is still 111.1MB. Free memory was 86.6MB in the beginning and 86.5MB in the end (delta: 92.4kB). There was no memory consumed. Max. memory is 16.1GB. * CACSL2BoogieTranslator took 529.32ms. Allocated memory is still 111.1MB. Free memory was 68.5MB in the beginning and 76.0MB in the end (delta: -7.4MB). Peak memory consumption was 6.4MB. Max. memory is 16.1GB. * Boogie Procedure Inliner took 69.75ms. Allocated memory is still 111.1MB. Free memory was 76.0MB in the beginning and 73.5MB in the end (delta: 2.5MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * Boogie Preprocessor took 28.42ms. Allocated memory is still 111.1MB. Free memory was 73.5MB in the beginning and 71.8MB in the end (delta: 1.7MB). Peak memory consumption was 2.1MB. Max. memory is 16.1GB. * RCFGBuilder took 810.59ms. Allocated memory was 111.1MB in the beginning and 140.5MB in the end (delta: 29.4MB). Free memory was 71.8MB in the beginning and 113.6MB in the end (delta: -41.8MB). Peak memory consumption was 39.4MB. Max. memory is 16.1GB. * TraceAbstraction took 301448.45ms. Allocated memory was 140.5MB in the beginning and 901.8MB in the end (delta: 761.3MB). Free memory was 113.6MB in the beginning and 564.1MB in the end (delta: -450.5MB). Peak memory consumption was 568.5MB. Max. memory is 16.1GB. * Witness Printer took 112.57ms. Allocated memory is still 901.8MB. Free memory was 564.1MB in the beginning and 557.8MB in the end (delta: 6.3MB). Peak memory consumption was 6.3MB. Max. memory is 16.1GB. * Results from de.uni_freiburg.informatik.ultimate.plugins.generator.traceabstraction: - StatisticsResult: ErrorAutomatonStatistics NumberErrorTraces: 0, NumberStatementsAllTraces: 0, NumberRelevantStatements: 0, 0.0s ErrorAutomatonConstructionTimeTotal, 0.0s FaulLocalizationTime, NumberStatementsFirstTrace: -1, TraceLengthAvg: 0, 0.0s ErrorAutomatonConstructionTimeAvg, 0.0s ErrorAutomatonDifferenceTimeAvg, 0.0s ErrorAutomatonDifferenceTimeTotal, NumberOfNoEnhancement: 0, NumberOfFiniteEnhancement: 0, NumberOfInfiniteEnhancement: 0 - PositiveResult [Line: 1005]: call to reach_error is unreachable For all program executions holds that call to reach_error is unreachable at this location - StatisticsResult: Ultimate Automizer benchmark data CFG has 9 procedures, 64 locations, 1 error locations. Started 1 CEGAR loops. OverallTime: 301.3s, OverallIterations: 13, TraceHistogramMax: 4, PathProgramHistogramMax: 2, EmptinessCheckTime: 0.1s, AutomataDifference: 68.4s, DeadEndRemovalTime: 0.0s, HoareAnnotationTime: 100.9s, InitialAbstractionConstructionTime: 0.0s, HoareTripleCheckerStatistics: 0 mSolverCounterUnknown, 3299 SdHoareTripleChecker+Valid, 10.9s IncrementalHoareTripleChecker+Time, 0 mSdLazyCounter, 3261 mSDsluCounter, 4587 SdHoareTripleChecker+Invalid, 9.6s Time, 0 mProtectedAction, 0 SdHoareTripleChecker+Unchecked, 0 IncrementalHoareTripleChecker+Unchecked, 3611 mSDsCounter, 1635 IncrementalHoareTripleChecker+Valid, 0 mProtectedPredicate, 7787 IncrementalHoareTripleChecker+Invalid, 9422 SdHoareTripleChecker+Unknown, 0 mSolverCounterNotChecked, 1635 mSolverCounterUnsat, 976 mSDtfsCounter, 7787 mSolverCounterSat, 0.2s SdHoareTripleChecker+Time, 0 IncrementalHoareTripleChecker+Unknown, PredicateUnifierStatistics: 0 DeclaredPredicates, 1558 GetRequests, 1109 SyntacticMatches, 37 SemanticMatches, 412 ConstructedPredicates, 0 IntricatePredicates, 0 DeprecatedPredicates, 12343 ImplicationChecksByTransitivity, 139.3s Time, 0.0s BasicInterpolantAutomatonTime, BiggestAbstraction: size=1692occurred in iteration=12, InterpolantAutomatonStates: 217, traceCheckStatistics: No data available, InterpolantConsolidationStatistics: No data available, PathInvariantsStatistics: No data available, 0/0 InterpolantCoveringCapability, TotalInterpolationStatistics: No data available, 0.0s DumpTime, AutomataMinimizationStatistics: 1.5s AutomataMinimizationTime, 13 MinimizatonAttempts, 661 StatesRemovedByMinimization, 9 NontrivialMinimizations, HoareAnnotationStatistics: 0.0s HoareAnnotationTime, 37 LocationsWithAnnotation, 2977 PreInvPairs, 3626 NumberOfFragments, 5246 HoareAnnotationTreeSize, 2977 FomulaSimplifications, 36758 FormulaSimplificationTreeSizeReduction, 47.6s HoareSimplificationTime, 37 FomulaSimplificationsInter, 1309435 FormulaSimplificationTreeSizeReductionInter, 52.9s HoareSimplificationTimeInter, RefinementEngineStatistics: TRACE_CHECK: 0.2s SsaConstructionTime, 0.7s SatisfiabilityAnalysisTime, 8.9s InterpolantComputationTime, 1351 NumberOfCodeBlocks, 1298 NumberOfCodeBlocksAsserted, 21 NumberOfCheckSat, 1685 ConstructedInterpolants, 0 QuantifiedInterpolants, 5642 SizeOfPredicates, 70 NumberOfNonLiveVariables, 3408 ConjunctsInSsa, 186 ConjunctsInUnsatCore, 24 InterpolantComputations, 9 PerfectInterpolantSequences, 1063/1318 InterpolantCoveringCapability, INVARIANT_SYNTHESIS: No data available, INTERPOLANT_CONSOLIDATION: No data available, ABSTRACT_INTERPRETATION: No data available, PDR: No data available, ACCELERATED_INTERPOLATION: No data available, SIFA: OVERALL_TIME: 21.3s, ICFG_INTERPRETER_ENTERED_PROCEDURES: 12, DAG_INTERPRETER_EARLY_EXIT_QUERIES_NONTRIVIAL: 106, DAG_INTERPRETER_EARLY_EXITS: 6, TOOLS_POST_APPLICATIONS: 133, TOOLS_POST_TIME: 7.2s, TOOLS_POST_CALL_APPLICATIONS: 67, TOOLS_POST_CALL_TIME: 9.3s, TOOLS_POST_RETURN_APPLICATIONS: 56, TOOLS_POST_RETURN_TIME: 2.9s, TOOLS_QUANTIFIERELIM_APPLICATIONS: 254, TOOLS_QUANTIFIERELIM_TIME: 19.3s, TOOLS_QUANTIFIERELIM_MAX_TIME: 1.2s, FLUID_QUERY_TIME: 0.0s, FLUID_QUERIES: 316, FLUID_YES_ANSWERS: 0, DOMAIN_JOIN_APPLICATIONS: 60, DOMAIN_JOIN_TIME: 1.4s, DOMAIN_ALPHA_APPLICATIONS: 0, DOMAIN_ALPHA_TIME: 0.0s, DOMAIN_WIDEN_APPLICATIONS: 2, DOMAIN_WIDEN_TIME: 0.1s, DOMAIN_ISSUBSETEQ_APPLICATIONS: 4, DOMAIN_ISSUBSETEQ_TIME: 0.0s, DOMAIN_ISBOTTOM_APPLICATIONS: 106, DOMAIN_ISBOTTOM_TIME: 0.3s, LOOP_SUMMARIZER_APPLICATIONS: 2, LOOP_SUMMARIZER_CACHE_MISSES: 2, LOOP_SUMMARIZER_OVERALL_TIME: 11.0s, LOOP_SUMMARIZER_NEW_COMPUTATION_TIME: 11.0s, LOOP_SUMMARIZER_FIXPOINT_ITERATIONS: 4, CALL_SUMMARIZER_APPLICATIONS: 56, CALL_SUMMARIZER_CACHE_MISSES: 11, CALL_SUMMARIZER_OVERALL_TIME: 0.2s, CALL_SUMMARIZER_NEW_COMPUTATION_TIME: 0.2s, PROCEDURE_GRAPH_BUILDER_TIME: 0.0s, PATH_EXPR_TIME: 0.0s, REGEX_TO_DAG_TIME: 0.0s, DAG_COMPRESSION_TIME: 0.0s, DAG_COMPRESSION_PROCESSED_NODES: 1492, DAG_COMPRESSION_RETAINED_NODES: 273, ReuseStatistics: No data available - AllSpecificationsHoldResult: All specifications hold 1 specifications checked. All of them hold - InvariantResult [Line: -1]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 56]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 200]: Loop Invariant Derived loop invariant: ((((((((((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || ((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && methAndRunningLastTime == 0) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) && (((((((((((!(#NULL == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(#NULL == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || \old(methAndRunningLastTime) == methAndRunningLastTime) || !(head == 0)) || !(cleanupTimeShifts == 4)) || !(2 <= \old(waterLevel)))) && (((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || ((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && methAndRunningLastTime == 0) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel)))) && (((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || pumpRunning == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && ((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || ((((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && 1 == systemActive) && \old(waterLevel) <= waterLevel + 1) && pumpRunning == 1) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(2 <= \old(waterLevel)))) && (((((!(\old(methAndRunningLastTime) == 0) || methAndRunningLastTime == 0) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(2 <= \old(waterLevel)))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || ((((((waterLevel + 1 <= \old(waterLevel) || (!(0 < waterLevel) && waterLevel <= \old(waterLevel))) || (pumpRunning == 0 && waterLevel <= \old(waterLevel))) && 1 == systemActive) && \old(waterLevel) <= waterLevel + 1) && pumpRunning == 1) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(2 <= \old(waterLevel))) - InvariantResult [Line: 466]: Loop Invariant Derived loop invariant: ((((((((((((((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel) || !(0 == systemActive)) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || (waterLevel <= 1 && 1 <= waterLevel)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (waterLevel <= 1 && 1 <= waterLevel)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || (((waterLevel <= \old(waterLevel) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical) && pumpRunning == 1)) || !(methaneLevelCritical == 1)) || !(2 <= \old(waterLevel)))) && (((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || (((((pumpRunning == 0 && methAndRunningLastTime == 0) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && !(0 == systemActive)) && tmp == methaneLevelCritical))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || waterLevel <= 1) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || waterLevel <= 1) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && (((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && methAndRunningLastTime == 0) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || (((((((pumpRunning == 0 && methAndRunningLastTime == 0) && tmp == 1) && 1 == systemActive) && waterLevel <= \old(waterLevel)) && !(0 == systemActive)) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(2 <= \old(waterLevel)))) && (((((((((((!(#NULL == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || (if waterLevel == 0 then 1 else 0) == 0) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(#NULL == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(head == 0)) || !(cleanupTimeShifts == 4)) || !(2 <= \old(waterLevel)))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (((((((pumpRunning == 0 && methAndRunningLastTime == 0) && tmp == 1) && 1 == systemActive) && waterLevel <= \old(waterLevel)) && !(0 == systemActive)) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(2 <= \old(waterLevel)))) && (((!(\old(pumpRunning) == 0) || (((pumpRunning == 0 && methAndRunningLastTime == 0) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel) || !(0 == systemActive))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || (((((methAndRunningLastTime == 0 && 2 <= waterLevel) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical) && pumpRunning == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || ((((((pumpRunning == 0 && methAndRunningLastTime == 0) && waterLevel <= 1) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && !(0 == systemActive)) && tmp == methaneLevelCritical)) - InvariantResult [Line: 138]: Loop Invariant Derived loop invariant: (((((((((!(\old(pumpRunning) == 0) || (((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && \old(waterLevel) == waterLevel) && 0 == systemActive)) || !(methaneLevelCritical == 0)) || !(0 == systemActive)) && (((((!(\old(methAndRunningLastTime) == 0) || !(1 == systemActive)) || !(\old(pumpRunning) == 1)) || ((methAndRunningLastTime == 0 && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(methaneLevelCritical == 1)) || !(2 <= \old(waterLevel)))) && ((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (((pumpRunning == \old(pumpRunning) && 1 == systemActive) && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(2 <= \old(waterLevel)))) && (((((((((((!(#NULL == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || ((methAndRunningLastTime == 0 && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(#NULL == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(head == 0)) || !(cleanupTimeShifts == 4)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && \old(waterLevel) == waterLevel)) || !(methaneLevelCritical == 1))) && (((!(\old(pumpRunning) == 0) || (((pumpRunning == \old(pumpRunning) && pumpRunning == 0) && \old(waterLevel) == waterLevel) && 0 == systemActive)) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && ((((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || (((pumpRunning == \old(pumpRunning) && 1 == systemActive) && \old(waterLevel) == waterLevel) && pumpRunning == 1)) || !(methaneLevelCritical == 1)) || !(2 <= \old(waterLevel)))) && ((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || ((pumpRunning == 0 && methAndRunningLastTime == 0) && \old(waterLevel) == waterLevel)) || !(methaneLevelCritical == 0)) - InvariantResult [Line: 196]: Loop Invariant Derived loop invariant: ((((((((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(0 == systemActive)) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || (waterLevel <= 1 && 1 <= waterLevel)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (waterLevel <= 1 && 1 <= waterLevel)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && ((((((((pumpRunning == 0 && waterLevel <= 1) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) || !(\old(pumpRunning) == 0)) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || ((((methAndRunningLastTime == 0 && 2 <= waterLevel) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && pumpRunning == 1)) || !(methaneLevelCritical == 1))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(pumpRunning) == 1)) || ((((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && waterLevel <= \old(waterLevel)) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(methaneLevelCritical == 1)) || !(2 <= \old(waterLevel)))) && (((((((((((!(#NULL == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(#NULL == 0)) || ((methAndRunningLastTime <= 0 && (if waterLevel == 0 then 1 else 0) == 0) && 0 <= methAndRunningLastTime)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(head == 0)) || !(cleanupTimeShifts == 4)) || !(2 <= \old(waterLevel)))) && ((((((((((!(\old(pumpRunning) == 0) || !(#NULL == 0)) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(#NULL == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || \old(methAndRunningLastTime) == methAndRunningLastTime) || !(head == 0)) || !(cleanupTimeShifts == 4))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || ((((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && waterLevel <= \old(waterLevel)) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(2 <= \old(waterLevel)))) && ((((((((pumpRunning == 0 && waterLevel <= 1) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) || !(\old(pumpRunning) == 0)) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || ((((methAndRunningLastTime == 0 && 2 <= waterLevel) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && pumpRunning == 1)) || !(methaneLevelCritical == 0)) - InvariantResult [Line: 474]: Loop Invariant Derived loop invariant: ((((((((((((((((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || (((((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && waterLevel <= \old(waterLevel)) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(2 <= \old(waterLevel))) && (((((((((pumpRunning == 0 && waterLevel <= 1) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical) || !(\old(pumpRunning) == 0)) || !(\old(methAndRunningLastTime) == 0)) || (((((methAndRunningLastTime == 0 && 2 <= waterLevel) && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical) && pumpRunning == 1)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && ((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel) || !(0 == systemActive))) && (((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || (((pumpRunning == 0 && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical)) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1))) && (((((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || ((((methAndRunningLastTime == 0 && waterLevel <= \old(waterLevel)) && \old(waterLevel) <= waterLevel) && tmp == methaneLevelCritical) && pumpRunning == 1)) || !(2 <= \old(waterLevel)))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || (waterLevel <= 1 && 1 <= waterLevel)) || !(\old(pumpRunning) == 1)) || !(\old(waterLevel) == 2))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || (waterLevel <= 1 && 1 <= waterLevel)) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2))) && (((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && (((((!(1 == systemActive) || !(1 <= \old(pumpRunning))) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || (((((pumpRunning == 0 && tmp == 1) && 1 == systemActive) && waterLevel <= \old(waterLevel)) && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(2 <= \old(waterLevel)))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || waterLevel <= 1) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && ((((!(\old(waterLevel) <= 1) || !(\old(pumpRunning) == 0)) || waterLevel <= 1) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && (((((((((((!(#NULL == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(#NULL == 0)) || ((methAndRunningLastTime <= 0 && (if waterLevel == 0 then 1 else 0) == 0) && 0 <= methAndRunningLastTime)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(head == 0)) || !(cleanupTimeShifts == 4)) || !(2 <= \old(waterLevel)))) && ((((((((((!(\old(pumpRunning) == 0) || !(#NULL == 0)) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(#NULL == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || \old(methAndRunningLastTime) == methAndRunningLastTime) || !(head == 0)) || !(cleanupTimeShifts == 4))) && (((!(\old(pumpRunning) == 0) || ((pumpRunning == 0 && tmp == methaneLevelCritical) && (!(\old(pumpRunning) == 0) || \old(waterLevel) <= waterLevel))) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && ((((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(\old(waterLevel) == 2)) || \old(waterLevel) == waterLevel) || !(0 == systemActive)) - InvariantResult [Line: 366]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 442]: Loop Invariant Derived loop invariant: ((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((((unknown-#memory_int-unknown[14][3] == 84 && unknown-#memory_int-unknown[6][2] == 102) && unknown-#memory_int-unknown[11][1] == 0) && 1 == \valid[5]) && 32 == unknown-#memory_int-unknown[10][1]) && unknown-#length-unknown[3] == 12) && unknown-#memory_int-unknown[9][0] == 79) && \valid[15] == 1) && 112 == unknown-#memory_int-unknown[7][4]) && unknown-#memory_int-unknown[6][0] == 79) && 3 == unknown-#length-unknown[10]) && pumpRunning == 0) && \valid[26] == 1) && unknown-#memory_int-unknown[7][1] == 80) && 58 == unknown-#memory_int-unknown[13][5]) && unknown-#length-unknown[8] == 3) && methAndRunningLastTime == 0) && unknown-#length-unknown[6] == 4) && \valid[9] == 1) && unknown-#length-unknown[4] == 13) && 117 == unknown-#memory_int-unknown[7][2]) && unknown-#memory_int-unknown[5][2] == 0) && 7 == unknown-#length-unknown[7]) && 7 == unknown-#length-unknown[13]) && 110 == unknown-#memory_int-unknown[8][1]) && unknown-#memory_int-unknown[6][1] == 102) && \valid[11] == 1) && \valid[27] == 1) && methaneLevelCritical == 0) && 58 == unknown-#memory_int-unknown[7][5]) && unknown-#memory_int-unknown[8][0] == 79) && 30 == unknown-#length-unknown[23]) && 41 == unknown-#memory_int-unknown[16][0]) && 44 == unknown-#memory_int-unknown[7][0]) && unknown-#length-unknown[24] == 9) && retValue_acc == \result) && 31 == unknown-#length-unknown[2]) && head == 0) && 44 == unknown-#memory_int-unknown[13][0]) && unknown-#memory_int-unknown[11][0] == 10) && unknown-#memory_int-unknown[14][4] == 0) && 2 == unknown-#length-unknown[1]) && unknown-#length-unknown[17] == 30) && 73 == unknown-#memory_int-unknown[14][2]) && 9 == unknown-#length-unknown[18]) && unknown-#length-unknown[19] == 21) && \valid[3] == 1) && \valid[7] == 1) && unknown-#length-unknown[22] == 21) && \valid[18] == 1) && \valid[22] == 1) && 3 == unknown-#length-unknown[5]) && 30 == unknown-#length-unknown[26]) && 77 == unknown-#memory_int-unknown[13][1]) && 2 == unknown-#length-unknown[11]) && 1 == systemActive) && unknown-#length-unknown[15] == 3) && \valid[24] == 1) && unknown-#memory_int-unknown[9][3] == 0) && \valid[12] == 1) && \valid[28] == 1) && unknown-#memory_int-unknown[14][1] == 82) && \valid[4] == 1) && unknown-#memory_int-unknown[9][1] == 102) && unknown-#memory_int-unknown[8][2] == 0) && unknown-#memory_int-unknown[16][1] == 0) && 101 == unknown-#memory_int-unknown[13][2]) && 25 == unknown-#length-unknown[25]) && \valid[1] == 1) && unknown-#memory_int-unknown[7][6] == 0) && unknown-#memory_int-unknown[9][2] == 102) && \valid[20] == 1) && unknown-#memory_int-unknown[5][0] == 79) && unknown-#length-unknown[12] == 13) && 2 == unknown-#length-unknown[16]) && \valid[21] == 1) && unknown-#length-unknown[9] == 4) && 104 == unknown-#memory_int-unknown[13][4]) && unknown-#length-unknown[21] == 9) && \valid[14] == 1) && tmp == 1) && 116 == unknown-#memory_int-unknown[13][3]) && 5 == unknown-#length-unknown[14]) && \valid[0] == 0) && 30 == unknown-#length-unknown[20]) && \valid[25] == 1) && head == 0) && \valid[2] == 1) && #NULL == 0) && unknown-#memory_int-unknown[14][0] == 67) && waterLevel == 1) && unknown-#memory_int-unknown[10][2] == 0) && unknown-#length-unknown[27] == 9) && unknown-#memory_int-unknown[1][0] == 48) && \result == tmp) && \valid[23] == 1) && \valid[19] == 1) && unknown-#memory_int-unknown[15][1] == 75) && 109 == unknown-#memory_int-unknown[7][3]) && unknown-#memory_int-unknown[6][3] == 0) && 0 == unknown-#memory_int-unknown[13][6]) && \valid[16] == 1) && unknown-#memory_int-unknown[15][2] == 0) && \valid[6] == 1) && unknown-#memory_int-unknown[1][1] == 0) && unknown-#memory_int-unknown[15][0] == 79) && unknown-#memory_int-unknown[10][0] == 41) && \valid[17] == 1) && \valid[10] == 1) && unknown-#memory_int-unknown[5][1] == 110) && \valid[8] == 1) && unknown-#length-unknown[28] == 25) && \valid[13] == 1) && 0 < unknown-#StackHeapBarrier-unknown) && cleanupTimeShifts == 4) && #NULL == 0 - InvariantResult [Line: 96]: Loop Invariant Derived loop invariant: (((((((((pumpRunning == 0 && methAndRunningLastTime == 0) && 1 == systemActive) && methaneLevelCritical == 1) && splverifierCounter == 0) && tmp == 1) || (((((pumpRunning == 0 && methAndRunningLastTime == 0) && methaneLevelCritical == 0) && splverifierCounter == 0) && tmp == 1) && 0 == systemActive)) || (((((pumpRunning == 0 && methAndRunningLastTime == 0) && methaneLevelCritical == 1) && splverifierCounter == 0) && tmp == 1) && 0 == systemActive)) || (((((pumpRunning == 0 && methAndRunningLastTime == 0) && methaneLevelCritical == 0) && 1 == systemActive) && splverifierCounter == 0) && tmp == 1)) || (((((2 <= waterLevel && 1 == systemActive) && methaneLevelCritical == 1) && splverifierCounter == 0) && tmp == 1) && pumpRunning == 1)) || (((((methaneLevelCritical == 0 && 2 <= waterLevel) && 1 == systemActive) && splverifierCounter == 0) && tmp == 1) && pumpRunning == 1) - InvariantResult [Line: 335]: Loop Invariant Derived loop invariant: (((1 == systemActive && ((((pumpRunning == 0 && splverifierCounter == 0) && tmp == 1) && !(0 == systemActive)) || (((pumpRunning == 0 && methAndRunningLastTime == 0) && splverifierCounter == 0) && tmp == 1))) || (((((pumpRunning == 0 && splverifierCounter == 0) && tmp == 1) && !(0 == systemActive)) || (((pumpRunning == 0 && methAndRunningLastTime == 0) && splverifierCounter == 0) && tmp == 1)) && (1 < waterLevel || 0 == systemActive))) && methaneLevelCritical == 1) || (methaneLevelCritical == 0 && ((1 == systemActive && ((((pumpRunning == 0 && splverifierCounter == 0) && tmp == 1) && !(0 == systemActive)) || (((pumpRunning == 0 && methAndRunningLastTime == 0) && splverifierCounter == 0) && tmp == 1))) || (((((pumpRunning == 0 && splverifierCounter == 0) && tmp == 1) && !(0 == systemActive)) || (((pumpRunning == 0 && methAndRunningLastTime == 0) && splverifierCounter == 0) && tmp == 1)) && (1 < waterLevel || 0 == systemActive)))) - InvariantResult [Line: 178]: Loop Invariant Derived loop invariant: ((((((((((((((((retValue_acc == \result && (((retValue_acc == \result && !(waterLevel < 2)) && retValue_acc == 0) || ((retValue_acc == \result && retValue_acc == 1) && waterLevel < 2))) && tmp == \result) && \result == tmp) && ((tmp == 0 && tmp___0 == 1) || (tmp___0 == 0 && !(tmp == 0)))) || !(\old(pumpRunning) == 0)) || !(#NULL == 0)) || !(1 == systemActive)) || !(head == 0)) || !(methaneLevelCritical == 0)) || !(#NULL == 0)) || !(0 <= unknown-#StackHeapBarrier-unknown)) || !(methAndRunningLastTime == 0)) || !(head == 0)) || !(cleanupTimeShifts == 4)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(methAndRunningLastTime == 0))) && ((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || (pumpRunning == 0 && ((waterLevel < 2 && tmp == 0) || (!(waterLevel < 2) && tmp == 1)))) || !(methaneLevelCritical == 1)) || !(methAndRunningLastTime == 0))) && (((((!(\old(pumpRunning) == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || (waterLevel < 2 && tmp == 0)) || !(methAndRunningLastTime == 0)) || (!(waterLevel < 2) && tmp == 1)) - InvariantResult [Line: 174]: Loop Invariant Derived loop invariant: ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) || !(methAndRunningLastTime == 0)) && ((((!(\old(pumpRunning) == 0) || pumpRunning == 0) || !(1 == systemActive)) || !(methaneLevelCritical == 0)) || !(methAndRunningLastTime == 0)) - InvariantResult [Line: 1005]: Loop Invariant Derived loop invariant: (((((((!(1 == systemActive) || !(methaneLevelCritical == 0)) || !(\old(pumpRunning) == 1)) || !(2 <= \old(waterLevel))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 1)) || !(0 == systemActive))) && (((!(1 == systemActive) || !(\old(pumpRunning) == 1)) || !(methaneLevelCritical == 1)) || !(2 <= \old(waterLevel)))) && ((!(\old(pumpRunning) == 0) || !(methaneLevelCritical == 0)) || !(0 == systemActive))) && (((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 0))) && (((!(\old(pumpRunning) == 0) || !(\old(methAndRunningLastTime) == 0)) || !(1 == systemActive)) || !(methaneLevelCritical == 1)) - InvariantResult [Line: 66]: Loop Invariant Derived loop invariant: ((((((((((pumpRunning == 0 && methAndRunningLastTime == 0) && 1 == systemActive) && methaneLevelCritical == 1) && splverifierCounter == 0) && tmp == 1) || (((((pumpRunning == 0 && methAndRunningLastTime == 0) && methaneLevelCritical == 0) && splverifierCounter == 0) && tmp == 1) && 0 == systemActive)) || ((((((methAndRunningLastTime == 0 && methaneLevelCritical == 0) && 2 <= waterLevel) && 1 == systemActive) && splverifierCounter == 0) && tmp == 1) && pumpRunning == 1)) || (((((pumpRunning == 0 && methAndRunningLastTime == 0) && methaneLevelCritical == 1) && splverifierCounter == 0) && tmp == 1) && 0 == systemActive)) || (((((pumpRunning == 0 && methAndRunningLastTime == 0) && methaneLevelCritical == 0) && 1 == systemActive) && splverifierCounter == 0) && tmp == 1)) || (((((2 == waterLevel && methaneLevelCritical == 0) && 1 == systemActive) && splverifierCounter == 0) && tmp == 1) && pumpRunning == 1)) || (((((2 <= waterLevel && 1 == systemActive) && methaneLevelCritical == 1) && splverifierCounter == 0) && tmp == 1) && pumpRunning == 1) - InvariantResult [Line: 65]: Loop Invariant Derived loop invariant: 0 - InvariantResult [Line: 356]: Loop Invariant Derived loop invariant: 1 - InvariantResult [Line: 442]: Loop Invariant Derived loop invariant: 1 RESULT: Ultimate proved your program to be correct! [2022-11-16 16:21:53,432 INFO L540 MonitoredProcess]: [MP /tmp/vcloud_worker_vcloud-master_on_vcloud-master/run_dir_a17bcf15-ef02-4967-ab14-db5ec5a04290/bin/utaipan-Xvt2sAort0/z3 SMTLIB2_COMPLIANT=true -memory:2024 -smt2 -in -t:2000 (1)] Forceful destruction successful, exit code 0 Received shutdown request... --- End real Ultimate output --- Execution finished normally Writing output log to file Ultimate.log Result: TRUE